Report - allwellinst.com/

Report Overview

Submitted URL
allwellinst.com/
IP
142.4.9.224
ASN
#46606 UNIFIEDLAYER-AS-1
Submitted
2022-10-23 07:37:15
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
44

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
allwellinst.com	unknown	2019-05-31T17:08:34Z	2023-01-08T09:38:05Z	335 B	481 B	142.4.9.224
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-09T05:09:05Z	2.0 kB	5.3 kB	23.36.76.226
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-09T05:09:49Z	401 B	5.8 kB	34.160.144.191
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-09T05:09:50Z	2.0 kB	4.2 kB	142.250.74.35
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-09T10:04:36Z	3.2 kB	54 kB	34.120.237.76
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-09T05:09:18Z	758 B	2.8 kB	143.204.55.35
www.allwellinst.com	unknown	2019-05-31T17:08:36Z	2022-12-13T09:38:27Z	18 kB	3.6 MB	142.4.9.224
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-09T11:52:10Z	329 B	796 B	93.184.220.29
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-09T05:09:13Z	594 B	127 B	34.215.91.121
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-09T10:01:47Z	2.9 kB	122 kB	216.58.207.195
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-09T12:17:45Z	805 B	3.7 kB	142.250.74.10
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-09T05:09:48Z	321 B	229 B	34.117.237.239

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-10-23	medium	allwellinst.com/	Phishing
2022-10-23	medium	www.allwellinst.com/	Phishing
2022-10-23	medium	www.allwellinst.com/ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js	Phishing
2022-10-23	medium	www.allwellinst.com/js/jssor.slider-21.1.5.mini.js	Phishing
2022-10-23	medium	www.allwellinst.com/js/jquery-1.11.3.min.js	Phishing
2022-10-23	medium	www.allwellinst.com/js/bootstrap.min.js	Phishing
2022-10-23	medium	www.allwellinst.com/js/animations.min.js	Phishing
2022-10-23	medium	www.allwellinst.com/js/jquery.plugin.js	Phishing
2022-10-23	medium	www.allwellinst.com/js/jquery.countdown.js	Phishing
2022-10-23	medium	www.allwellinst.com/js/bootstrap-dropdownhover.min.js	Phishing
2022-10-23	medium	www.allwellinst.com/assets1/js/jquery-1.9.1.min.js	Phishing
2022-10-23	medium	www.allwellinst.com/js/timber.master.min.js	Phishing
2022-10-23	medium	www.allwellinst.com/assets1/js/bootstrap-collapse.js	Phishing
2022-10-23	medium	www.allwellinst.com/assets1/js/bootstrap-tab.js	Phishing
2022-10-23	medium	www.allwellinst.com/assets1/js/bootstrap-transition.js	Phishing
2022-10-23	medium	www.allwellinst.com/owl-carousel/owl.carousel.js	Phishing
2022-10-23	medium	www.allwellinst.com/assets1/js/google-code-prettify/prettify.js	Phishing
2022-10-23	medium	www.allwellinst.com/assets1/js/application.js	Phishing
2022-10-23	medium	www.allwellinst.com/js/jquery.main.js	Phishing
2022-10-23	medium	www.allwellinst.com/ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js	Phishing
2022-10-23	medium	www.allwellinst.com/fonts/icomoon.woff	Phishing
2022-10-23	medium	www.allwellinst.com/fonts/fontawesome-webfont.woff2?v=4.7.0	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (21)

	URL	Size	First Seen	Last Seen
	www.allwellinst.com/js/animations.min.js	2.4 kB	2023-03-07	2024-01-23
Pretty URL www.allwellinst.com/js/animations.min.js IP 142.4.9.224 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:06 Last Seen2024-01-23 04:07:14 Times Seen9 Hash c9cd375b0ca0a23c90043125c8f8ca48 d2599a0bb056cbc5dfe583fd5e3c8bffe2164507 8c6825644ce1d0161f0962222b520b4a0db6afa274e87a092211731bbc25adcd Loading...

	www.allwellinst.com/js/jquery.countdown.js	37 kB	2023-03-07	2024-01-19
Pretty URL www.allwellinst.com/js/jquery.countdown.js IP 142.4.9.224 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:06 Last Seen2024-01-19 07:52:23 Times Seen35 Hash 2d012bb507a1ccba5ff14c138b4049ae ffc3853c114f3714066b915de4b27f39478a3bd8 776b4b95c68119270b735dd8b8af221a66eae375e17c9770a754afe3cdd8e6ff Loading...

	www.allwellinst.com/assets1/js/jquery-1.9.1.min.js	93 kB	2023-03-07	2024-04-25
Pretty URL www.allwellinst.com/assets1/js/jquery-1.9.1.min.js IP 142.4.9.224 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-25 10:21:47 Times Seen23340 Hash 397754ba49e9e0cf4e7c190da78dda05 ae49e56999d82802727455f0ba83b63acd90a22b c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4 Loading...

	www.allwellinst.com/js/jquery.main.js	125 kB	2023-03-07	2023-05-26
Pretty URL www.allwellinst.com/js/jquery.main.js IP 142.4.9.224 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:06 Last Seen2023-05-26 09:42:19 Times Seen5 Hash 83eac1db692877259f896b6ebcba5d2d cc9c4f4745dec9151cd1c6f6c111897c1687151e 922f6cea9aadcf841e1b7611c3917915b3eb8983fabd4078140fbfa9a5633bf5 Loading...

	www.allwellinst.com/	82 B	2023-03-07	2023-05-26
Pretty URL www.allwellinst.com/ IP 142.4.9.224 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:06 Last Seen2023-05-26 09:42:19 Times Seen3 Hash 290d3eb3bb74790c3485d7a0629070a3 c44faa4d98dd7c638e2b059d723ac2f7a0d46146 24afdddd686884e46e19f47d617fa814db44e19ed8e3f83b4f65107095c41c5c Loading...

	www.allwellinst.com/js/bootstrap-dropdownhover.min.js	4.0 kB	2023-03-07	2023-11-10
Pretty URL www.allwellinst.com/js/bootstrap-dropdownhover.min.js IP 142.4.9.224 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:06 Last Seen2023-11-10 08:57:58 Times Seen13 Hash 965d4c02e4e87e71260f49ff406eec2e d199a95bbebf1780b055b079d8c3b740a6abcf62 be4327fb49447ec3f8b6bebddc118500defba23e370ceb3512ed7165027248b2 Loading...

	www.allwellinst.com/	307 B	2023-03-07	2023-05-26
Pretty URL www.allwellinst.com/ IP 142.4.9.224 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:06 Last Seen2023-05-26 09:42:19 Times Seen3 Hash 1f72ed0de6ccde1685395003258cadf7 77950659bdd351a86a40549027876d9243b7ab88 825a3d11c3c1af947b7788cfac72ac0eea041c66003f6e7d21fbb4b8f90eeb15 Loading...

	www.allwellinst.com/assets1/js/bootstrap-transition.js	1.8 kB	2023-03-07	2023-12-31
Pretty URL www.allwellinst.com/assets1/js/bootstrap-transition.js IP 142.4.9.224 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:06 Last Seen2023-12-31 11:46:22 Times Seen32 Hash a05a07909ed90b9fd5ff5839046b33ee 01a02a6ef355d440dd48e0fcc3affc89d454271a acc1b1af9058c1aeeb757055be7ebd9f39775b16f9c1a3cd068d49f2b0d32acb Loading...

	www.allwellinst.com/assets1/js/bootstrap-tab.js	3.5 kB	2023-03-07	2023-12-31
Pretty URL www.allwellinst.com/assets1/js/bootstrap-tab.js IP 142.4.9.224 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:06 Last Seen2023-12-31 11:46:22 Times Seen32 Hash a0b0c35980fd3689f57c73f5ff319a68 dc24f65f1e2929725363188c0d2781c55bcabf16 c8c905de6cd5fe1fc840b2106bb4b5db48ea7a3fe5485114f760950e7becdf54 Loading...

	www.allwellinst.com/js/jquery-1.11.3.min.js	96 kB	2023-03-07	2024-04-25
Pretty URL www.allwellinst.com/js/jquery-1.11.3.min.js IP 142.4.9.224 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:06 Last Seen2024-04-25 11:47:10 Times Seen344 Hash 8e67452f561a3b8ee8a82fdf57672cd5 44d980c8f4d21057018d80398d574fa72aea1bc7 4e7e1c16e351e7bfc80cddef9f98e99113ddb0d1e201be00d53955fe62f0e523 Loading...

	www.allwellinst.com/js/jquery.plugin.js	12 kB	2023-03-07	2024-04-02
Pretty URL www.allwellinst.com/js/jquery.plugin.js IP 142.4.9.224 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:01:54 Last Seen2024-04-02 15:51:39 Times Seen289 Hash 5089653f43d0a3970aae2bed9a31666a f3fa11db281157834693b61afb550b68908758b4 3ebcd7d59c2e596630fee4b6f1500f960e63f514a6816f11031c2d484d1f2683 Loading...

	www.allwellinst.com/	2.5 kB	2023-03-07	2023-05-26
Pretty URL www.allwellinst.com/ IP 142.4.9.224 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:06 Last Seen2023-05-26 09:42:19 Times Seen3 Hash cf40bbe7c85be7d6c463cce9a25e54a1 f4d68e149e9861afffa5c8445bf30bcae6004c5f 1037979ab4fcfef0c358e1bcd9c91b6b5933feddca33fb10a1f86ca91a814959 Loading...

	www.allwellinst.com/js/timber.master.min.js	28 kB	2023-03-07	2023-11-21
Pretty URL www.allwellinst.com/js/timber.master.min.js IP 142.4.9.224 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:06 Last Seen2023-11-21 10:38:52 Times Seen7 Hash 293adaa086fe771ddbd64c980b4551c5 373416c7885bebfa8ce1192f76ce3ca93e6dacae 5d35c0286d7b6954081821a8b50e2379aae04aacff3861a8eac4ba503a8aea2b Loading...

	www.allwellinst.com/assets1/js/application.js	576 B	2023-03-07	2023-12-31
Pretty URL www.allwellinst.com/assets1/js/application.js IP 142.4.9.224 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:06 Last Seen2023-12-31 11:46:22 Times Seen20 Hash 76e9182b4ac1c30132c1d6485ac579e6 7f62374564defa711a3ea6fc57a23a082f65734b 8b853ca44809d5a05bd4018553e52c871c73003d20d4004db71c8b9a47219263 Loading...

	www.allwellinst.com/	358 B	2023-03-07	2023-05-26
Pretty URL www.allwellinst.com/ IP 142.4.9.224 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:06 Last Seen2023-05-26 09:42:19 Times Seen3 Hash 9b533b5f4305e5b99644653db1142e94 9df0b7c9fa1e2da571115ead3eac16d5395bdd28 0fa2e0d8e9be0e1fbca44fcaef7c30a80c83caa45fa5ecb9404f0600d367156b Loading...

	www.allwellinst.com/js/bootstrap.min.js	37 kB	2023-03-07	2024-04-25
Pretty URL www.allwellinst.com/js/bootstrap.min.js IP 142.4.9.224 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:31 Last Seen2024-04-25 07:52:27 Times Seen2935 Hash e7d9a06cf9053c51cd4ad3386da0659a e45bf1054704a1fdfc4ee2713a16bf9283dea995 9a3724b2051a82064c923cbd68343dcb04014adac3ccb8c4d8ac6a31ba2e12cd Loading...

	www.allwellinst.com/assets1/js/google-code-prettify/prettify.js	14 kB	2023-03-07	2024-02-08
Pretty URL www.allwellinst.com/assets1/js/google-code-prettify/prettify.js IP 142.4.9.224 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:00 Last Seen2024-02-08 18:22:35 Times Seen367 Hash 709bfcc456c694bfe8ee86d184a1c360 a4e5934397f97f79b8066984475c90af8a970a36 e2e576e3bc607cd179ff511947010f645d3441a35313aec0dbd06c4437f83b77 Loading...

	www.allwellinst.com/	221 B	2023-03-07	2023-05-26
Pretty URL www.allwellinst.com/ IP 142.4.9.224 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:06 Last Seen2023-05-26 09:42:19 Times Seen3 Hash c13cd2344fad210ebc90563369a5a31d 51a7b272896c8d2436adfad85cdd37e99ee4d684 d4c108745bfbb9843a81ba58d87364e8741b13ed565c4df227e145613b64f182 Loading...

	www.allwellinst.com/assets1/js/bootstrap-collapse.js	4.7 kB	2023-03-07	2023-12-31
Pretty URL www.allwellinst.com/assets1/js/bootstrap-collapse.js IP 142.4.9.224 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:06 Last Seen2023-12-31 11:46:22 Times Seen36 Hash 00f3b07c6f55b836e7ee6e587a024264 54a985e176f2ea1de1821df1fe4a965dfeb9e43d 9f2c78554baae6de6f979ed29069ac3302d249e0d3911305de8682c13c45389e Loading...

	www.allwellinst.com/js/jssor.slider-21.1.5.mini.js	45 kB	2023-03-07	2023-12-26
Pretty URL www.allwellinst.com/js/jssor.slider-21.1.5.mini.js IP 142.4.9.224 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:06 Last Seen2023-12-26 20:17:57 Times Seen7 Hash 9d121dad526e4dea658db69d87900e9d d7980109de808ac1f8e1c0f8ccd1b5df268f17e3 a2cccfd574d712758fbce607a904ed659117aabd34e4344a59ac0ebec4cd5cea Loading...

	www.allwellinst.com/owl-carousel/owl.carousel.js	53 kB	2023-03-07	2024-04-11
Pretty URL www.allwellinst.com/owl-carousel/owl.carousel.js IP 142.4.9.224 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:01:55 Last Seen2024-04-11 09:32:02 Times Seen1691 Hash a5f96c62d75be144282ef6cc429a6259 99a600283194105be6679b4a7cba8ac27a8c455a 9221608a4df26c3a67d553a85ea42269235ca69d2ff47419148853830d5cea2d Loading...

HTTP Transactions (84)

URL IP Response Size

firefox.settings.services.mozilla.com/v1/

143.204.55.35

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.35:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
c9df6b36bf16969ac566c1b798362e4a
e56eff34815153ae019a4bf63eb9746dd9ae2e5b
33c1175144ab2be42c9de383f7893a6e60cd1f21f282eacb413d546331db3fa0

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Retry-After, Alert, Content-Type, Backoff
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 23 Oct 2022 06:52:50 GMT
Expires: Sun, 23 Oct 2022 07:06:41 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: lOx-O8kuOwNoIBDN7-eW6BlQ-Trk7mZchqDhEzRCpp_nIe_HEfCGGw==
Age: 2654

allwellinst.com/

142.4.9.224

301 Moved Permanently

235 B

URL HTTP/1.1
allwellinst.com/
IP
142.4.9.224:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
235 B (235 bytes)
Hash
2348f6ab9a5a61b3e3d100cee86b029b
3e4a79ba4235b4325eef5da5379529b225fd1188
046e2e8d5a5e775450f3f5309c0235250c45ad8a7d848b07040c1e58c41a9221

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Sun, 23 Oct 2022 07:37:04 GMT
Server: Apache
Location: http://www.allwellinst.com/
Content-Length: 235
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
73c4166ca864f777db2cc1cd8658a7c2
c56b66b0b7c8516d4d5bfafe0c166711c78f3d25
310c633350812c064e159275b6dbbdba6d6a5991a54ccfcc23459320c6513572

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "310C633350812C064E159275B6DBBDBA6D6A5991A54CCFCC23459320C6513572"
Last-Modified: Sat, 22 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19128
Expires: Sun, 23 Oct 2022 12:55:52 GMT
Date: Sun, 23 Oct 2022 07:37:04 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ae56efd62a0d9249d98573172eb8b28b
5ff4e9959be677ad76c26ca73f9ef4feb9fa2f28
82d9ee4948fce839f7edb1f8490c4213cded3912464a4169b0bf6a61278694bd

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "82D9EE4948FCE839F7EDB1F8490C4213CDED3912464A4169B0BF6A61278694BD"
Last-Modified: Sat, 22 Oct 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19179
Expires: Sun, 23 Oct 2022 12:56:43 GMT
Date: Sun, 23 Oct 2022 07:37:04 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: /h8KBNhOSjm2s4zJMYfQCA/AzzzySTB+Qbd6qzzDtBNMAQhzUpRzo2ZoSKHgPWIqCk3MakDT2F0=
x-amz-request-id: 2XQS126ZPW1H2895
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 23 Oct 2022 06:37:52 GMT
age: 3552
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 23 Oct 2022 07:37:04 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.35

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.35:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Sun, 23 Oct 2022 06:43:40 GMT
Expires: Sun, 23 Oct 2022 07:17:48 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: IQB-xJN1lfhgy-mFbppX6IIDd5-NF9rE79epRpKKpB4kcdeXOpnnLQ==
Age: 3204

www.allwellinst.com/

142.4.9.224

200 OK

33 kB

URL HTTP/1.1
www.allwellinst.com/
IP
142.4.9.224:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
33 kB (32730 bytes)
Hash
0cd49d8112743d56522255ea4d9ce9d4
9077e01c6734d7560c87c1056b8f948db106e435
d69bb1ce7e389318e620ea660b1159b3d17d4a39a30ac042f8e2b95f2b94b7ee

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 07:37:04 GMT
Server: Apache
Set-Cookie: PHPSESSID=8t0r1ohd6ard6rteqi8or6i865; path=/
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
ea20460028066b7fba2f10b51d883192
a73b8263a4477aceeda349c7beff7050de9df38b
f933a7ff2c6ec9189ba29fdf09da9125ac59d9c03b4a14e14e9f1b5fa5322b1c

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 23 Oct 2022 07:37:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
ea20460028066b7fba2f10b51d883192
a73b8263a4477aceeda349c7beff7050de9df38b
f933a7ff2c6ec9189ba29fdf09da9125ac59d9c03b4a14e14e9f1b5fa5322b1c

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 23 Oct 2022 07:37:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
fecd12689ba4c6aa556814b7fac0d344
a3005f6333ce5201a73e2857c764a1b0091a91d5
83e0fb564f86df4300e8fc4b5baaf0ed13102c384922d388e02620fb3363a842

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4340
Cache-Control: max-age=92520
Content-Type: application/ocsp-response
Date: Sun, 23 Oct 2022 07:37:05 GMT
Etag: "6353a495-1d7"
Expires: Mon, 24 Oct 2022 09:19:05 GMT
Last-Modified: Sat, 22 Oct 2022 08:06:45 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471

www.allwellinst.com/ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js

142.4.9.224

404 Not Found

315 B

URL HTTP/1.1
www.allwellinst.com/ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
IP
142.4.9.224:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=8t0r1ohd6ard6rteqi8or6i865

HTTP/1.1 404 Not Found
Date: Sun, 23 Oct 2022 07:37:05 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
ea20460028066b7fba2f10b51d883192
a73b8263a4477aceeda349c7beff7050de9df38b
f933a7ff2c6ec9189ba29fdf09da9125ac59d9c03b4a14e14e9f1b5fa5322b1c

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 23 Oct 2022 07:37:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

push.services.mozilla.com/

34.215.91.121

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
34.215.91.121:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: viIqRUbacbQDJbBW/AW/og==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: GsKq7r1XLA11TmMYnrHo9axmy+4=

www.allwellinst.com/owl-carousel/owl.carousel.css

142.4.9.224

200 OK

1.5 kB

URL HTTP/1.1
www.allwellinst.com/owl-carousel/owl.carousel.css
IP
142.4.9.224:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text
Size
1.5 kB (1476 bytes)
Hash
0371b5a2d50e985b09b7d337edc0dc9f
07ad383de4cd0e21c289e3c6695b4822d1a7ad1d
4dc77ee90dc2225b57b31d28fe06213cd6c491bdc7249a6e70ebd003b72c5702

HTTP Headers

GET /owl-carousel/owl.carousel.css HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=8t0r1ohd6ard6rteqi8or6i865

HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 07:37:05 GMT
Server: Apache
Last-Modified: Tue, 13 May 2014 14:56:20 GMT
Accept-Ranges: bytes
Content-Length: 1476
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css

www.allwellinst.com/css/bootstrap-dropdownhover.min.css

142.4.9.224

200 OK

1.2 kB

URL HTTP/1.1
www.allwellinst.com/css/bootstrap-dropdownhover.min.css
IP
142.4.9.224:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (1161), with CRLF line terminators
Size
1.2 kB (1233 bytes)
Hash
680add9aad1c9891fb35389ee22773c0
a10dd9ca36fcb6eeec997cf0e88ed37fc1b9129c
116825a46aa53b48c87182e0254e31ed3081a2d4c1b4a67f23a4df13457eed64

HTTP Headers

GET /css/bootstrap-dropdownhover.min.css HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=8t0r1ohd6ard6rteqi8or6i865

HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 07:37:05 GMT
Server: Apache
Last-Modified: Sun, 29 May 2016 02:25:42 GMT
Accept-Ranges: bytes
Content-Length: 1233
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

www.allwellinst.com/css/font-awesome.min.css

142.4.9.224

200 OK

31 kB

URL HTTP/1.1
www.allwellinst.com/css/font-awesome.min.css
IP
142.4.9.224:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (30837)
Size
31 kB (31000 bytes)
Hash
269550530cc127b6aa5a35925a7de6ce
512c7d79033e3028a9be61b540cf1a6870c896f8
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

HTTP Headers

GET /css/font-awesome.min.css HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=8t0r1ohd6ard6rteqi8or6i865

HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 07:37:05 GMT
Server: Apache
Last-Modified: Mon, 26 Feb 2018 11:24:39 GMT
Accept-Ranges: bytes
Content-Length: 31000
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

www.allwellinst.com/css/font-awesome.css

142.4.9.224

200 OK

37 kB

URL HTTP/1.1
www.allwellinst.com/css/font-awesome.css
IP
142.4.9.224:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
troff or preprocessor input, ASCII text, with very long lines (372)
Size
37 kB (37414 bytes)
Hash
c495654869785bc3df60216616814ad1
0140952c64e3f2b74ef64e050f2fe86eab6624c8
36e0a7e08bee65774168528938072c536437669c1b7458ac77976ec788e4439c

HTTP Headers

GET /css/font-awesome.css HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=8t0r1ohd6ard6rteqi8or6i865

HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 07:37:05 GMT
Server: Apache
Last-Modified: Mon, 26 Feb 2018 11:24:40 GMT
Accept-Ranges: bytes
Content-Length: 37414
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

www.allwellinst.com/css/animations.min.css

142.4.9.224

200 OK

118 kB

URL HTTP/1.1
www.allwellinst.com/css/animations.min.css
IP
142.4.9.224:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (59107), with CRLF line terminators
Size
118 kB (118499 bytes)
Hash
c6229ab75601b0aa6007eec77eabf516
85e92f0c9c778ba83398eb8ca0e4c3bc3ea46244
b366f31f86f7ee66c586f325a06054c64bc5ef6b55d98e87f2fb24a901ba3efe

HTTP Headers

GET /css/animations.min.css HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=8t0r1ohd6ard6rteqi8or6i865

HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 07:37:05 GMT
Server: Apache
Last-Modified: Tue, 24 May 2016 01:59:44 GMT
Accept-Ranges: bytes
Content-Length: 118499
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

www.allwellinst.com/js/jssor.slider-21.1.5.mini.js

142.4.9.224

200 OK

45 kB

URL HTTP/1.1
www.allwellinst.com/js/jssor.slider-21.1.5.mini.js
IP
142.4.9.224:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (45340)
Size
45 kB (45381 bytes)
Hash
4545d61535af1e37b018717b9af5d1b0
4c9f775f0dfdfff1d4bc5d80d57a4ab18fe89db8
0b2266c683839438a5efb0278d653178069c78b043f22bc1bbb5802eedeb151c

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/jssor.slider-21.1.5.mini.js HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=8t0r1ohd6ard6rteqi8or6i865

HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 07:37:06 GMT
Server: Apache
Last-Modified: Mon, 05 Sep 2016 11:11:24 GMT
Accept-Ranges: bytes
Content-Length: 45381
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript

www.allwellinst.com/css/animate.min.css

142.4.9.224

200 OK

54 kB

URL HTTP/1.1
www.allwellinst.com/css/animate.min.css
IP
142.4.9.224:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (53660), with CRLF line terminators
Size
54 kB (53679 bytes)
Hash
526303356ec2dc84c30346cbd9c96320
8b70722926a4f5647315ab2397a8a359185f0017
2b0d5bfd2b38d49d1eaab56cbc0dcc0bb593ed447d74c193e72f6fb19c021c07

HTTP Headers

GET /css/animate.min.css HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=8t0r1ohd6ard6rteqi8or6i865

HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 07:37:05 GMT
Server: Apache
Last-Modified: Sun, 29 May 2016 02:25:42 GMT
Accept-Ranges: bytes
Content-Length: 53679
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

www.allwellinst.com/js/jquery-1.11.3.min.js

142.4.9.224

200 OK

96 kB

URL HTTP/1.1
www.allwellinst.com/js/jquery-1.11.3.min.js
IP
142.4.9.224:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (32038), with CRLF line terminators
Size
96 kB (96000 bytes)
Hash
7893a01e4cbbc2a22535a1f39adf104c
22a0e97791ddff4dcc7ef9b35ff0379dd7de4a25
3f5bf2cbfb850370ec9de6ba86b903a62ef63af28247b1f9d68d516bba0122fb

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/jquery-1.11.3.min.js HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=8t0r1ohd6ard6rteqi8or6i865

HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 07:37:06 GMT
Server: Apache
Last-Modified: Mon, 05 Sep 2016 11:11:24 GMT
Accept-Ranges: bytes
Content-Length: 96000
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f1b833a135e4d839859e4994f349bb6c
399b607015c4d9200df20084c7396591007dc995
28db09a2a0e821b37dc1cfb710bf896c438755bfc992eb775f41128b0e52e5d1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "28DB09A2A0E821B37DC1CFB710BF896C438755BFC992EB775F41128B0E52E5D1"
Last-Modified: Fri, 21 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4399
Expires: Sun, 23 Oct 2022 08:50:25 GMT
Date: Sun, 23 Oct 2022 07:37:06 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f1b833a135e4d839859e4994f349bb6c
399b607015c4d9200df20084c7396591007dc995
28db09a2a0e821b37dc1cfb710bf896c438755bfc992eb775f41128b0e52e5d1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "28DB09A2A0E821B37DC1CFB710BF896C438755BFC992EB775F41128B0E52E5D1"
Last-Modified: Fri, 21 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4399
Expires: Sun, 23 Oct 2022 08:50:25 GMT
Date: Sun, 23 Oct 2022 07:37:06 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f1b833a135e4d839859e4994f349bb6c
399b607015c4d9200df20084c7396591007dc995
28db09a2a0e821b37dc1cfb710bf896c438755bfc992eb775f41128b0e52e5d1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "28DB09A2A0E821B37DC1CFB710BF896C438755BFC992EB775F41128B0E52E5D1"
Last-Modified: Fri, 21 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4399
Expires: Sun, 23 Oct 2022 08:50:25 GMT
Date: Sun, 23 Oct 2022 07:37:06 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f1b833a135e4d839859e4994f349bb6c
399b607015c4d9200df20084c7396591007dc995
28db09a2a0e821b37dc1cfb710bf896c438755bfc992eb775f41128b0e52e5d1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "28DB09A2A0E821B37DC1CFB710BF896C438755BFC992EB775F41128B0E52E5D1"
Last-Modified: Fri, 21 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4399
Expires: Sun, 23 Oct 2022 08:50:25 GMT
Date: Sun, 23 Oct 2022 07:37:06 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47c95e4a-b411-4326-8723-bceab59b6d74.jpeg

34.120.237.76

200 OK

8.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47c95e4a-b411-4326-8723-bceab59b6d74.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.1 kB (8109 bytes)
Hash
7fa30ef7eff515cfddf2f3b7ee67eb85
b488761c8ce781a44dcaf2e515ef548480dcd1bc
47c0e8ea9ef52c5d45dca54eb251d89983fba9937b7cf7872b065de04786f6ef

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47c95e4a-b411-4326-8723-bceab59b6d74.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8109
x-amzn-requestid: 39c9edcc-ea64-443e-82b3-230e41edbcb4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aFhHBG_HoAMF7Ug=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634baef9-7d6e66cd2012a3e8607f0d28;Sampled=0
x-amzn-remapped-date: Sun, 16 Oct 2022 07:12:57 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: -mkpkDB8pmoOQhWZI82RUYjaqQmzCGXNyN5sr1TYXb2kTX16pMGJ_A==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Sat, 22 Oct 2022 22:26:56 GMT
age: 33010
etag: "b488761c8ce781a44dcaf2e515ef548480dcd1bc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F412682e9-14c9-40e4-bfec-f73f656f5e10.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.3 kB (5348 bytes)
Hash
37143b9d51a289f11607b6b0f9ba534a
4b5e283e4397985f837ab28d94c167ddfdb26c7c
d664702a83cac4eaee1710fd03ca41e35d62ae699224490367e605b529e45566

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F412682e9-14c9-40e4-bfec-f73f656f5e10.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5348
x-amzn-requestid: d44ded7c-15b6-4c30-a810-4af1edbb9bc3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aPYYZEnboAMFcMw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634fa102-6bdd3c1a2fa437b106f8ea79;Sampled=0
x-amzn-remapped-date: Wed, 19 Oct 2022 07:02:26 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: dx2yJ8T_lM1OMR3h0DUtiV359392U2UyReU6hi4tOxxbvFR0iZ_kAg==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Sat, 22 Oct 2022 22:01:40 GMT
age: 34526
etag: "4b5e283e4397985f837ab28d94c167ddfdb26c7c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

3.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F55e25b9a-b0d2-47fc-824e-f7441e1bdd01.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
3.5 kB (3518 bytes)
Hash
85de0c3844ed8f109992d7c37cc5db1b
454136ba1c69e33ae3ba4fcfe4963bd492991e07
c8d2f6fabb976cc65c2029b102fee589b639c0f18110f1c2502733903da73d0e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F55e25b9a-b0d2-47fc-824e-f7441e1bdd01.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 3518
x-amzn-requestid: 8b13ebbd-b086-4007-a17d-d8ab307e2575
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aFhSdGtEoAMFajw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634baf42-0ca66cd74f79dbfa54f3613b;Sampled=0
x-amzn-remapped-date: Sun, 16 Oct 2022 07:14:10 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: xW8lD02LEzgVvUNKqXck7eMr2CXbt_xdVzN4H1M7qj4qQJpvXLFy5Q==
via: 1.1 1949caaabae48a894fcd770a3e1384f6.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Sat, 22 Oct 2022 21:48:55 GMT
age: 35291
etag: "454136ba1c69e33ae3ba4fcfe4963bd492991e07"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0856e94c-65e7-489a-95b5-cc37407bf90f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (12031 bytes)
Hash
208445a6f07a7259b8a420c062a81998
50d9f1642c3c47504fb2d4086a40ae8fb9479b50
607a81c5d0210faaa103d09fba1e0b9dde333c5142969272b0b5351a779acfa4

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0856e94c-65e7-489a-95b5-cc37407bf90f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12031
x-amzn-requestid: b15d6e4e-4880-4686-80c1-ba49f705631c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aFgJtHZHoAMFsMA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634bad71-3ef572702125f3b32ceece12;Sampled=0
x-amzn-remapped-date: Sun, 16 Oct 2022 07:06:25 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 3XZCGkKRjdtuIJ9Zp6WCsnBEuV7XimonJLAIL6OIFzYw1zPxBZOv_g==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Sat, 22 Oct 2022 08:04:17 GMT
etag: "50d9f1642c3c47504fb2d4086a40ae8fb9479b50"
content-type: image/jpeg
age: 84769
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50afa8fe-bd4e-4951-bc9f-b9a25aa28c7b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.3 kB (8344 bytes)
Hash
319c9a70bded148097c378aee2e5e7e3
9815cabee697f91758b3d6049b33b6e6372fc69e
511dfb789ee7031302e0b18761854b93b47a7113d7a6a1a8ee16b3f1e425786b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50afa8fe-bd4e-4951-bc9f-b9a25aa28c7b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8344
x-amzn-requestid: 563c255f-62bf-4038-92e0-ffb869de9acd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: abRkFHUUIAMFY3A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635462e6-34b76ac446e96214580e6fe6;Sampled=0
x-amzn-remapped-date: Sat, 22 Oct 2022 21:38:46 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: ODC-cdFkM2mIQFcZjYm_ECZjhrFEewsJxzlZXisEt8l8GYnD4KuKEg==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 22 Oct 2022 21:43:36 GMT
age: 35610
etag: "9815cabee697f91758b3d6049b33b6e6372fc69e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffec9f432-15c2-48a5-a72c-411765b4b8bc.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10309 bytes)
Hash
d7d9a7abaf87962b855521efa710812f
a3e88fdb581161ee4a77a2e871b5dbf6438740ff
77c606ec418fdcf921011e7791c702a96ccb5ed9157988da3c7d9f2c460c2bbf

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffec9f432-15c2-48a5-a72c-411765b4b8bc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10309
x-amzn-requestid: 440e8c86-be5e-47c5-8c91-a6b093b7077c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZkTaoHWCIAMFwsg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633e65dd-7a06ea100494b8db4b76c4ec;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 05:21:33 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: MBUhf5kPAItEZUj03TKeekl9YXcbeh1KeoYnI4rb_v9eBptmVoEgAA==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Sat, 22 Oct 2022 22:03:35 GMT
age: 34411
etag: "a3e88fdb581161ee4a77a2e871b5dbf6438740ff"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.allwellinst.com/css/colors.css

142.4.9.224

200 OK

3.8 kB

URL HTTP/1.1
www.allwellinst.com/css/colors.css
IP
142.4.9.224:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with CRLF line terminators
Size
3.8 kB (3764 bytes)
Hash
cfa106a80badc081a90ac17f3672960c
f19e2ce08d26860b2c70b6d2938515652fbbb6af
0fa02fe4cabccc28517ea41314102a69bbb7dd8a16373b5dd4680e4b97c664e0

HTTP Headers

GET /css/colors.css HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=8t0r1ohd6ard6rteqi8or6i865

HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 07:37:06 GMT
Server: Apache
Last-Modified: Sat, 10 Feb 2018 17:53:46 GMT
Accept-Ranges: bytes
Content-Length: 3764
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css

www.allwellinst.com/assets1/js/google-code-prettify/prettify.css

142.4.9.224

200 OK

614 B

URL HTTP/1.1
www.allwellinst.com/assets1/js/google-code-prettify/prettify.css
IP
142.4.9.224:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text
Size
614 B (614 bytes)
Hash
56a06e3131834a82f1456ed6e441a56a
ddb8a5b55d91c487a4fb365bcda4a8b717bd277d
b3dccf02e29e59a0f87989a548d046a93ec8a99a799d9875eb7871756a46df0b

HTTP Headers

GET /assets1/js/google-code-prettify/prettify.css HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=8t0r1ohd6ard6rteqi8or6i865

HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 07:37:06 GMT
Server: Apache
Last-Modified: Tue, 15 Apr 2014 10:33:26 GMT
Accept-Ranges: bytes
Content-Length: 614
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css

www.allwellinst.com/css/jquery.countdown.css

142.4.9.224

200 OK

1.7 kB

URL HTTP/1.1
www.allwellinst.com/css/jquery.countdown.css
IP
142.4.9.224:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with CRLF line terminators
Size
1.7 kB (1672 bytes)
Hash
f7bc1d293000a4e9531cc32dd02864df
5e2469b7734580121f97f1076ac444ac0800e932
b34600bb0e2f17f3ac8a247c4b107d59c05edf5762e8c9f333fd7cc281237a8c

HTTP Headers

GET /css/jquery.countdown.css HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=8t0r1ohd6ard6rteqi8or6i865

HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 07:37:06 GMT
Server: Apache
Last-Modified: Sun, 29 May 2016 02:25:42 GMT
Accept-Ranges: bytes
Content-Length: 1672
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css

www.allwellinst.com/owl-carousel/owl.theme.css

142.4.9.224

200 OK

1.7 kB

URL HTTP/1.1
www.allwellinst.com/owl-carousel/owl.theme.css
IP
142.4.9.224:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with CRLF line terminators
Size
1.7 kB (1747 bytes)
Hash
f506551fed677e278bd0bd3ca1ebe313
296c4ef2b9b6c9e4b641fbbca1b789cd03fd393e
1099093208c3dd2d664fc408ec44b7d886ad4f5bd341dbec56565709c8fa0931

HTTP Headers

GET /owl-carousel/owl.theme.css HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=8t0r1ohd6ard6rteqi8or6i865

HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 07:37:06 GMT
Server: Apache
Last-Modified: Tue, 28 Jun 2016 05:13:38 GMT
Accept-Ranges: bytes
Content-Length: 1747
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css

www.allwellinst.com/css/style.css

142.4.9.224

200 OK

126 kB

URL HTTP/1.1
www.allwellinst.com/css/style.css
IP
142.4.9.224:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text
Size
126 kB (126372 bytes)
Hash
75c67e4b133727a6d82d9ff5c555f950
fd2422581f6e514d8e08e3588f78a6abaf289672
7d4a25867c93d8895601e499c3970e9508114e906c9267d5c4321df49a2a19bf

HTTP Headers

GET /css/style.css HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=8t0r1ohd6ard6rteqi8or6i865

HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 07:37:06 GMT
Server: Apache
Last-Modified: Wed, 28 Feb 2018 10:53:29 GMT
Accept-Ranges: bytes
Content-Length: 126372
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css

www.allwellinst.com/js/bootstrap.min.js

142.4.9.224

200 OK

37 kB

URL HTTP/1.1
www.allwellinst.com/js/bootstrap.min.js
IP
142.4.9.224:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (32034), with CRLF line terminators
Size
37 kB (36822 bytes)
Hash
e7d9a06cf9053c51cd4ad3386da0659a
e45bf1054704a1fdfc4ee2713a16bf9283dea995
9a3724b2051a82064c923cbd68343dcb04014adac3ccb8c4d8ac6a31ba2e12cd

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/bootstrap.min.js HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=8t0r1ohd6ard6rteqi8or6i865

HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 07:37:06 GMT
Server: Apache
Last-Modified: Wed, 18 May 2016 21:31:18 GMT
Accept-Ranges: bytes
Content-Length: 36822
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript

www.allwellinst.com/js/animations.min.js

142.4.9.224

200 OK

2.4 kB

URL HTTP/1.1
www.allwellinst.com/js/animations.min.js
IP
142.4.9.224:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (1984), with CRLF line terminators
Size
2.4 kB (2381 bytes)
Hash
c9cd375b0ca0a23c90043125c8f8ca48
d2599a0bb056cbc5dfe583fd5e3c8bffe2164507
8c6825644ce1d0161f0962222b520b4a0db6afa274e87a092211731bbc25adcd

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/animations.min.js HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=8t0r1ohd6ard6rteqi8or6i865

HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 07:37:06 GMT
Server: Apache
Last-Modified: Tue, 24 May 2016 01:59:44 GMT
Accept-Ranges: bytes
Content-Length: 2381
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript

www.allwellinst.com/css/bootstrap.css

142.4.9.224

200 OK

157 kB

URL HTTP/1.1
www.allwellinst.com/css/bootstrap.css
IP
142.4.9.224:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (540), with CRLF line terminators
Size
157 kB (157326 bytes)
Hash
984fbf56eee469df0267942af7b6b262
0a92ba66485b5ace7578c5f02a2594ca1085f064
c1ecf430866f457a304d3b844c5f4ef54bbc631bc28bef5e7e822744686b179b

HTTP Headers

GET /css/bootstrap.css HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=8t0r1ohd6ard6rteqi8or6i865

HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 07:37:06 GMT
Server: Apache
Last-Modified: Sat, 10 Feb 2018 21:16:04 GMT
Accept-Ranges: bytes
Content-Length: 157326
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css

www.allwellinst.com/js/jquery.plugin.js

142.4.9.224

200 OK

12 kB

URL HTTP/1.1
www.allwellinst.com/js/jquery.plugin.js
IP
142.4.9.224:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with CRLF line terminators
Size
12 kB (11513 bytes)
Hash
5089653f43d0a3970aae2bed9a31666a
f3fa11db281157834693b61afb550b68908758b4
3ebcd7d59c2e596630fee4b6f1500f960e63f514a6816f11031c2d484d1f2683

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/jquery.plugin.js HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=8t0r1ohd6ard6rteqi8or6i865

HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 07:37:06 GMT
Server: Apache
Last-Modified: Sat, 28 May 2016 02:21:12 GMT
Accept-Ranges: bytes
Content-Length: 11513
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
9f84a11cd39c014fffc187f2a8b0d8df
1875e117dec3fc707db902e87df9ec691b2cc763
bf0c0ac413147f09128a7af625499402eea897c3efad12828347efaba9b9d3a1

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 23 Oct 2022 07:37:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
9f84a11cd39c014fffc187f2a8b0d8df
1875e117dec3fc707db902e87df9ec691b2cc763
bf0c0ac413147f09128a7af625499402eea897c3efad12828347efaba9b9d3a1

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 23 Oct 2022 07:37:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.195

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.allwellinst.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 19 Oct 2022 19:34:08 GMT
expires: Thu, 19 Oct 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 302578
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

216.58.207.195

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15740, version 1.0\012- data
Size
16 kB (15740 bytes)
Hash
b9c29351c46f3e8c8631c4002457f48a
e57e59c5780995ff2937ab2b511a769212974a87
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.allwellinst.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 19 Oct 2022 19:34:21 GMT
expires: Thu, 19 Oct 2023 19:34:21 GMT
cache-control: public, max-age=31536000
age: 302565
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/ptsanscaption/v18/0FlJVP6Hrxmt7-fsUFhlFXNIlpcSwSrkTA-v.woff2

216.58.207.195

200 OK

35 kB

URL HTTP/2
fonts.gstatic.com/s/ptsanscaption/v18/0FlJVP6Hrxmt7-fsUFhlFXNIlpcSwSrkTA-v.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 35208, version 1.0\012- data
Size
35 kB (35208 bytes)
Hash
533b904aeb71d52d4ed3d58ee59a7603
e86c7ca5fe5f70ed2e47b3874e779716acf65f0d
106eafbee08b482008e6c88cf642224c8e1bddfd0edac403bb6222574e4f7d2a

HTTP Headers

GET /s/ptsanscaption/v18/0FlJVP6Hrxmt7-fsUFhlFXNIlpcSwSrkTA-v.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.allwellinst.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 35208
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 20 Oct 2022 02:23:51 GMT
expires: Fri, 20 Oct 2023 02:23:51 GMT
cache-control: public, max-age=31536000
age: 277995
last-modified: Wed, 27 Apr 2022 16:09:37 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

216.58.207.195

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Size
16 kB (15860 bytes)
Hash
e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.allwellinst.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 19 Oct 2022 19:34:08 GMT
expires: Thu, 19 Oct 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 302578
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

216.58.207.195

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Size
16 kB (15920 bytes)
Hash
3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.allwellinst.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 19 Oct 2022 14:07:32 GMT
expires: Thu, 19 Oct 2023 14:07:32 GMT
cache-control: public, max-age=31536000
age: 322174
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.allwellinst.com/js/jquery.countdown.js

142.4.9.224

200 OK

37 kB

URL HTTP/1.1
www.allwellinst.com/js/jquery.countdown.js
IP
142.4.9.224:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with CRLF line terminators
Size
37 kB (36750 bytes)
Hash
2d012bb507a1ccba5ff14c138b4049ae
ffc3853c114f3714066b915de4b27f39478a3bd8
776b4b95c68119270b735dd8b8af221a66eae375e17c9770a754afe3cdd8e6ff

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/jquery.countdown.js HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=8t0r1ohd6ard6rteqi8or6i865

HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 07:37:06 GMT
Server: Apache
Last-Modified: Sat, 28 May 2016 02:21:12 GMT
Accept-Ranges: bytes
Content-Length: 36750
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript

fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2

216.58.207.195

200 OK

17 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 17368, version 1.0\012- data
Size
17 kB (17368 bytes)
Hash
abe083d96b58eb02ada8b7c30d7b09f2
61447d66d13a8c8f4335696777a85c438c46f749
db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9

HTTP Headers

GET /s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.allwellinst.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17368
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 19 Oct 2022 19:47:56 GMT
expires: Thu, 19 Oct 2023 19:47:56 GMT
cache-control: public, max-age=31536000
age: 301750
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.allwellinst.com/js/bootstrap-dropdownhover.min.js

142.4.9.224

200 OK

4.0 kB

URL HTTP/1.1
www.allwellinst.com/js/bootstrap-dropdownhover.min.js
IP
142.4.9.224:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (3959), with CRLF line terminators
Size
4.0 kB (4031 bytes)
Hash
965d4c02e4e87e71260f49ff406eec2e
d199a95bbebf1780b055b079d8c3b740a6abcf62
be4327fb49447ec3f8b6bebddc118500defba23e370ceb3512ed7165027248b2

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/bootstrap-dropdownhover.min.js HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=8t0r1ohd6ard6rteqi8or6i865

HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 07:37:06 GMT
Server: Apache
Last-Modified: Sun, 29 May 2016 02:25:42 GMT
Accept-Ranges: bytes
Content-Length: 4031
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript

www.allwellinst.com/assets1/js/jquery-1.9.1.min.js

142.4.9.224

200 OK

93 kB

URL HTTP/1.1
www.allwellinst.com/assets1/js/jquery-1.9.1.min.js
IP
142.4.9.224:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (32089)
Size
93 kB (92629 bytes)
Hash
397754ba49e9e0cf4e7c190da78dda05
ae49e56999d82802727455f0ba83b63acd90a22b
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets1/js/jquery-1.9.1.min.js HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=8t0r1ohd6ard6rteqi8or6i865

HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 07:37:06 GMT
Server: Apache
Last-Modified: Tue, 15 Apr 2014 10:33:26 GMT
Accept-Ranges: bytes
Content-Length: 92629
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript

www.allwellinst.com/js/timber.master.min.js

142.4.9.224

200 OK

28 kB

URL HTTP/1.1
www.allwellinst.com/js/timber.master.min.js
IP
142.4.9.224:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (13394), with CRLF line terminators
Size
28 kB (27588 bytes)
Hash
293adaa086fe771ddbd64c980b4551c5
373416c7885bebfa8ce1192f76ce3ca93e6dacae
5d35c0286d7b6954081821a8b50e2379aae04aacff3861a8eac4ba503a8aea2b

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/timber.master.min.js HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=8t0r1ohd6ard6rteqi8or6i865

HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 07:37:06 GMT
Server: Apache
Last-Modified: Sat, 28 May 2016 02:21:12 GMT
Accept-Ranges: bytes
Content-Length: 27588
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
9f84a11cd39c014fffc187f2a8b0d8df
1875e117dec3fc707db902e87df9ec691b2cc763
bf0c0ac413147f09128a7af625499402eea897c3efad12828347efaba9b9d3a1

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 23 Oct 2022 07:37:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.allwellinst.com/assets1/js/bootstrap-collapse.js

142.4.9.224

200 OK

4.7 kB

URL HTTP/1.1
www.allwellinst.com/assets1/js/bootstrap-collapse.js
IP
142.4.9.224:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text
Size
4.7 kB (4735 bytes)
Hash
00f3b07c6f55b836e7ee6e587a024264
54a985e176f2ea1de1821df1fe4a965dfeb9e43d
9f2c78554baae6de6f979ed29069ac3302d249e0d3911305de8682c13c45389e

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets1/js/bootstrap-collapse.js HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=8t0r1ohd6ard6rteqi8or6i865

HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 07:37:07 GMT
Server: Apache
Last-Modified: Tue, 15 Apr 2014 10:33:26 GMT
Accept-Ranges: bytes
Content-Length: 4735
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript

www.allwellinst.com/assets1/js/bootstrap-tab.js

142.4.9.224

200 OK

3.5 kB

URL HTTP/1.1
www.allwellinst.com/assets1/js/bootstrap-tab.js
IP
142.4.9.224:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text
Size
3.5 kB (3496 bytes)
Hash
a0b0c35980fd3689f57c73f5ff319a68
dc24f65f1e2929725363188c0d2781c55bcabf16
c8c905de6cd5fe1fc840b2106bb4b5db48ea7a3fe5485114f760950e7becdf54

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets1/js/bootstrap-tab.js HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=8t0r1ohd6ard6rteqi8or6i865

HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 07:37:07 GMT
Server: Apache
Last-Modified: Tue, 15 Apr 2014 10:33:26 GMT
Accept-Ranges: bytes
Content-Length: 3496
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript

www.allwellinst.com/assets1/js/bootstrap-transition.js

142.4.9.224

200 OK

1.8 kB

URL HTTP/1.1
www.allwellinst.com/assets1/js/bootstrap-transition.js
IP
142.4.9.224:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text
Size
1.8 kB (1756 bytes)
Hash
a05a07909ed90b9fd5ff5839046b33ee
01a02a6ef355d440dd48e0fcc3affc89d454271a
acc1b1af9058c1aeeb757055be7ebd9f39775b16f9c1a3cd068d49f2b0d32acb

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets1/js/bootstrap-transition.js HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=8t0r1ohd6ard6rteqi8or6i865

HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 07:37:07 GMT
Server: Apache
Last-Modified: Tue, 15 Apr 2014 10:33:26 GMT
Accept-Ranges: bytes
Content-Length: 1756
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript

www.allwellinst.com/owl-carousel/owl.carousel.js

142.4.9.224

200 OK

53 kB

URL HTTP/1.1
www.allwellinst.com/owl-carousel/owl.carousel.js
IP
142.4.9.224:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text
Size
53 kB (52797 bytes)
Hash
a5f96c62d75be144282ef6cc429a6259
99a600283194105be6679b4a7cba8ac27a8c455a
9221608a4df26c3a67d553a85ea42269235ca69d2ff47419148853830d5cea2d

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /owl-carousel/owl.carousel.js HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=8t0r1ohd6ard6rteqi8or6i865

HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 07:37:06 GMT
Server: Apache
Last-Modified: Tue, 13 May 2014 14:54:58 GMT
Accept-Ranges: bytes
Content-Length: 52797
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript

www.allwellinst.com/assets1/js/google-code-prettify/prettify.js

142.4.9.224

200 OK

14 kB

URL HTTP/1.1
www.allwellinst.com/assets1/js/google-code-prettify/prettify.js
IP
142.4.9.224:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (592)
Size
14 kB (13632 bytes)
Hash
709bfcc456c694bfe8ee86d184a1c360
a4e5934397f97f79b8066984475c90af8a970a36
e2e576e3bc607cd179ff511947010f645d3441a35313aec0dbd06c4437f83b77

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets1/js/google-code-prettify/prettify.js HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=8t0r1ohd6ard6rteqi8or6i865

HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 07:37:07 GMT
Server: Apache
Last-Modified: Tue, 15 Apr 2014 10:33:26 GMT
Accept-Ranges: bytes
Content-Length: 13632
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript

www.allwellinst.com/assets1/js/application.js

142.4.9.224

200 OK

576 B

URL HTTP/1.1
www.allwellinst.com/assets1/js/application.js
IP
142.4.9.224:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text
Size
576 B (576 bytes)
Hash
76e9182b4ac1c30132c1d6485ac579e6
7f62374564defa711a3ea6fc57a23a082f65734b
8b853ca44809d5a05bd4018553e52c871c73003d20d4004db71c8b9a47219263

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets1/js/application.js HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=8t0r1ohd6ard6rteqi8or6i865

HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 07:37:07 GMT
Server: Apache
Last-Modified: Tue, 15 Apr 2014 10:33:26 GMT
Accept-Ranges: bytes
Content-Length: 576
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript

www.allwellinst.com/js/jquery.main.js

142.4.9.224

200 OK

125 kB

URL HTTP/1.1
www.allwellinst.com/js/jquery.main.js
IP
142.4.9.224:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
Unicode text, UTF-8 text, with CRLF line terminators
Size
125 kB (124847 bytes)
Hash
83eac1db692877259f896b6ebcba5d2d
cc9c4f4745dec9151cd1c6f6c111897c1687151e
922f6cea9aadcf841e1b7611c3917915b3eb8983fabd4078140fbfa9a5633bf5

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/jquery.main.js HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=8t0r1ohd6ard6rteqi8or6i865

HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 07:37:06 GMT
Server: Apache
Last-Modified: Mon, 04 Jul 2016 19:16:24 GMT
Accept-Ranges: bytes
Content-Length: 124847
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript

www.allwellinst.com/ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js

142.4.9.224

404 Not Found

315 B

URL HTTP/1.1
www.allwellinst.com/ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
IP
142.4.9.224:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=8t0r1ohd6ard6rteqi8or6i865

HTTP/1.1 404 Not Found
Date: Sun, 23 Oct 2022 07:37:07 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

www.allwellinst.com/fonts/icomoon.woff

142.4.9.224

200 OK

2.8 kB

URL HTTP/1.1
www.allwellinst.com/fonts/icomoon.woff
IP
142.4.9.224:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
Web Open Font Format, TrueType, length 2808, version 0.0\012- data
Size
2.8 kB (2808 bytes)
Hash
31a3e4e78a3e107ef72d075070a3eda7
0de50feacd42e03edc520af87e7b7c29f814619b
ac79434b1348cc08f2b9c430d3884730cce55e3738c04d0d9787d16397ecc998

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /fonts/icomoon.woff HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.allwellinst.com/css/style.css
Cookie: PHPSESSID=8t0r1ohd6ard6rteqi8or6i865

HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 07:37:07 GMT
Server: Apache
Last-Modified: Tue, 24 May 2016 01:59:44 GMT
Accept-Ranges: bytes
Content-Length: 2808
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: font/woff

www.allwellinst.com/images/image4.jpg

142.4.9.224

200 OK

74 kB

URL HTTP/1.1
www.allwellinst.com/images/image4.jpg
IP
142.4.9.224:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 1600x472, components 3\012- data
Size
74 kB (73459 bytes)
Hash
d18024f0d7bffef630da7f4d70850c68
8a769685fd506b661275f6856e2b8c37efc28d2e
9473d69bc397185f7d28f206d3d7e5aef38534d24c14ea56e9f2f94e672da871

HTTP Headers

GET /images/image4.jpg HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/css/style.css
Cookie: PHPSESSID=8t0r1ohd6ard6rteqi8or6i865

HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 07:37:07 GMT
Server: Apache
Last-Modified: Thu, 11 Aug 2016 07:52:36 GMT
Accept-Ranges: bytes
Content-Length: 73459
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/jpeg

www.allwellinst.com/images/searchicon2.png

142.4.9.224

200 OK

933 B

URL HTTP/1.1
www.allwellinst.com/images/searchicon2.png
IP
142.4.9.224:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced\012- data
Size
933 B (933 bytes)
Hash
eaa74d5858e4d2ea34c1e3a0c2da2715
11f38a7b7accbd4b8aa92ff813c82b3051355059
95f62d694c27788a74dfca029eea30d061447cde8680a16e28600543347ffe86

HTTP Headers

GET /images/searchicon2.png HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=8t0r1ohd6ard6rteqi8or6i865

HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 07:37:07 GMT
Server: Apache
Last-Modified: Sat, 10 Feb 2018 19:31:02 GMT
Accept-Ranges: bytes
Content-Length: 933
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/png

www.allwellinst.com/pictures/1_logo.png

142.4.9.224

200 OK

16 kB

URL HTTP/1.1
www.allwellinst.com/pictures/1_logo.png
IP
142.4.9.224:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 343 x 72, 8-bit/color RGBA, non-interlaced\012- data
Size
16 kB (15557 bytes)
Hash
2f779c35970815d7c72de4a6dca659f6
58cfc2576b8582d0dae9f2972136b319a5d02cdc
d3a03c404e32e2c559ccdcd687bc862ee43668a399abac4b708c34d5d6899ce1

HTTP Headers

GET /pictures/1_logo.png HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=8t0r1ohd6ard6rteqi8or6i865

HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 07:37:07 GMT
Server: Apache
Last-Modified: Sat, 17 Feb 2018 06:57:56 GMT
Accept-Ranges: bytes
Content-Length: 15557
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/png

www.allwellinst.com/pictures/2_pic_1.jpg

142.4.9.224

200 OK

95 kB

URL HTTP/1.1
www.allwellinst.com/pictures/2_pic_1.jpg
IP
142.4.9.224:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 555x178, components 3\012- data
Size
95 kB (94934 bytes)
Hash
77e6c4e8563675626f3b7fde95df40ec
e120f757c9651fea908b1c9025b4093088aa2a98
94cb704bb8a20849e9c6b2a757a4ca6dc0afe0b96c6f717d373efdfc6735fdd1

HTTP Headers

GET /pictures/2_pic_1.jpg HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=8t0r1ohd6ard6rteqi8or6i865

HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 07:37:07 GMT
Server: Apache
Last-Modified: Tue, 11 Jun 2019 07:10:34 GMT
Accept-Ranges: bytes
Content-Length: 94934
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/jpeg

www.allwellinst.com/fonts/fontawesome-webfont.woff2?v=4.7.0

142.4.9.224

200 OK

77 kB

URL HTTP/1.1
www.allwellinst.com/fonts/fontawesome-webfont.woff2?v=4.7.0
IP
142.4.9.224:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Size
77 kB (77160 bytes)
Hash
af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.allwellinst.com/css/font-awesome.min.css
Cookie: PHPSESSID=8t0r1ohd6ard6rteqi8or6i865

HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 07:37:07 GMT
Server: Apache
Last-Modified: Mon, 26 Feb 2018 11:24:57 GMT
Accept-Ranges: bytes
Content-Length: 77160
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: font/woff2

www.allwellinst.com/pictures/7_pic_1.jpg

142.4.9.224

200 OK

60 kB

URL HTTP/1.1
www.allwellinst.com/pictures/7_pic_1.jpg
IP
142.4.9.224:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 555x178, components 3\012- data
Size
60 kB (59760 bytes)
Hash
d12b50e8aaab2de86b36684b675d0664
1e9cdc52c88484b4500973f09dd628e2bd4782af
9d0a5ad518c6eff7794e3e3ff23d26f2b33d46213f8966d397d57ab6cb52b98f

HTTP Headers

GET /pictures/7_pic_1.jpg HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=8t0r1ohd6ard6rteqi8or6i865

HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 07:37:07 GMT
Server: Apache
Last-Modified: Sat, 10 Feb 2018 18:31:04 GMT
Accept-Ranges: bytes
Content-Length: 59760
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/jpeg

www.allwellinst.com/pictures/1_pic_1.jpg

142.4.9.224

200 OK

265 kB

URL HTTP/1.1
www.allwellinst.com/pictures/1_pic_1.jpg
IP
142.4.9.224:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2014 (Windows), datetime=2018:02:17 13:43:07], baseline, precision 8, 559x179, components 3\012- data
Size
265 kB (264696 bytes)
Hash
ffd3032acef349a342a1b0d22cd2089d
c51f1196805f8d61b16d0d9a7a2c619d2561d1c2
88ca28ae7cae709d27fc0561821c7f180b25b5ac5ce2627c0bbe560753658fc5

HTTP Headers

GET /pictures/1_pic_1.jpg HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=8t0r1ohd6ard6rteqi8or6i865

HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 07:37:07 GMT
Server: Apache
Last-Modified: Sat, 17 Feb 2018 08:43:58 GMT
Accept-Ranges: bytes
Content-Length: 264696
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/jpeg

www.allwellinst.com/images/loading.gif

142.4.9.224

200 OK

4.8 kB

URL HTTP/1.1
www.allwellinst.com/images/loading.gif
IP
142.4.9.224:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
GIF image data, version 89a, 24 x 24\012- data
Size
4.8 kB (4765 bytes)
Hash
dd78ac008009bd821d2bf2da98108854
d3665f292d71f9ea2b9a61c476e6e2a9d0d35062
03acb263b1d85f824676b3cad66f9660c73d278f06e519c7ea727593ab4f5a13

HTTP Headers

GET /images/loading.gif HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=8t0r1ohd6ard6rteqi8or6i865

HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 07:37:07 GMT
Server: Apache
Last-Modified: Mon, 05 Sep 2016 11:11:24 GMT
Accept-Ranges: bytes
Content-Length: 4765
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/gif

www.allwellinst.com/images/a12.png

142.4.9.224

200 OK

2.5 kB

URL HTTP/1.1
www.allwellinst.com/images/a12.png
IP
142.4.9.224:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 400 x 90, 8-bit/color RGBA, non-interlaced\012- data
Size
2.5 kB (2483 bytes)
Hash
bb9fcee03a7288c2083eb15e31f18e1d
7d2a90b91ab8891d4071ea412cf805a737ae5d8c
5e9ddb467a2a395462d2bebf1ab0424c92b081e250497106b1105ea10efe5b55

HTTP Headers

GET /images/a12.png HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=8t0r1ohd6ard6rteqi8or6i865

HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 07:37:07 GMT
Server: Apache
Last-Modified: Mon, 05 Sep 2016 11:11:24 GMT
Accept-Ranges: bytes
Content-Length: 2483
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/png

fonts.googleapis.com/css?family=Roboto:400,400italic,300italic,300,500,700

142.250.74.10

200 OK

2.3 kB

URL HTTP/2
fonts.googleapis.com/css?family=Roboto:400,400italic,300italic,300,500,700
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type
data
Size
2.3 kB (2250 bytes)
Hash
c81c8c1ecd6ea3eab1d98fbbc42d9681
6bf13fc5a7a7b59760bdebf44fb963d314fd8484
b5b0a48db7ad586cc950d51b2666024f4402778d0f7ebf1898dace6e41ca707d

HTTP Headers

GET /css?family=Roboto:400,400italic,300italic,300,500,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.allwellinst.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 23 Oct 2022 07:37:05 GMT
date: Sun, 23 Oct 2022 07:37:05 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.allwellinst.com/pictures/59_banner.jpg

142.4.9.224

200 OK

284 kB

URL HTTP/1.1
www.allwellinst.com/pictures/59_banner.jpg
IP
142.4.9.224:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1600x635, components 3\012- data
Size
284 kB (283598 bytes)
Hash
2f7d666c2a31446e6a64ae271420752c
598601e5cb989380e5522f3fa4b053b0c26c26df
b9c21749c2f59b012ee76cd61095115a14622e7af1cf86e38d83010dc8fd4d81

HTTP Headers

GET /pictures/59_banner.jpg HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=8t0r1ohd6ard6rteqi8or6i865

HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 07:37:07 GMT
Server: Apache
Last-Modified: Tue, 27 Feb 2018 12:38:58 GMT
Accept-Ranges: bytes
Content-Length: 283598
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/jpeg

www.allwellinst.com/images/pdficon.png

142.4.9.224

200 OK

11 kB

URL HTTP/1.1
www.allwellinst.com/images/pdficon.png
IP
142.4.9.224:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 109 x 114, 8-bit/color RGBA, non-interlaced\012- data
Size
11 kB (11032 bytes)
Hash
59099d4d98e3d966e7d30955afeeb58f
19bda665c297c6a52b5d5a25dac1b96a8dffa844
079c59279d9a4ae1feb0086a299d06b6efe1bc6549d3c8529fb023f7234858b6

HTTP Headers

GET /images/pdficon.png HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=8t0r1ohd6ard6rteqi8or6i865

HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 07:37:07 GMT
Server: Apache
Last-Modified: Sat, 10 Feb 2018 18:17:28 GMT
Accept-Ranges: bytes
Content-Length: 11032
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/png

www.allwellinst.com/pictures/8_pic_1.jpg

142.4.9.224

200 OK

109 kB

URL HTTP/1.1
www.allwellinst.com/pictures/8_pic_1.jpg
IP
142.4.9.224:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS Windows, datetime=2014:01:02 16:56:12], baseline, precision 8, 1060x334, components 3\012- data
Size
109 kB (108703 bytes)
Hash
4d9bea88a1847747d99e37c65db0231c
8767ce4f5e883456e328a68f080be0d2db535f5e
fdab77b9963c66345daf9abecc69ffba8e889e60ae9a1b46c9e6bc824e0086d3

HTTP Headers

GET /pictures/8_pic_1.jpg HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=8t0r1ohd6ard6rteqi8or6i865

HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 07:37:07 GMT
Server: Apache
Last-Modified: Thu, 21 Mar 2019 09:55:44 GMT
Accept-Ranges: bytes
Content-Length: 108703
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/jpeg

www.allwellinst.com/pictures/120588221_90_pic_2.jpg

142.4.9.224

200 OK

57 kB

URL HTTP/1.1
www.allwellinst.com/pictures/120588221_90_pic_2.jpg
IP
142.4.9.224:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 10000", baseline, precision 8, 386x386, components 3\012- data
Size
57 kB (56782 bytes)
Hash
67b37ed9ab9bb9f97abf9e27342d8f6a
17fa86cee1e3bc59f79f254f46999506c6699a62
fcb467fd6e1e471080a974f970c47cad2550f2eab9c7d961e17285dc9662b25c

HTTP Headers

GET /pictures/120588221_90_pic_2.jpg HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=8t0r1ohd6ard6rteqi8or6i865

HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 07:37:07 GMT
Server: Apache
Last-Modified: Wed, 05 Sep 2018 06:33:26 GMT
Accept-Ranges: bytes
Content-Length: 56782
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/jpeg

www.allwellinst.com/pictures/776475135_91_pic_2.jpg

142.4.9.224

200 OK

120 kB

URL HTTP/1.1
www.allwellinst.com/pictures/776475135_91_pic_2.jpg
IP
142.4.9.224:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 10000", baseline, precision 8, 450x450, components 3\012- data
Size
120 kB (119975 bytes)
Hash
e19efa17a71185e7e8d1752aa6cb14d7
c596f42b3fe416deeb9c3d2a6328beb5eb207b7b
fb3c03fdb6b486d1498b0ec42945e6b35b29f7fd0eff9224b796ac5635a57997

HTTP Headers

GET /pictures/776475135_91_pic_2.jpg HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=8t0r1ohd6ard6rteqi8or6i865

HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 07:37:07 GMT
Server: Apache
Last-Modified: Wed, 05 Sep 2018 06:44:18 GMT
Accept-Ranges: bytes
Content-Length: 119975
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/jpeg

www.allwellinst.com/images/searchicon.png

142.4.9.224

200 OK

1.4 kB

URL HTTP/1.1
www.allwellinst.com/images/searchicon.png
IP
142.4.9.224:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced\012- data
Size
1.4 kB (1391 bytes)
Hash
a79ce09b335d10eb2cc6ea14793e72b3
6d306d36329b4a366922ed40ef6a4ab7a04f2589
017b7570cace05d49c60dc2a7a8f5940434c8dd7b6210fdda6bbb77dac2bc155

HTTP Headers

GET /images/searchicon.png HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=8t0r1ohd6ard6rteqi8or6i865

HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 07:37:07 GMT
Server: Apache
Last-Modified: Sat, 13 Jan 2018 23:20:08 GMT
Accept-Ranges: bytes
Content-Length: 1391
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/png

www.allwellinst.com/pictures/61_banner.jpg

142.4.9.224

200 OK

420 kB

URL HTTP/1.1
www.allwellinst.com/pictures/61_banner.jpg
IP
142.4.9.224:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1600x635, components 3\012- data
Size
420 kB (419483 bytes)
Hash
4d3a486afcdc2cd7f73852b8c4a14460
635e4e3f99cf2f0626f8c7d9287be15e77df7b4b
1170e189732b2bb206e44e1e68a09fc5b3954d84ab25df23aa980c37a4186a26

HTTP Headers

GET /pictures/61_banner.jpg HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=8t0r1ohd6ard6rteqi8or6i865

HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 07:37:07 GMT
Server: Apache
Last-Modified: Mon, 26 Feb 2018 07:27:47 GMT
Accept-Ranges: bytes
Content-Length: 419483
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/jpeg

www.allwellinst.com/pictures/64_banner.jpg

142.4.9.224

200 OK

482 kB

URL HTTP/1.1
www.allwellinst.com/pictures/64_banner.jpg
IP
142.4.9.224:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1900x700, components 3\012- data
Size
482 kB (481486 bytes)
Hash
8fb225d84f69eec7beaaa157f7e52333
8a10621483afbdc05ff78668d0bcb96b884fd173
4399febb736e5cc4e81aa23a0680d0052af7101692d6c7bdab33edbf269403e4

HTTP Headers

GET /pictures/64_banner.jpg HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=8t0r1ohd6ard6rteqi8or6i865

HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 07:37:07 GMT
Server: Apache
Last-Modified: Fri, 13 Sep 2019 10:41:33 GMT
Accept-Ranges: bytes
Content-Length: 481486
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/jpeg

www.allwellinst.com/pictures/60_banner.jpg

142.4.9.224

200 OK

379 kB

URL HTTP/1.1
www.allwellinst.com/pictures/60_banner.jpg
IP
142.4.9.224:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1600x635, components 3\012- data
Size
379 kB (378840 bytes)
Hash
ef0dade9d3d8c3b63c9fbc5e7e9fa32a
f4d375b92280bdab1f0edfa7062a2994d71e5790
c76b12b1306abe8bfe76eb5689866c25b428700308c7de32378e06cd8a65eb18

HTTP Headers

GET /pictures/60_banner.jpg HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=8t0r1ohd6ard6rteqi8or6i865

HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 07:37:07 GMT
Server: Apache
Last-Modified: Mon, 26 Feb 2018 07:27:35 GMT
Accept-Ranges: bytes
Content-Length: 378840
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: image/jpeg

www.allwellinst.com/images/favicon.ico

142.4.9.224

200 OK

856 B

URL HTTP/1.1
www.allwellinst.com/images/favicon.ico
IP
142.4.9.224:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Size
856 B (856 bytes)
Hash
216d5934ddce5085be2f7089c7fbbd76
788b079fb8798047a15fb63769e78dd9df351c4b
ae45562a56670510953744a6b7efd913a4861200a2833a53a19171205638b255

HTTP Headers

GET /images/favicon.ico HTTP/1.1
Host: www.allwellinst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.allwellinst.com/
Cookie: PHPSESSID=8t0r1ohd6ard6rteqi8or6i865

HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 07:37:08 GMT
Server: Apache
Last-Modified: Fri, 13 Sep 2019 09:55:57 GMT
Accept-Ranges: bytes
Content-Length: 856
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/x-icon

fonts.googleapis.com/css?family=PT+Sans+Caption:700

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=PT+Sans+Caption:700
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=PT+Sans+Caption:700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.allwellinst.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 23 Oct 2022 07:37:05 GMT
date: Sun, 23 Oct 2022 07:37:05 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (21)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations