Report - dailyhealthseries.com/vgsx/231ead02c0fa940c74c06e56f085d02d/4ac2b/finish-step.html

Report Overview

Submitted URL
dailyhealthseries.com/vgsx/231ead02c0fa940c74c06e56f085d02d/4ac2b/finish-step.html
IP
184.154.14.116
ASN
#32475 SINGLEHOP-LLC
Submitted
2023-02-08 01:24:40
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
20

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	3.0 kB	8.0 kB	95.101.11.115
www.dailyhealthseries.com	unknown	2019-06-18T10:34:28Z	2023-02-23T09:43:52Z	8.6 kB	394 kB	184.154.14.116
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	3.2 kB	57 kB	34.120.237.76
stats.wp.com	2711	2017-01-30T06:06:59Z	2023-03-13T05:11:02Z	369 B	100 kB	192.0.76.3
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.8 kB	34.160.144.191
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	52.39.57.61
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-13T05:09:47Z	1.7 kB	3.5 kB	142.250.74.3
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-13T08:44:36Z	1.0 kB	43 kB	216.58.207.227
dailyhealthseries.com	unknown	2019-06-18T10:34:27Z	2023-02-23T09:43:52Z	924 B	1.2 kB	184.154.14.116
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782 B	2.4 kB	35.241.9.150
c0.wp.com	6988	2018-09-24T17:59:05Z	2023-03-13T05:09:43Z	3.8 kB	66 kB	192.0.77.37
pixel.wp.com	2545	2017-01-30T06:31:40Z	2023-03-13T05:11:03Z	539 B	239 B	192.0.76.3
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-13T08:14:31Z	460 B	17 kB	142.250.74.74

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-02-08	medium	dailyhealthseries.com/vgsx/231ead02c0fa940c74c06e56f085d02d/4ac2b/finish-step.html	Phishing
2023-02-08	medium	dailyhealthseries.com/vgsx/231ead02c0fa940c74c06e56f085d02d/4ac2b/finish-step.html	Phishing
2023-02-08	medium	www.dailyhealthseries.com/vgsx/231ead02c0fa940c74c06e56f085d02d/4ac2b/finish-step.html	Phishing
2023-02-08	medium	www.dailyhealthseries.com/	Phishing
2023-02-08	medium	www.dailyhealthseries.com/wp-content/cache/wpfc-minified/7n56rf/6egym.js	Phishing
2023-02-08	medium	www.dailyhealthseries.com/wp-content/cache/wpfc-minified/dvf343c6/6egym.js	Phishing
2023-02-08	medium	www.dailyhealthseries.com/wp-content/cache/wpfc-minified/qwol39sy/6ehlg.js	Phishing
2023-02-08	medium	www.dailyhealthseries.com/wp-content/uploads/2019/01/Untitled-2.svg	Phishing
2023-02-08	medium	www.dailyhealthseries.com/wp-content/themes/mts_seekers/fonts/fontawesome-webfont.woff2	Phishing
2023-02-08	medium	www.dailyhealthseries.com/page/2/	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (15)

	URL	Size	First Seen	Last Seen
	c0.wp.com/c/6.1.1/wp-includes/js/jquery/jquery-migrate.min.js	11 kB	2023-03-07	2024-05-01
Pretty URL c0.wp.com/c/6.1.1/wp-includes/js/jquery/jquery-migrate.min.js IP 192.0.77.37 ASN #2635 AUTOMATTIC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-05-01 20:16:37 Times Seen68864 Hash 79b4956b7ec478ec10244b5e2d33ac7d a46025b9d05e3df30d610a8aef14f392c7058dc9 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300 Loading...

	www.dailyhealthseries.com/wp-content/cache/wpfc-minified/qwol39sy/6ehlg.js	161 kB	2023-03-13	2023-03-13
Pretty URL www.dailyhealthseries.com/wp-content/cache/wpfc-minified/qwol39sy/6ehlg.js IP 184.154.14.116 ASN #32475 SINGLEHOP-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 19:22:09 Last Seen2023-03-13 19:22:10 Times Seen1 Hash b2035aaa4d26483264148e4e093a04d4 f7cec2445c4a423377503691eb9713a2a9c957ec 5c08ccb39dafc22ae5d63b09200daab7e55a89e8d44da49dad62c8104c4fa62a Loading...

	www.dailyhealthseries.com/	687 B	2023-03-13	2023-11-02
Pretty URL www.dailyhealthseries.com/ IP 184.154.14.116 ASN #32475 SINGLEHOP-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 19:22:09 Last Seen2023-11-02 10:41:29 Times Seen3 Hash b0851795b2ed36f5580b7040efe3ef22 b4136190360204ac36e48315283dcf8103630c50 31b70b4f343967f5009efad7787352015775d6d58ebd1d414773c0691b115c78 Loading...

	www.dailyhealthseries.com/	163 B	2023-03-13	2023-03-13
Pretty URL www.dailyhealthseries.com/ IP 184.154.14.116 ASN #32475 SINGLEHOP-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 19:22:09 Last Seen2023-03-13 19:22:10 Times Seen1 Hash 15facc6d3c23bdbc73b810aea03165a8 db4f9d6f6c4e064dfc54f7320b848ea852e632c4 dae9861729c3bba4c655a7f79cfbbfcd3ccf11428d5918638b72609d5bf54bb6 Loading...

	stats.wp.com/e-202251.js	9.0 kB	2023-03-07	2024-01-05
Pretty URL stats.wp.com/e-202251.js IP 192.0.76.3 ASN #2635 AUTOMATTIC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:19 Last Seen2024-01-05 09:08:33 Times Seen3233 Hash 9152c169155daa333287728cb8e4ae93 1e45a9ea1464acf983f022567cb9f669f4c77f65 82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302 Loading...

	www.dailyhealthseries.com/	604 B	2023-03-13	2023-11-02
Pretty URL www.dailyhealthseries.com/ IP 184.154.14.116 ASN #32475 SINGLEHOP-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 19:22:09 Last Seen2023-11-02 10:41:29 Times Seen3 Hash 2acfa0e81715af13c3248fec6a51e9b8 6a85a9f22a02982bb87f1e91c6cfbb5717f94aa8 6e6ccbcaf1a643ff8ae0f5fb26aefa24b24b84d03ec42571c616089b84baf8cf Loading...

	www.dailyhealthseries.com/	96 B	2023-03-07	2024-05-01
Pretty URL www.dailyhealthseries.com/ IP 184.154.14.116 ASN #32475 SINGLEHOP-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:51 Last Seen2024-05-01 20:46:59 Times Seen10674 Hash eb3a538fd2a39c22198e72c3b9f498a7 c966ebdbd2701a0980a85671126664f3892d4f1e ac233233e7bcaf806041b243578fab081dced8a045d9a82756410da9ea2382a1 Loading...

	c0.wp.com/c/6.1.1/wp-includes/js/underscore.min.js	19 kB	2023-03-08	2024-05-01
Pretty URL c0.wp.com/c/6.1.1/wp-includes/js/underscore.min.js IP 192.0.77.37 ASN #2635 AUTOMATTIC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:26:29 Last Seen2024-05-01 23:34:19 Times Seen41763 Hash f88d5720bb454ed5d204cbdb56901f6b f1952292fde4b15936e9aac16b2b9896684db95b 726b820e44f6ab90ad991d30a4bf26d3a5d71493cbcd1fb1efd0d14e89b9df2a Loading...

	c0.wp.com/c/6.1.1/wp-includes/js/wp-util.min.js	1.4 kB	2023-03-08	2024-05-01
Pretty URL c0.wp.com/c/6.1.1/wp-includes/js/wp-util.min.js IP 192.0.77.37 ASN #2635 AUTOMATTIC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:26:29 Last Seen2024-05-01 23:34:19 Times Seen24609 Hash 19d386c9004e54941c1cc61d357efa5d 0a77594006c8d86fdcc0adbc2b9aecaef3869586 3bc6467a95cec8fa516c6f5f69e1301e37e16f9bb1046fe7756729249f901b95 Loading...

	www.dailyhealthseries.com/	179 B	2023-03-13	2023-03-13
Pretty URL www.dailyhealthseries.com/ IP 184.154.14.116 ASN #32475 SINGLEHOP-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 19:22:09 Last Seen2023-03-13 19:22:10 Times Seen1 Hash 5f99413a7a92727f4aca3dd0c5abb98a 5527696102a4867f23209262ad34ffdfa5a72870 44ce04ec6c2f4c98a79d1490e0a1fbfc1e3fe9869dd60fa3b6ed0f274da5d502 Loading...

	www.dailyhealthseries.com/wp-content/cache/wpfc-minified/7n56rf/6egym.js	2.3 kB	2023-03-13	2023-03-13
Pretty URL www.dailyhealthseries.com/wp-content/cache/wpfc-minified/7n56rf/6egym.js IP 184.154.14.116 ASN #32475 SINGLEHOP-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 19:22:09 Last Seen2023-03-13 19:22:10 Times Seen1 Hash 92172e045324a223b89ec8219c00b80e 347a3477ec9a39a9df0283ad15ca0052d7077770 682468fc61b3870cdd1d32a1b36d4aa6dc667e0e6a1cd6745f139267fcaee77a Loading...

	www.dailyhealthseries.com/	190 B	2023-03-13	2023-03-13
Pretty URL www.dailyhealthseries.com/ IP 184.154.14.116 ASN #32475 SINGLEHOP-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 19:22:09 Last Seen2023-03-13 19:22:10 Times Seen1 Hash a038fb2f57aa0b7d6fc1231312266e13 4f701d28025523cd478706b3f2d0bf5928557b9a c063557b68b4bc92fa6f942cf73854dcafe1f6eb17325e925a1157c2642653d4 Loading...

	c0.wp.com/c/6.1.1/wp-includes/js/jquery/jquery.min.js	90 kB	2023-03-08	2024-05-01
Pretty URL c0.wp.com/c/6.1.1/wp-includes/js/jquery/jquery.min.js IP 192.0.77.37 ASN #2635 AUTOMATTIC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:21:46 Last Seen2024-05-01 20:16:37 Times Seen31903 Hash 17738318d61d394f1de8890d589afaec f6d0c4dc1399cf02d53f5753ad46573a8bbc2ac3 cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981 Loading...

	www.dailyhealthseries.com/wp-content/cache/wpfc-minified/dvf343c6/6egym.js	8.2 kB	2023-03-13	2023-03-13
Pretty URL www.dailyhealthseries.com/wp-content/cache/wpfc-minified/dvf343c6/6egym.js IP 184.154.14.116 ASN #32475 SINGLEHOP-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 19:22:09 Last Seen2023-03-13 19:22:10 Times Seen1 Hash a0eb470e49b64efc1e671c9c734c4755 4a8017c38f6e1e8148cd71bc76dee332ea2c0e7e dcaf0bf97151e1951cad04eace0b4d97d027854ddadf5bb295af3069e4299e91 Loading...

	www.dailyhealthseries.com/	33 B	2023-03-07	2024-02-19
Pretty URL www.dailyhealthseries.com/ IP 184.154.14.116 ASN #32475 SINGLEHOP-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:03 Last Seen2024-02-19 05:25:48 Times Seen72 Hash 309d8f191a4e7e024ffd8f41423c6458 8e6414b0be91fcec72576e7cb3e87c93a769400b 2d8d488c022f9e580565a5f4a47ebacae9c45adccf933dce2a654666c452c778 Loading...

HTTP Transactions (59)

URL IP Response Size

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b7407cc102d62a5acd5e61f8a79bed36
c2f4890a62454e514962b55b7fc14228339c8e90
be282de92da261128a7c8471f3067466aa9930fd0ab2a2cdda8cd2d6ce2bbd74

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BE282DE92DA261128A7C8471F3067466AA9930FD0AB2A2CDDA8CD2D6CE2BBD74"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19905
Expires: Wed, 08 Feb 2023 06:56:14 GMT
Date: Wed, 08 Feb 2023 01:24:29 GMT
Connection: keep-alive

dailyhealthseries.com/vgsx/231ead02c0fa940c74c06e56f085d02d/4ac2b/finish-step.html

184.154.14.116

301 Moved Permanently

298 B

URL HTTP/1.1
dailyhealthseries.com/vgsx/231ead02c0fa940c74c06e56f085d02d/4ac2b/finish-step.html
IP
184.154.14.116:0
ASN
#32475 SINGLEHOP-LLC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
298 B (298 bytes)
Hash
8832c663049a1f414b026b26918b8beb
bd4a80d39a5c6f9967d136594722eda03f9b7355
7005d45c0100794b14700834f7cd3f0df432a66d2b605e9fd446ad9339303ff0

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /vgsx/231ead02c0fa940c74c06e56f085d02d/4ac2b/finish-step.html HTTP/1.1
Host: dailyhealthseries.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Wed, 08 Feb 2023 01:24:28 GMT
Server: Apache
Location: https://dailyhealthseries.com/vgsx/231ead02c0fa940c74c06e56f085d02d/4ac2b/finish-step.html
Content-Length: 298
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
565c1bbc5c1c40be1988b3bf6fd9dc1a
cfdba5bc597130461dd67bf6cda53183be592493
60ceb36a8329c92fc49a3caf50daf511a38e01eac21a07d7a0a838166bea058d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "60CEB36A8329C92FC49A3CAF50DAF511A38E01EAC21A07D7A0A838166BEA058D"
Last-Modified: Mon, 06 Feb 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3593
Expires: Wed, 08 Feb 2023 02:24:22 GMT
Date: Wed, 08 Feb 2023 01:24:29 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Content-Type, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 08 Feb 2023 00:36:32 GMT
content-type: application/json
age: 2877
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
cc14b0d2f7c451f6431dc87ba54d1d60
bab8bfda6fa3e2f17125353f5147211787dc25d0
b58fe18a5cc8fe5aaf49ba7eadd0ef34692892e68e9c52eb5bb56ea27e1300ad

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B58FE18A5CC8FE5AAF49BA7EADD0EF34692892E68E9C52EB5BB56EA27E1300AD"
Last-Modified: Mon, 06 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11273
Expires: Wed, 08 Feb 2023 04:32:22 GMT
Date: Wed, 08 Feb 2023 01:24:29 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
e76071a28ee566dababb3834f46d68ed
aebb4e68c1ba2de0f90025283e8ed8470944fde0
78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: 8RGu4TGLKJs0CJDFMmpwZ9HxYpdSYjL48zWLHlGbEJUJyCf6NKoURbt3OpNykMUh7nRT/iaIcoY=
x-amz-request-id: M672RH8C3DMPM8G7
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 08 Feb 2023 00:45:46 GMT
age: 2323
last-modified: Sun, 29 Jan 2023 18:44:47 GMT
etag: "e76071a28ee566dababb3834f46d68ed"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 01:24:29 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Content-Type, Pragma, ETag, Retry-After, Backoff, Expires, Alert, Cache-Control, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 08 Feb 2023 00:51:19 GMT
age: 1990
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9b88bae61bca33aba8aa99f6128db8d9
a07b61fb2458917699613fcae68710941b595416
54915c2f79822732e06a592d027da421ad1e7a6458c545f98333db25612b3dea

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "54915C2F79822732E06A592D027DA421AD1E7A6458C545F98333DB25612B3DEA"
Last-Modified: Mon, 06 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13795
Expires: Wed, 08 Feb 2023 05:14:24 GMT
Date: Wed, 08 Feb 2023 01:24:29 GMT
Connection: keep-alive

dailyhealthseries.com/vgsx/231ead02c0fa940c74c06e56f085d02d/4ac2b/finish-step.html

184.154.14.116

301 Moved Permanently

0 B

URL HTTP/1.1
dailyhealthseries.com/vgsx/231ead02c0fa940c74c06e56f085d02d/4ac2b/finish-step.html
IP
184.154.14.116:0
ASN
#32475 SINGLEHOP-LLC

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /vgsx/231ead02c0fa940c74c06e56f085d02d/4ac2b/finish-step.html HTTP/1.1
Host: dailyhealthseries.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 301 Moved Permanently
Date: Wed, 08 Feb 2023 01:24:29 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Set-Cookie: mtsnb_lastvisited=1675819469; expires=Sat, 05-Feb-2033 01:24:29 GMT; Max-Age=315360000; path=/; secure
Strict-Transport-Security: max-age=31536000
Location: https://www.dailyhealthseries.com/vgsx/231ead02c0fa940c74c06e56f085d02d/4ac2b/finish-step.html
Vary: User-Agent
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

push.services.mozilla.com/

52.39.57.61

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.39.57.61:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Q0JipRTW3pTp1morgw5+zw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: fWU4fKT2OpmsRgMIYtQ2OK+i/aU=

www.dailyhealthseries.com/vgsx/231ead02c0fa940c74c06e56f085d02d/4ac2b/finish-step.html

184.154.14.116

301 Moved Permanently

0 B

URL HTTP/1.1
www.dailyhealthseries.com/vgsx/231ead02c0fa940c74c06e56f085d02d/4ac2b/finish-step.html
IP
184.154.14.116:0
ASN
#32475 SINGLEHOP-LLC

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /vgsx/231ead02c0fa940c74c06e56f085d02d/4ac2b/finish-step.html HTTP/1.1
Host: www.dailyhealthseries.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 301 Moved Permanently
Date: Wed, 08 Feb 2023 01:24:30 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Set-Cookie: mtsnb_lastvisited=1675819470; expires=Sat, 05-Feb-2033 01:24:30 GMT; Max-Age=315360000; path=/; secure
Strict-Transport-Security: max-age=31536000
Location: https://www.dailyhealthseries.com
Vary: User-Agent
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

www.dailyhealthseries.com/

184.154.14.116

200 OK

7.4 kB

URL HTTP/1.1
www.dailyhealthseries.com/
IP
184.154.14.116:0
ASN
#32475 SINGLEHOP-LLC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9381)
Size
7.4 kB (7408 bytes)
Hash
2f23d70d10a85c8616f0234900d9f844
24764b0a9807ff823ff31e5591abe49479b74844
d420003f4c95401a25ee38288f672102468de567954ba1f63060fa5b8012d971

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: www.dailyhealthseries.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: mtsnb_lastvisited=1675819470
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 01:24:31 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Vary: Cookie,User-Agent,Accept-Encoding
Last-Modified: Thu, 22 Dec 2022 06:08:48 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Cache-Control: max-age=0, no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: Mon, 29 Oct 1923 20:30:00 GMT
Content-Length: 7408
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

c0.wp.com/c/6.1.1/wp-includes/css/classic-themes.min.css

192.0.77.37

200 OK

217 B

URL HTTP/2
c0.wp.com/c/6.1.1/wp-includes/css/classic-themes.min.css
IP
192.0.77.37:0
ASN
#2635 AUTOMATTIC

File type
ASCII text
Size
217 B (217 bytes)
Hash
95e891f28e44a9b314c09545d86be2b7
f9b13a8bd47273b086a0a07df15f314e0af0bc3e
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

HTTP Headers

GET /c/6.1.1/wp-includes/css/classic-themes.min.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dailyhealthseries.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 01:24:31 GMT
content-type: text/css
content-length: 217
last-modified: Tue, 25 Oct 2022 13:45:16 GMT
expires: Thu, 08 Feb 2024 01:24:31 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
325a8a10ce2837a8c6820e30572d181c
195d6189f0f10fcb301fce3af4c27028bbcb9eaa
2f1a0e948582fa64266617acc77e9beb71c5031d9cffe1bed1393a554f259810

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 01:24:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.dailyhealthseries.com/wp-content/cache/wpfc-minified/knao3b31/6egym.css

184.154.14.116

200 OK

14 kB

URL HTTP/1.1
www.dailyhealthseries.com/wp-content/cache/wpfc-minified/knao3b31/6egym.css
IP
184.154.14.116:0
ASN
#32475 SINGLEHOP-LLC

File type
ASCII text, with very long lines (65536), with no line terminators
Size
14 kB (13645 bytes)
Hash
c5b023442ecab61d37758dad9b7cd5d3
73e571b26461b9abec0d0ff9d67f5f0656068a96
9feb97f60907d3c21b6558a254176f84c9917f94e9b3819aac0f5db781f9e8c8

HTTP Headers

GET /wp-content/cache/wpfc-minified/knao3b31/6egym.css HTTP/1.1
Host: www.dailyhealthseries.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dailyhealthseries.com/
Cookie: mtsnb_lastvisited=1675819470
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 01:24:31 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Last-Modified: Sun, 25 Apr 2021 18:10:32 GMT
Accept-Ranges: bytes
Cache-Control: max-age=10368000
Expires: max-age=A10368000, public
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Connection: keep-alive, Keep-Alive
Content-Length: 13645
Keep-Alive: timeout=5, max=98
Content-Type: text/css

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
68273225f74fbf7493f395610d7a73fc
5a8779ef5656aeeba23b365aad60b7901c5dd7fc
c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7313
Expires: Wed, 08 Feb 2023 03:26:24 GMT
Date: Wed, 08 Feb 2023 01:24:31 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc7e586b8-49f5-40c3-b0d4-f6cdfc375a2b.jpeg

34.120.237.76

200 OK

9.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc7e586b8-49f5-40c3-b0d4-f6cdfc375a2b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.8 kB (9760 bytes)
Hash
18a84ae645223aba0709b5e16c0207f7
0b865e797846520ccc6fff6fb2ee38d8836bd2c0
b1e4868045f074a84e3de1d82ec3ae22f6d2a1a4131b2a40bcce7f3f5375aff7

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc7e586b8-49f5-40c3-b0d4-f6cdfc375a2b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9760
x-amzn-requestid: 87a47ecc-20d5-49f5-b0df-149764b8de70
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f58GkEyVIAMF7rA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e0a6f6-3ddaec37482a7a0a22899279;Sampled=0
x-amzn-remapped-date: Mon, 06 Feb 2023 07:06:30 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Vzm5Icx0826Yup-nqN0aAdGJLl9Q7urlUjGLUHxUqRWB_qSb4tupXQ==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 07:26:33 GMT
age: 64678
etag: "0b865e797846520ccc6fff6fb2ee38d8836bd2c0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
68273225f74fbf7493f395610d7a73fc
5a8779ef5656aeeba23b365aad60b7901c5dd7fc
c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7313
Expires: Wed, 08 Feb 2023 03:26:24 GMT
Date: Wed, 08 Feb 2023 01:24:31 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
68273225f74fbf7493f395610d7a73fc
5a8779ef5656aeeba23b365aad60b7901c5dd7fc
c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7313
Expires: Wed, 08 Feb 2023 03:26:24 GMT
Date: Wed, 08 Feb 2023 01:24:31 GMT
Connection: keep-alive

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffcee4072-2c9e-4db4-b200-065a1ef67ace.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10202 bytes)
Hash
f175de8eebe398f5de2829cd551b3f04
e6da63e9b03289bfded190d999a20da78232437c
b5d1ee4bd6186cbac1e4ac037766c9e453e166b0cfb2e08004cb11b8bb7daa88

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffcee4072-2c9e-4db4-b200-065a1ef67ace.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10202
x-amzn-requestid: 15e6c7ee-acef-4638-9a15-a01864ac74f6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_PEYFZOoAMFzEA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c54f-3681217a71e5b9472b9cdb8a;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:40:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: PyOVGtKFSYIU2don5C7_L_pTUxdP_VEAhLZUhtBWo2PZ4kvPqaTg9g==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 21:55:22 GMT
etag: "e6da63e9b03289bfded190d999a20da78232437c"
content-type: image/jpeg
age: 12549
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbee0b552-d236-4fa2-b702-1571b09d3fd6.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.1 kB (6060 bytes)
Hash
db6e81972b8835dc48a0dae751ffde5f
826e2195cc52905cfed0bc4f01646290261113b6
720e6105b2ccc9cbc8fd005d53873ced5467a852c7a5041ce2ef96785c0d92f7

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbee0b552-d236-4fa2-b702-1571b09d3fd6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6060
x-amzn-requestid: 80cbc454-e1b4-4e53-a3b6-3a5ac11920c7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_PPQEPNIAMFkqA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c594-4539ebb17f27d88a47100a82;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:41:40 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: WvujLqUMXZ4VAF2OePAIOdk96p6-GwwVcWEGORS2NKZ3XxgGIZHAww==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 21:55:15 GMT
age: 12556
etag: "826e2195cc52905cfed0bc4f01646290261113b6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
68273225f74fbf7493f395610d7a73fc
5a8779ef5656aeeba23b365aad60b7901c5dd7fc
c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7313
Expires: Wed, 08 Feb 2023 03:26:24 GMT
Date: Wed, 08 Feb 2023 01:24:31 GMT
Connection: keep-alive

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6de3153-62d2-494b-8acf-6d3ac8adba7d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (13160 bytes)
Hash
003fc35e140a75a12b7795c3986426ec
da002b22e2a01f48a545b369d4403eabb17a10d5
bb0754411aa7d0a5036b86b282d0e93d13227765ca9ccaf3a34e8e486cb413d1

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6de3153-62d2-494b-8acf-6d3ac8adba7d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 13160
x-amzn-requestid: 34aa6dfe-7f14-48d0-89b2-90548621be79
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fzVxSHh7IAMFjAg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63de033b-49587fff75aebe96136137be;Sampled=0
x-amzn-remapped-date: Sat, 04 Feb 2023 07:03:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 81DTnHIh40lNEi6l5hC87Vo9R8k4w79Fr71zibyvGP0iJm4kmhWITA==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 07:45:27 GMT
age: 63544
etag: "da002b22e2a01f48a545b369d4403eabb17a10d5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8a8e532-be72-47cc-8389-e8f28ffc3c2a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.3 kB (4269 bytes)
Hash
33b061f03be149fea0df63b42a8ec226
e5e491c6ef8b6234450a34ee5df28b9a58a8ad43
a5970bbb40be173878cd2e920bd1a6ed27775fbdc222bb66ccbc5969984882f1

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8a8e532-be72-47cc-8389-e8f28ffc3c2a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4269
x-amzn-requestid: df152b3a-fa15-4dac-96f9-41b9ea8e5136
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_OkQH5PoAMFl1g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c481-63636a42419209fb0c17eceb;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:37:05 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 0hu3nATq26ngjS5942rJgt7AcT4wjG0mFfNrtsajSN2PpdAOYhTjFg==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 21:43:42 GMT
age: 13249
etag: "e5e491c6ef8b6234450a34ee5df28b9a58a8ad43"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
68273225f74fbf7493f395610d7a73fc
5a8779ef5656aeeba23b365aad60b7901c5dd7fc
c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7313
Expires: Wed, 08 Feb 2023 03:26:24 GMT
Date: Wed, 08 Feb 2023 01:24:31 GMT
Connection: keep-alive

34.120.237.76

200 OK

6.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5708e132-62b1-4b5b-aa88-fe22e522eb0e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.8 kB (6838 bytes)
Hash
4b327816bc2c6fd7291c75c693685d54
771070be61d0724b1c90ca86ea34c804bd7e501a
d45188239cacc7b228bc75ccc95afb48914aaa434c418cd5b786533e8b9cb983

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5708e132-62b1-4b5b-aa88-fe22e522eb0e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6838
x-amzn-requestid: 54fc5ae9-d37a-46cf-97e0-d05de1417cfb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_O7QEsCoAMFY1w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c514-40de6212468fcd0e78a93708;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:39:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: mgfr5wO7Bj5BVjKYY7O0c4ogLognfq09QrA9khZROr2CVyOWgKTz1g==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 21:52:35 GMT
age: 12716
etag: "771070be61d0724b1c90ca86ea34c804bd7e501a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.dailyhealthseries.com/wp-content/cache/wpfc-minified/2e2fy5b/6egym.css

184.154.14.116

200 OK

338 B

URL HTTP/1.1
www.dailyhealthseries.com/wp-content/cache/wpfc-minified/2e2fy5b/6egym.css
IP
184.154.14.116:0
ASN
#32475 SINGLEHOP-LLC

File type
ASCII text
Size
338 B (338 bytes)
Hash
1e7e59c8d58a9347a9a61fdc56e73eea
5ad40bc04fb7006bfea0757774ccbdd170901a0c
fab924dd582ffc5e4e1508c3d3750166528d24e5adfa18d31b3185555019d968

HTTP Headers

GET /wp-content/cache/wpfc-minified/2e2fy5b/6egym.css HTTP/1.1
Host: www.dailyhealthseries.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dailyhealthseries.com/
Cookie: mtsnb_lastvisited=1675819470
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 01:24:31 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Last-Modified: Sun, 25 Apr 2021 18:10:32 GMT
Accept-Ranges: bytes
Cache-Control: max-age=10368000
Expires: max-age=A10368000, public
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Connection: keep-alive, Keep-Alive
Content-Length: 338
Keep-Alive: timeout=5, max=97
Content-Type: text/css

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
325a8a10ce2837a8c6820e30572d181c
195d6189f0f10fcb301fce3af4c27028bbcb9eaa
2f1a0e948582fa64266617acc77e9beb71c5031d9cffe1bed1393a554f259810

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 01:24:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.dailyhealthseries.com/wp-content/cache/wpfc-minified/7n56rf/6egym.js

184.154.14.116

200 OK

850 B

URL HTTP/1.1
www.dailyhealthseries.com/wp-content/cache/wpfc-minified/7n56rf/6egym.js
IP
184.154.14.116:0
ASN
#32475 SINGLEHOP-LLC

File type
ASCII text
Size
850 B (850 bytes)
Hash
36f8b84612ce7adeeb289c5cc09dd9f6
f12124bb57a6a2b3761ef9fceda7deb6740dc8dd
521162bdfe14a421f088d3aa1bfb55aa82fad3c3eb79354a075861760541979a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/cache/wpfc-minified/7n56rf/6egym.js HTTP/1.1
Host: www.dailyhealthseries.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dailyhealthseries.com/
Cookie: mtsnb_lastvisited=1675819470
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 01:24:31 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Last-Modified: Sun, 25 Apr 2021 18:10:32 GMT
Accept-Ranges: bytes
Cache-Control: max-age=10368000
Expires: max-age=A10368000, public
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Connection: keep-alive, Keep-Alive
Content-Length: 850
Keep-Alive: timeout=5, max=100
Content-Type: application/javascript

www.dailyhealthseries.com/wp-content/cache/wpfc-minified/dvf343c6/6egym.js

184.154.14.116

200 OK

3.0 kB

URL HTTP/1.1
www.dailyhealthseries.com/wp-content/cache/wpfc-minified/dvf343c6/6egym.js
IP
184.154.14.116:0
ASN
#32475 SINGLEHOP-LLC

File type
ASCII text, with very long lines (1694)
Size
3.0 kB (2989 bytes)
Hash
6baf4c3044f50ed19cd449ddb7102e0a
56dee8ec5b4951b1f22aab883db5800eb4d90ace
65c7349e89884f77dc968fb305f4099a132628ec731a2dc89ebc163906a42ab1

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/cache/wpfc-minified/dvf343c6/6egym.js HTTP/1.1
Host: www.dailyhealthseries.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dailyhealthseries.com/
Cookie: mtsnb_lastvisited=1675819470
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 01:24:31 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Last-Modified: Sun, 25 Apr 2021 18:10:32 GMT
Accept-Ranges: bytes
Cache-Control: max-age=10368000
Expires: max-age=A10368000, public
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Connection: keep-alive, Keep-Alive
Content-Length: 2989
Keep-Alive: timeout=5, max=100
Content-Type: application/javascript

www.dailyhealthseries.com/wp-content/cache/wpfc-minified/llgsbue7/6ehlg.css

184.154.14.116

200 OK

19 kB

URL HTTP/1.1
www.dailyhealthseries.com/wp-content/cache/wpfc-minified/llgsbue7/6ehlg.css
IP
184.154.14.116:0
ASN
#32475 SINGLEHOP-LLC

File type
Unicode text, UTF-8 text, with very long lines (31139)
Size
19 kB (19227 bytes)
Hash
202f773ca586c88a7b550729314ade4c
fbfdf7e653b48fbe831408d532813c31f8b6dd2f
6525c93f6f0837d044174623973ff237d6d0546fde720e4eb3335ef8bbcb12c5

HTTP Headers

GET /wp-content/cache/wpfc-minified/llgsbue7/6ehlg.css HTTP/1.1
Host: www.dailyhealthseries.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dailyhealthseries.com/
Cookie: mtsnb_lastvisited=1675819470
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 01:24:31 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Last-Modified: Sun, 25 Apr 2021 18:14:04 GMT
Accept-Ranges: bytes
Cache-Control: max-age=10368000
Expires: max-age=A10368000, public
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Connection: keep-alive, Keep-Alive
Content-Length: 19227
Keep-Alive: timeout=5, max=100
Content-Type: text/css

www.dailyhealthseries.com/wp-content/cache/wpfc-minified/qwol39sy/6ehlg.js

184.154.14.116

200 OK

44 kB

URL HTTP/1.1
www.dailyhealthseries.com/wp-content/cache/wpfc-minified/qwol39sy/6ehlg.js
IP
184.154.14.116:0
ASN
#32475 SINGLEHOP-LLC

File type
ASCII text
Size
44 kB (44292 bytes)
Hash
b7b81f971756aae3ccbe6cb43fd6d40c
513f2d04fc08f371c6a17790e28cfd290ef2c7bb
b79c821b907a9c8cdcc6d6ea624129ea832670936af6cd9880a8bc8825041346

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/cache/wpfc-minified/qwol39sy/6ehlg.js HTTP/1.1
Host: www.dailyhealthseries.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dailyhealthseries.com/
Cookie: mtsnb_lastvisited=1675819470
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 01:24:31 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Last-Modified: Sun, 25 Apr 2021 18:14:04 GMT
Accept-Ranges: bytes
Cache-Control: max-age=10368000
Expires: max-age=A10368000, public
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Connection: keep-alive, Keep-Alive
Content-Length: 44292
Keep-Alive: timeout=5, max=100
Content-Type: application/javascript

pixel.wp.com/g.gif?v=ext&blog=157046295&post=0&tz=0&srv=www.dailyhealthseries.com&j=1%3A11.6&host=www.dailyhealthseries.com&ref=&fcp=0&rand=0.39609769193067856

192.0.76.3

200 OK

50 B

URL HTTP/2
pixel.wp.com/g.gif?v=ext&blog=157046295&post=0&tz=0&srv=www.dailyhealthseries.com&j=1%3A11.6&host=www.dailyhealthseries.com&ref=&fcp=0&rand=0.39609769193067856
IP
192.0.76.3:0
ASN
#2635 AUTOMATTIC

File type
GIF image data, version 89a, 6 x 5\012- data
Size
50 B (50 bytes)
Hash
e4d673a55c5656f19ef81563fb10884c
1f2d8ed221d39329251ad3a6ff1edb20b7219443
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

HTTP Headers

GET /g.gif?v=ext&blog=157046295&post=0&tz=0&srv=www.dailyhealthseries.com&j=1%3A11.6&host=www.dailyhealthseries.com&ref=&fcp=0&rand=0.39609769193067856 HTTP/1.1
Host: pixel.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dailyhealthseries.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 01:24:32 GMT
content-type: image/gif
content-length: 50
cache-control: no-cache
access-control-allow-origin: *
X-Firefox-Spdy: h2

www.dailyhealthseries.com/wp-content/uploads/2019/01/Untitled-2.svg

184.154.14.116

200 OK

3.4 kB

URL HTTP/1.1
www.dailyhealthseries.com/wp-content/uploads/2019/01/Untitled-2.svg
IP
184.154.14.116:0
ASN
#32475 SINGLEHOP-LLC

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text, with very long lines (9311), with no line terminators
Size
3.4 kB (3402 bytes)
Hash
ecdafbb526ffb3614cea0667599a20da
dff082c2b04f94f5bd7f0e7d862d66de1ef5b293
3e68061781754472cce301ac9f503702b2ccff767477d7933564b77d5fe5ce06

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/uploads/2019/01/Untitled-2.svg HTTP/1.1
Host: www.dailyhealthseries.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dailyhealthseries.com/
Cookie: mtsnb_lastvisited=1675819470
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 01:24:31 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Last-Modified: Sun, 20 Jan 2019 14:04:41 GMT
Accept-Ranges: bytes
Cache-Control: max-age=10368000
Expires: max-age=A10368000, public
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Connection: keep-alive, Keep-Alive
Content-Length: 3402
Keep-Alive: timeout=5, max=99
Content-Type: image/svg+xml

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
3f3962ef574ee0069c41f7cbcabd1ef3
c4b6aefa8563432c5e5901488c38ae7da3c83fd7
9518b917cc6f0b1724d687d6aac4d8c1851d46949eeb4926acdb26a84728fdc0

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 01:24:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l521wRZWMf6.woff2

216.58.207.227

200 OK

20 kB

URL HTTP/2
fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l521wRZWMf6.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 19752, version 1.0\012- data
Size
20 kB (19752 bytes)
Hash
d62145d4db9cd1736127dbac7665f41b
2687b5ba8ddbafc800abd1208069edcefc0ca8f2
c8356c413b566272ba50c98d4ce0546e1fce6177ceb6cf8c2a7efe0a65e085a1

HTTP Headers

GET /s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l521wRZWMf6.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.dailyhealthseries.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 19752
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 07 Feb 2023 14:19:26 GMT
expires: Wed, 07 Feb 2024 14:19:26 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 26 Apr 2022 15:46:46 GMT
content-type: font/woff2
age: 39906
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
3f3962ef574ee0069c41f7cbcabd1ef3
c4b6aefa8563432c5e5901488c38ae7da3c83fd7
9518b917cc6f0b1724d687d6aac4d8c1851d46949eeb4926acdb26a84728fdc0

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 01:24:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/karla/v23/qkB9XvYC6trAT55ZBi1ueQVIjQTD-JrIH2G7nytkHRyQ8p4wUje6bg.woff2

216.58.207.227

200 OK

21 kB

URL HTTP/2
fonts.gstatic.com/s/karla/v23/qkB9XvYC6trAT55ZBi1ueQVIjQTD-JrIH2G7nytkHRyQ8p4wUje6bg.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 21248, version 1.0\012- data
Size
21 kB (21248 bytes)
Hash
481105857aba99f91faa3cd9a360e8e1
a2d8dcb59555878d359c2bebbc8be6985d26d7d2
f8c2240958cb1fff47d921ca0f3097f9e7403ada01af2382477ef42c404c38d4

HTTP Headers

GET /s/karla/v23/qkB9XvYC6trAT55ZBi1ueQVIjQTD-JrIH2G7nytkHRyQ8p4wUje6bg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.dailyhealthseries.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21248
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 Feb 2023 10:14:49 GMT
expires: Sat, 03 Feb 2024 10:14:49 GMT
cache-control: public, max-age=31536000
age: 400183
last-modified: Mon, 11 Jul 2022 20:38:57 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
3f3962ef574ee0069c41f7cbcabd1ef3
c4b6aefa8563432c5e5901488c38ae7da3c83fd7
9518b917cc6f0b1724d687d6aac4d8c1851d46949eeb4926acdb26a84728fdc0

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 01:24:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.dailyhealthseries.com/wp-content/uploads/2020/01/testogen-bottle-351x228.jpg

184.154.14.116

200 OK

5.9 kB

URL HTTP/1.1
www.dailyhealthseries.com/wp-content/uploads/2020/01/testogen-bottle-351x228.jpg
IP
184.154.14.116:0
ASN
#32475 SINGLEHOP-LLC

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 351x228, components 3\012- data
Size
5.9 kB (5939 bytes)
Hash
5fc1b615fc759fbbfbe965c61b762b7b
3b779dc2b537154fc5e1ac4b505697c70407b8b4
6b099b2417732d4a3cec0aa1d879bb42fceaa60428f5094995a7aeda4b4927fa

HTTP Headers

GET /wp-content/uploads/2020/01/testogen-bottle-351x228.jpg HTTP/1.1
Host: www.dailyhealthseries.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dailyhealthseries.com/
Cookie: mtsnb_lastvisited=1675819470
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 01:24:32 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Last-Modified: Mon, 20 Jan 2020 08:07:05 GMT
Accept-Ranges: bytes
Content-Length: 5939
Cache-Control: max-age=10368000
Expires: max-age=A10368000, public
Connection: keep-alive, Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Type: image/jpeg

www.dailyhealthseries.com/wp-content/uploads/2019/11/fe-compilation.png

184.154.14.116

200 OK

87 kB

URL HTTP/1.1
www.dailyhealthseries.com/wp-content/uploads/2019/11/fe-compilation.png
IP
184.154.14.116:0
ASN
#32475 SINGLEHOP-LLC

File type
PNG image data, 700 x 437, 8-bit colormap, non-interlaced\012- data
Size
87 kB (86843 bytes)
Hash
d78e9fbff04855965859fd5e83232d1b
cd6c5ee3e72c067c812f5184e5f437c513cd27f4
6ee79184794545f9222e717751ed3284b57ba941860ce590f26ae45638b6ec5e

HTTP Headers

GET /wp-content/uploads/2019/11/fe-compilation.png HTTP/1.1
Host: www.dailyhealthseries.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dailyhealthseries.com/
Cookie: mtsnb_lastvisited=1675819470
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 01:24:31 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Last-Modified: Wed, 27 Nov 2019 15:03:19 GMT
Accept-Ranges: bytes
Content-Length: 86843
Cache-Control: max-age=10368000
Expires: max-age=A10368000, public
Connection: keep-alive, Keep-Alive
Keep-Alive: timeout=5, max=96
Content-Type: image/png

www.dailyhealthseries.com/wp-content/themes/mts_seekers/fonts/fontawesome-webfont.woff2

184.154.14.116

200 OK

77 kB

URL HTTP/1.1
www.dailyhealthseries.com/wp-content/themes/mts_seekers/fonts/fontawesome-webfont.woff2
IP
184.154.14.116:0
ASN
#32475 SINGLEHOP-LLC

File type
Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Size
77 kB (77160 bytes)
Hash
af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/mts_seekers/fonts/fontawesome-webfont.woff2 HTTP/1.1
Host: www.dailyhealthseries.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.dailyhealthseries.com/wp-content/cache/wpfc-minified/llgsbue7/6ehlg.css
Cookie: mtsnb_lastvisited=1675819470
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 01:24:32 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Last-Modified: Thu, 25 Jul 2019 12:10:11 GMT
Accept-Ranges: bytes
Content-Length: 77160
Cache-Control: max-age=10368000
Expires: max-age=A10368000, public
Vary: Accept-Encoding,User-Agent
Connection: keep-alive, Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Type: application/font-woff2

stats.wp.com/e-202251.js

192.0.76.3

200 OK

100 kB

URL HTTP/2
stats.wp.com/e-202251.js
IP
192.0.76.3:0
ASN
#2635 AUTOMATTIC

File type
ASCII text, with very long lines (2690)
Size
100 kB (100183 bytes)
Hash
c4b55ad55fc40bc76a8a3aeb68c4dc65
186f213633b91f2b3e892d7212d90ada0fc9cdf1
1869ce8508ba054fe6a9bff702fd3f47ab5039707e7f62f83617f0a9d55ad10e

HTTP Headers

GET /e-202251.js HTTP/1.1
Host: stats.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dailyhealthseries.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 01:24:31 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"6197c5cf-3508"
content-encoding: br
expires: Sun, 10 Dec 2023 23:28:49 GMT
cache-control: max-age=31536000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn
X-Firefox-Spdy: h2

www.dailyhealthseries.com/wp-content/uploads/2019/10/custom-1024x1024-351x228.jpg

184.154.14.116

200 OK

15 kB

URL HTTP/1.1
www.dailyhealthseries.com/wp-content/uploads/2019/10/custom-1024x1024-351x228.jpg
IP
184.154.14.116:0
ASN
#32475 SINGLEHOP-LLC

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 351x228, components 3\012- data
Size
15 kB (14770 bytes)
Hash
0469547e37cd54bda957f62db6ed5188
964da4c158872d8df763dffd64cd13aafe53c901
3b1fb01435174964155644da8026580c61e4ba31e9de4ea2cea295d7407b0d52

HTTP Headers

GET /wp-content/uploads/2019/10/custom-1024x1024-351x228.jpg HTTP/1.1
Host: www.dailyhealthseries.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dailyhealthseries.com/
Cookie: mtsnb_lastvisited=1675819470
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 01:24:32 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Last-Modified: Mon, 28 Oct 2019 12:08:43 GMT
Accept-Ranges: bytes
Content-Length: 14770
Cache-Control: max-age=10368000
Expires: max-age=A10368000, public
Connection: keep-alive, Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Type: image/jpeg

c0.wp.com/c/6.1.1/wp-includes/js/wp-util.min.js

192.0.77.37

200 OK

30 kB

URL HTTP/2
c0.wp.com/c/6.1.1/wp-includes/js/wp-util.min.js
IP
192.0.77.37:0
ASN
#2635 AUTOMATTIC

File type
ASCII text, with very long lines (1391)
Size
30 kB (30435 bytes)
Hash
bef4222221d20f540d7ca50a4e166285
923eb09ca086202e9116139070ba3642559129e8
0ad920c907df2c706884dd78f09eb306c0abd068f56a11746bfc817b6d354cef

HTTP Headers

GET /c/6.1.1/wp-includes/js/wp-util.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dailyhealthseries.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 01:24:31 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 20 Sep 2022 03:52:10 GMT
content-encoding: br
expires: Thu, 08 Feb 2024 01:24:31 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2

c0.wp.com/c/6.1.1/wp-includes/js/underscore.min.js

192.0.77.37

200 OK

14 kB

URL HTTP/2
c0.wp.com/c/6.1.1/wp-includes/js/underscore.min.js
IP
192.0.77.37:0
ASN
#2635 AUTOMATTIC

File type
ASCII text, with very long lines (18798)
Size
14 kB (14209 bytes)
Hash
23d8690e67998e444b939bbcfc6674e8
02135a1de2bfba233a7789c5fab082f43290ea3a
b9cfc7a8a95bd78ba8e40923be414d8a9471fe9111dd90b92345147984c77424

HTTP Headers

GET /c/6.1.1/wp-includes/js/underscore.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dailyhealthseries.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 01:24:31 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 27 Sep 2022 15:18:25 GMT
content-encoding: br
expires: Thu, 08 Feb 2024 01:24:31 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2

www.dailyhealthseries.com/wp-content/uploads/2020/02/resurge-351x228.png

184.154.14.116

200 OK

61 kB

URL HTTP/1.1
www.dailyhealthseries.com/wp-content/uploads/2020/02/resurge-351x228.png
IP
184.154.14.116:0
ASN
#32475 SINGLEHOP-LLC

File type
PNG image data, 351 x 228, 8-bit/color RGB, non-interlaced\012- data
Size
61 kB (60611 bytes)
Hash
7d565ee754b652492ded56e51a03e2d9
35cd144cf1d10cb0f270afe178ad89af8880c437
240749b3f582fac56099d5e3755effecb1310131dcdabc735816aadf9e298178

HTTP Headers

GET /wp-content/uploads/2020/02/resurge-351x228.png HTTP/1.1
Host: www.dailyhealthseries.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dailyhealthseries.com/
Cookie: mtsnb_lastvisited=1675819470
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 01:24:32 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Last-Modified: Sat, 29 Feb 2020 21:48:01 GMT
Accept-Ranges: bytes
Content-Length: 60611
Cache-Control: max-age=10368000
Expires: max-age=A10368000, public
Connection: keep-alive, Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Type: image/png

c0.wp.com/c/6.1.1/wp-includes/css/dist/block-library/style.min.css

192.0.77.37

200 OK

17 kB

URL HTTP/2
c0.wp.com/c/6.1.1/wp-includes/css/dist/block-library/style.min.css
IP
192.0.77.37:0
ASN
#2635 AUTOMATTIC

File type
ASCII text, with very long lines (47826)
Size
17 kB (16941 bytes)
Hash
534ef6a0308af88f54deac832e50f9b3
e9ae9c58c0231dcaa3fef627829683b95e9dff64
c396c71138e284e99aeb9f6a84586039242340eebdf5c6539828bdc1ed656751

HTTP Headers

GET /c/6.1.1/wp-includes/css/dist/block-library/style.min.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dailyhealthseries.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 01:24:31 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Fri, 11 Nov 2022 14:56:45 GMT
content-encoding: br
expires: Thu, 08 Feb 2024 01:24:31 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2

www.dailyhealthseries.com/wp-content/uploads/2019/09/Ardell-Demi-351x228.jpg

184.154.14.116

200 OK

19 kB

URL HTTP/1.1
www.dailyhealthseries.com/wp-content/uploads/2019/09/Ardell-Demi-351x228.jpg
IP
184.154.14.116:0
ASN
#32475 SINGLEHOP-LLC

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 351x228, components 3\012- data
Size
19 kB (18871 bytes)
Hash
1df181d730bee8f46cbeb004689d3c89
27f8b24f0379bb1f35f9da86581741df110f1a78
9c59aafff34d4fa2e80171a45d1333718a914bcb6ac879bc43d3c8129dbcbe70

HTTP Headers

GET /wp-content/uploads/2019/09/Ardell-Demi-351x228.jpg HTTP/1.1
Host: www.dailyhealthseries.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dailyhealthseries.com/
Cookie: mtsnb_lastvisited=1675819470
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 01:24:32 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Last-Modified: Sat, 09 Nov 2019 10:18:23 GMT
Accept-Ranges: bytes
Content-Length: 18871
Cache-Control: max-age=10368000
Expires: max-age=A10368000, public
Connection: keep-alive, Keep-Alive
Keep-Alive: timeout=5, max=98
Content-Type: image/jpeg

www.dailyhealthseries.com/wp-content/uploads/2020/02/IG1936x1936-351x228.jpg

184.154.14.116

200 OK

22 kB

URL HTTP/1.1
www.dailyhealthseries.com/wp-content/uploads/2020/02/IG1936x1936-351x228.jpg
IP
184.154.14.116:0
ASN
#32475 SINGLEHOP-LLC

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 351x228, components 3\012- data
Size
22 kB (22155 bytes)
Hash
9d273765ed78ee55f30e689da0dfa74f
c03c74f8c2d3ab377de1c03d5a6633b95b8373d0
d9807a29f1c48caa4a9a82d1315ba0d704945461d9ea6b41a58fd00271e4ac8b

HTTP Headers

GET /wp-content/uploads/2020/02/IG1936x1936-351x228.jpg HTTP/1.1
Host: www.dailyhealthseries.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dailyhealthseries.com/
Cookie: mtsnb_lastvisited=1675819470
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 01:24:32 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Last-Modified: Tue, 18 Feb 2020 21:11:16 GMT
Accept-Ranges: bytes
Content-Length: 22155
Cache-Control: max-age=10368000
Expires: max-age=A10368000, public
Connection: keep-alive, Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Type: image/jpeg

fonts.googleapis.com/css?family=Quicksand%3A500%7CKarla%3A400%2C700%7CMerriweather%3A300&subset=latin

142.250.74.74

200 OK

16 kB

URL HTTP/2
fonts.googleapis.com/css?family=Quicksand%3A500%7CKarla%3A400%2C700%7CMerriweather%3A300&subset=latin
IP
142.250.74.74:0
ASN
#15169 GOOGLE

File type
data
Size
16 kB (16052 bytes)
Hash
a58e9136e107f959ea85dd96dc64676a
51034ccfc42edfae29b58cd2fba3060d9c0e816c
725e5b6f47a2848925a6ff69cd7a50b123ae453bd139703e9b334ac8693542b2

HTTP Headers

GET /css?family=Quicksand%3A500%7CKarla%3A400%2C700%7CMerriweather%3A300&subset=latin HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dailyhealthseries.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 08 Feb 2023 01:24:31 GMT
date: Wed, 08 Feb 2023 01:24:31 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.dailyhealthseries.com/page/2/

184.154.14.116

200 OK

7.5 kB

URL HTTP/1.1
www.dailyhealthseries.com/page/2/
IP
184.154.14.116:0
ASN
#32475 SINGLEHOP-LLC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9381)
Size
7.5 kB (7488 bytes)
Hash
ca8b8960a27e62e5b930ca47382ae3f3
315625156c969360c39b99b1f317bf950a056d9a
285faa4c250a0cedc8c6ed9c8c88c362d3975c07846ad7987dba72dd51d89365

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /page/2/ HTTP/1.1
Host: www.dailyhealthseries.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://www.dailyhealthseries.com/
Cookie: mtsnb_lastvisited=1675819470
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 01:24:32 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Vary: Cookie,User-Agent,Accept-Encoding
Last-Modified: Thu, 22 Dec 2022 08:57:19 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Cache-Control: max-age=0, no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: Mon, 29 Oct 1923 20:30:00 GMT
Content-Length: 7488
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

www.dailyhealthseries.com/wp-content/uploads/2019/01/favicon.ico

184.154.14.116

200 OK

619 B

URL HTTP/1.1
www.dailyhealthseries.com/wp-content/uploads/2019/01/favicon.ico
IP
184.154.14.116:0
ASN
#32475 SINGLEHOP-LLC

File type
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Size
619 B (619 bytes)
Hash
093b7351753058ccb5bb6292ef9ea9a3
a0c683a9a52ad6f25184e473f1748d36b643a66f
0c5277cdabdbcf2c5b5c762159f527e256272ea225516d14da0952c424f97af9

HTTP Headers

GET /wp-content/uploads/2019/01/favicon.ico HTTP/1.1
Host: www.dailyhealthseries.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dailyhealthseries.com/
Cookie: mtsnb_lastvisited=1675819470
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 01:24:32 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Last-Modified: Wed, 23 Jan 2019 03:28:19 GMT
Accept-Ranges: bytes
Cache-Control: max-age=0
Expires: max-age=A10368000, public
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Connection: keep-alive, Keep-Alive
Content-Length: 619
Keep-Alive: timeout=5, max=96
Content-Type: image/x-icon

c0.wp.com/c/6.1.1/wp-includes/js/mediaelement/wp-mediaelement.min.css

192.0.77.37

200 OK

0 B

URL HTTP/2
c0.wp.com/c/6.1.1/wp-includes/js/mediaelement/wp-mediaelement.min.css
IP
192.0.77.37:0
ASN
#2635 AUTOMATTIC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /c/6.1.1/wp-includes/js/mediaelement/wp-mediaelement.min.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dailyhealthseries.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 01:24:31 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Fri, 07 Jun 2019 20:45:02 GMT
content-encoding: br
expires: Thu, 08 Feb 2024 01:24:31 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2

c0.wp.com/c/6.1.1/wp-includes/js/jquery/jquery.min.js

192.0.77.37

200 OK

0 B

URL HTTP/2
c0.wp.com/c/6.1.1/wp-includes/js/jquery/jquery.min.js
IP
192.0.77.37:0
ASN
#2635 AUTOMATTIC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /c/6.1.1/wp-includes/js/jquery/jquery.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dailyhealthseries.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 01:24:31 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Mon, 19 Sep 2022 14:16:24 GMT
content-encoding: br
expires: Thu, 08 Feb 2024 01:24:31 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2

c0.wp.com/p/jetpack/11.6/css/jetpack.css

192.0.77.37

200 OK

0 B

URL HTTP/2
c0.wp.com/p/jetpack/11.6/css/jetpack.css
IP
192.0.77.37:0
ASN
#2635 AUTOMATTIC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /p/jetpack/11.6/css/jetpack.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dailyhealthseries.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 01:24:31 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Mon, 28 Nov 2022 20:32:01 GMT
content-encoding: br
expires: Thu, 08 Feb 2024 01:24:31 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2

c0.wp.com/c/6.1.1/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css

192.0.77.37

200 OK

0 B

URL HTTP/2
c0.wp.com/c/6.1.1/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css
IP
192.0.77.37:0
ASN
#2635 AUTOMATTIC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /c/6.1.1/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dailyhealthseries.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 01:24:31 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Tue, 29 Sep 2020 15:53:06 GMT
content-encoding: br
expires: Thu, 08 Feb 2024 01:24:31 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2

c0.wp.com/c/6.1.1/wp-includes/js/jquery/jquery-migrate.min.js

192.0.77.37

200 OK

0 B

URL HTTP/2
c0.wp.com/c/6.1.1/wp-includes/js/jquery/jquery-migrate.min.js
IP
192.0.77.37:0
ASN
#2635 AUTOMATTIC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /c/6.1.1/wp-includes/js/jquery/jquery-migrate.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dailyhealthseries.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 01:24:31 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
content-encoding: br
expires: Thu, 08 Feb 2024 01:24:31 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (15)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML