Report - healthywealthy.pro/1em/de/cd131898energy/pw50-p-de-mc-1em/

Report Overview

Submitted URL
healthywealthy.pro/1em/de/cd131898energy/pw50-p-de-mc-1em/
IP
54.230.111.67
ASN
#16509 AMAZON-02
Submitted
2023-02-08 21:18:43
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
18

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
healthywealthy.pro	unknown	2023-01-23T12:54:41Z	2023-03-11T04:02:55Z	7.5 kB	757 kB	54.230.111.98
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	3.0 kB	8.0 kB	23.36.76.226
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.8 kB	34.160.144.191
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239
ocsp.r2m02.amazontrust.com	unknown	2022-10-12T16:01:39Z	2023-03-13T08:10:58Z	350 B	983 B	54.230.80.227
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782 B	2.4 kB	35.241.9.150
deefauph.com	135892	2021-03-12T14:41:43Z	2023-03-13T06:45:57Z	883 B	679 B	139.45.197.251
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	52.88.63.243
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	3.2 kB	64 kB	34.120.237.76

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-02-08	medium	healthywealthy.pro/1em/de/cd131898energy/pw50-p-de-mc-1em/	Malware
2023-02-08	medium	healthywealthy.pro/1em/de/cd131898energy/pw50-p-de-mc-1em/index_files/ie10-viewport-bug-workaround.js.download	Malware
2023-02-08	medium	healthywealthy.pro/1em/de/cd131898energy/pw50-p-de-mc-1em/index_files/css2	Malware
2023-02-08	medium	healthywealthy.pro/1em/de/cd131898energy/pw50-p-de-mc-1em/index_files/css	Malware
2023-02-08	medium	healthywealthy.pro/1em/de/cd131898energy/pw50-p-de-mc-1em/index_files/bootstrap.min.js.download	Malware
2023-02-08	medium	healthywealthy.pro/1em/de/cd131898energy/pw50-p-de-mc-1em/index_files/jquery-3.6.3.min	Malware
2023-02-08	medium	healthywealthy.pro/1em/de/cd131898energy/pw50-p-de-mc-1em/index_files/jquery-1.12.4.min.js	Malware
2023-02-08	medium	healthywealthy.pro/1em/de/cd131898energy/pw50-p-de-mc-1em/	Malware
2023-02-08	medium	healthywealthy.pro/1em/de/cd131898energy/pw50-p-de-mc-1em/js-1em2.js	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (9)

	URL	Size	First Seen	Last Seen
	unknown	0 B	2023-03-07	2024-04-18
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-18 02:40:06 Times Seen36926020 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	healthywealthy.pro/1em/de/cd131898energy/pw50-p-de-mc-1em/index_files/bootstrap.min.js.download	47 kB	2023-03-07	2024-04-16
Pretty URL healthywealthy.pro/1em/de/cd131898energy/pw50-p-de-mc-1em/index_files/bootstrap.min.js.download IP 54.230.111.51 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:42 Last Seen2024-04-16 09:17:44 Times Seen1252 Hash 0827a0bdcd9a917990eee461a77dd33e 6107d146e54a67c9998230abf839301575d05702 fa421b6ebbd2fb474d3a3866409ce6c1efd120b47ff256fffb8f8f50d556d3d9 Loading...

	healthywealthy.pro/1em/de/cd131898energy/pw50-p-de-mc-1em/index_files/ie10-viewport-bug-workaround.js.download	668 B	2023-03-07	2024-03-14
Pretty URL healthywealthy.pro/1em/de/cd131898energy/pw50-p-de-mc-1em/index_files/ie10-viewport-bug-workaround.js.download IP 54.230.111.51 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:25:12 Last Seen2024-03-14 19:30:38 Times Seen85 Hash 56e8a7b0282409fd020be51b4995a79c 5ab3ef8b9dc31fc2790358b190bda7a96b3c02eb 98ea99e45ff5cfd752359c2e005a8d62483e9454550e150fa0e1636b6909a16a Loading...

	healthywealthy.pro/1em/de/cd131898energy/pw50-p-de-mc-1em/index_files/mediumish.js.download	322 B	2023-03-13	2023-04-02
Pretty URL healthywealthy.pro/1em/de/cd131898energy/pw50-p-de-mc-1em/index_files/mediumish.js.download IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 07:03:35 Last Seen2023-04-02 21:21:26 Times Seen3 Hash 4edc70f7f4d1d84c3c4378b153f26ea6 3dd38f5720ff30c6ef2ba7d64031fa1ae9b6a3fd eb040574019146beae6fb98fb7aa82d6fc5c947724b9f6e899411105f1401e58 Loading...

	healthywealthy.pro/1em/de/cd131898energy/pw50-p-de-mc-1em/	315 B	2023-03-13	2023-04-02
Pretty URL healthywealthy.pro/1em/de/cd131898energy/pw50-p-de-mc-1em/ IP 54.230.111.98 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 07:03:35 Last Seen2023-04-02 21:21:26 Times Seen3 Hash 567f307115c2e5bc04b17c2c49a5772c 42fb2b44bef860bbef406e8e83218321dbd7ad78 a39c2fc98fd7fbe36a9ce111cddee9a9b16d72d41d4e6f97d28fca3f77475ed3 Loading...

	healthywealthy.pro/1em/de/cd131898energy/pw50-p-de-mc-1em/js-1em2.js	2.8 kB	2023-03-13	2023-04-02
Pretty URL healthywealthy.pro/1em/de/cd131898energy/pw50-p-de-mc-1em/js-1em2.js IP 54.230.111.51 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 07:03:35 Last Seen2023-04-02 21:21:26 Times Seen3 Hash 7a03877900b0605729ab4f201775389e 116f50ff112090dd2891627537ede1ff150e6bcc 10cfac27e7b02b1296c72bceb514c2f5ec280888dd2e8ba73d1bc7c3b79423da Loading...

	deefauph.com/pfe/current/micro.tag.min.js?z=5101589&ymid=null&var=null&sw=/sw-check-permissions-4e1e4.js	41 kB	2023-03-13	2023-05-14
Pretty URL deefauph.com/pfe/current/micro.tag.min.js?z=5101589&ymid=null&var=null&sw=/sw-check-permissions-4e1e4.js IP 139.45.197.251 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 19:13:04 Last Seen2023-05-14 06:23:55 Times Seen3 Hash c263b30009caf4d2a17f5a300c22b739 acc6e89ca7b5353b3ecd6d8c5e7fc8eba77b2274 4bf0d611a55a1560757297abe49be6f6588a406ca8ef4ce5f4ff885487c33ce9 Loading...

	healthywealthy.pro/1em/de/cd131898energy/pw50-p-de-mc-1em/	102 B	2023-03-13	2023-03-13
Pretty URL healthywealthy.pro/1em/de/cd131898energy/pw50-p-de-mc-1em/ IP 54.230.111.98 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 19:54:44 Last Seen2023-03-13 19:54:44 Times Seen1 Hash b48cf1bcb5277e769081f82d367a55ce 1dbca394a58c581f27590b96c28d9ff222c5e34c 8b70de8ddc15d43c01a9578a266e4202aa7c315b73a9fe426fb79314dfe50e7b Loading...

		Size	First Seen	Last Seen
	#1 Eval - 62ce4e32bfb82fee6495a5286fdb32b8	79 B	2023-03-13	2023-03-13
Pretty Observations First Seen2023-03-13 19:54:44 Last Seen2023-03-13 19:54:44 Times Seen1 Hash 62ce4e32bfb82fee6495a5286fdb32b8 1e400ceb78a31b1d72e53d16bd567959301e9db8 7ef326f6713fde08edc4e91a2652a7963d6de5f120acd162ceb17792e3a7d07b Loading...

HTTP Transactions (41)

URL IP Response Size

healthywealthy.pro/1em/de/cd131898energy/pw50-p-de-mc-1em/

54.230.111.98

301 Moved Permanently

167 B

URL HTTP/1.1
healthywealthy.pro/1em/de/cd131898energy/pw50-p-de-mc-1em/
IP
54.230.111.98:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
167 B (167 bytes)
Hash
f5d40b7259645010f9a248858ad14178
b3051d17a6ec8c9e166bf09a62b48261ab86957b
7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /1em/de/cd131898energy/pw50-p-de-mc-1em/ HTTP/1.1
Host: healthywealthy.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Server: CloudFront
Date: Wed, 08 Feb 2023 21:18:32 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Location: https://healthywealthy.pro/1em/de/cd131898energy/pw50-p-de-mc-1em/
X-Cache: Redirect from cloudfront
Via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 2Z2eAHdBkYXOnLplOo9mQ-2wR4kJkW_BA22XuI6sAPcg_QAIvJAiJw==

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
dca68db7aea32f6683ce8d542c078f04
19c495238df74fca680e21f18627ff94de5dd2e5
35cab3987fc0e4a41b305cb208c1e33fa38ce8bdfd9f386c3dc0411dd4d5ac61

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35CAB3987FC0E4A41B305CB208C1E33FA38CE8BDFD9F386C3DC0411DD4D5AC61"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4111
Expires: Wed, 08 Feb 2023 22:27:03 GMT
Date: Wed, 08 Feb 2023 21:18:32 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
565c1bbc5c1c40be1988b3bf6fd9dc1a
cfdba5bc597130461dd67bf6cda53183be592493
60ceb36a8329c92fc49a3caf50daf511a38e01eac21a07d7a0a838166bea058d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "60CEB36A8329C92FC49A3CAF50DAF511A38E01EAC21A07D7A0A838166BEA058D"
Last-Modified: Mon, 06 Feb 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3493
Expires: Wed, 08 Feb 2023 22:16:45 GMT
Date: Wed, 08 Feb 2023 21:18:32 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Backoff, Alert, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 08 Feb 2023 20:36:43 GMT
content-type: application/json
age: 2509
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
cc14b0d2f7c451f6431dc87ba54d1d60
bab8bfda6fa3e2f17125353f5147211787dc25d0
b58fe18a5cc8fe5aaf49ba7eadd0ef34692892e68e9c52eb5bb56ea27e1300ad

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B58FE18A5CC8FE5AAF49BA7EADD0EF34692892E68E9C52EB5BB56EA27E1300AD"
Last-Modified: Mon, 06 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9547
Expires: Wed, 08 Feb 2023 23:57:39 GMT
Date: Wed, 08 Feb 2023 21:18:32 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
e76071a28ee566dababb3834f46d68ed
aebb4e68c1ba2de0f90025283e8ed8470944fde0
78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: P3+K+ZgEt1Pm6JRXBtfKpz0jcLsMXzKulSt8MEjV/rvWxNxUn+WvyVkzg/Dgo8yXRtciOmajXxE=
x-amz-request-id: KH48TCCMQ9XWMVAY
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 08 Feb 2023 20:36:05 GMT
age: 2547
last-modified: Sun, 29 Jan 2023 18:44:47 GMT
etag: "e76071a28ee566dababb3834f46d68ed"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 21:18:32 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.r2m02.amazontrust.com/

54.230.80.227

200 OK

471 B

URL HTTP/1.1
ocsp.r2m02.amazontrust.com/
IP
54.230.80.227:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
f3014c82b9f3703fd24a0fe487ec4d5a
96907bf98b03ef179b66efe49c21521ee7f7a03d
bf381d2c0e2664661a562dbab300be22078a96d01c34207a2a1ef3e13d24fd02

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=95404
Date: Wed, 08 Feb 2023 21:18:32 GMT
Etag: "63e2e354-1d7"
Expires: Thu, 09 Feb 2023 23:48:36 GMT
Last-Modified: Tue, 07 Feb 2023 23:48:36 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: m_a4CeGObg9oVsgo1MpvHAxWlSaMtGNWi3R2Qzj5ULjWQgynd7bd0Q==

healthywealthy.pro/1em/de/cd131898energy/pw50-p-de-mc-1em/index_files/hero-3.jpg

54.230.111.51

200 OK

352 kB

URL HTTP/2
healthywealthy.pro/1em/de/cd131898energy/pw50-p-de-mc-1em/index_files/hero-3.jpg
IP
54.230.111.51:0
ASN
#16509 AMAZON-02

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 1000x545, components 3\012- data
Size
352 kB (352385 bytes)
Hash
58b399b0c10fef50fd14cb13d4f03778
0f227088ecee58bc172b33b57e9564477651cd01
0586c0ac9ddb8e6adea27bda1c8737774eaf44b929123a05edcc7ea5ab495b3d

HTTP Headers

GET /1em/de/cd131898energy/pw50-p-de-mc-1em/index_files/hero-3.jpg HTTP/1.1
Host: healthywealthy.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
content-length: 352385
server: nginx/1.22.0
last-modified: Mon, 23 Jan 2023 07:01:06 GMT
accept-ranges: bytes
date: Wed, 08 Feb 2023 13:25:44 GMT
etag: "63ce30b2-56081"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: wrD8-lkjcxQEDnyNGP9wjkw3EvRZ_VORZVz7z3uQbEkpHu8RoRHdaQ==
age: 28367
X-Firefox-Spdy: h2

healthywealthy.pro/1em/de/cd131898energy/pw50-p-de-mc-1em/index_files/ie10-viewport-bug-workaround.js.download

54.230.111.51

200 OK

668 B

URL HTTP/2
healthywealthy.pro/1em/de/cd131898energy/pw50-p-de-mc-1em/index_files/ie10-viewport-bug-workaround.js.download
IP
54.230.111.51:0
ASN
#16509 AMAZON-02

File type
ASCII text
Size
668 B (668 bytes)
Hash
56e8a7b0282409fd020be51b4995a79c
5ab3ef8b9dc31fc2790358b190bda7a96b3c02eb
98ea99e45ff5cfd752359c2e005a8d62483e9454550e150fa0e1636b6909a16a

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /1em/de/cd131898energy/pw50-p-de-mc-1em/index_files/ie10-viewport-bug-workaround.js.download HTTP/1.1
Host: healthywealthy.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/octet-stream
content-length: 668
server: nginx/1.22.0
last-modified: Thu, 19 Jan 2023 19:08:44 GMT
accept-ranges: bytes
date: Wed, 08 Feb 2023 13:25:44 GMT
etag: "63c9953c-29c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: d-hJhInb6fOuQi96YKqyVHxlhmQQAHZy33Bo1pyZnWBfXh-evdWkpA==
age: 28367
X-Firefox-Spdy: h2

healthywealthy.pro/1em/de/cd131898energy/pw50-p-de-mc-1em/index_files/logo.png

54.230.111.51

200 OK

387 B

URL HTTP/2
healthywealthy.pro/1em/de/cd131898energy/pw50-p-de-mc-1em/index_files/logo.png
IP
54.230.111.51:0
ASN
#16509 AMAZON-02

File type
PNG image data, 39 x 30, 8-bit gray+alpha, non-interlaced\012- data
Size
387 B (387 bytes)
Hash
cc2a2313312322b1fa51edab5e4ddb05
b4619bfb64b5472c13f1c3d63068364861f320d9
30cf4e936223b0f7df620dfb6ef941beb05728d585036de4fcb15e2ba273c4fd

HTTP Headers

GET /1em/de/cd131898energy/pw50-p-de-mc-1em/index_files/logo.png HTTP/1.1
Host: healthywealthy.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 387
date: Wed, 08 Feb 2023 18:17:55 GMT
server: nginx/1.22.1
last-modified: Thu, 19 Jan 2023 19:08:40 GMT
etag: "63c99538-183"
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: VBuvB1FX3BR9i6yq7gWUv7cerDZY6IPf3vQj3nh0Nf2WYPc4F1SKZg==
age: 10837
X-Firefox-Spdy: h2

healthywealthy.pro/1em/de/cd131898energy/pw50-p-de-mc-1em/index_files/hand.png

54.230.111.51

200 OK

1.9 kB

URL HTTP/2
healthywealthy.pro/1em/de/cd131898energy/pw50-p-de-mc-1em/index_files/hand.png
IP
54.230.111.51:0
ASN
#16509 AMAZON-02

File type
PNG image data, 46 x 30, 8-bit/color RGBA, non-interlaced\012- data
Size
1.9 kB (1917 bytes)
Hash
3deb77934ce0939d651efab6169e00eb
44d589c7992f4edfe1e6e3419b7a33f97a0226e2
42e8432c34362ab32892874b254198a32691741314dd68c818e5ae578aa98a81

HTTP Headers

GET /1em/de/cd131898energy/pw50-p-de-mc-1em/index_files/hand.png HTTP/1.1
Host: healthywealthy.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 1917
date: Wed, 08 Feb 2023 21:17:25 GMT
server: nginx/1.22.1
last-modified: Thu, 19 Jan 2023 19:08:42 GMT
etag: "63c9953a-77d"
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: a9bBb3thBjMVROfYlYzYz7o1mybyqUkrToP4LRLWZvdmim6Mg-khAw==
age: 67
X-Firefox-Spdy: h2

healthywealthy.pro/1em/de/cd131898energy/pw50-p-de-mc-1em/index_files/css2

54.230.111.51

200 OK

2.1 kB

URL HTTP/2
healthywealthy.pro/1em/de/cd131898energy/pw50-p-de-mc-1em/index_files/css2
IP
54.230.111.51:0
ASN
#16509 AMAZON-02

File type
ASCII text
Size
2.1 kB (2087 bytes)
Hash
bbb11f6264f6291af5dc6388f137ecff
2885ffb32a0cab9695be4a3a910510de6b19688d
43d8ac90e1096faf2154d84531c2a6cdac3aa81e40a24b57ba2c7475fca10110

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /1em/de/cd131898energy/pw50-p-de-mc-1em/index_files/css2 HTTP/1.1
Host: healthywealthy.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/octet-stream
content-length: 2087
server: nginx/1.22.0
last-modified: Thu, 19 Jan 2023 19:08:38 GMT
accept-ranges: bytes
date: Wed, 08 Feb 2023 13:25:44 GMT
etag: "63c99536-827"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: A2Qu3owgieQ4v6KzjhrthLULLKdbq0Whn3EVfMeIL_f4VmbjWD_Fog==
age: 28367
X-Firefox-Spdy: h2

healthywealthy.pro/1em/de/cd131898energy/pw50-p-de-mc-1em/index_files/css

54.230.111.51

200 OK

11 kB

URL HTTP/2
healthywealthy.pro/1em/de/cd131898energy/pw50-p-de-mc-1em/index_files/css
IP
54.230.111.51:0
ASN
#16509 AMAZON-02

File type
ASCII text
Size
11 kB (10698 bytes)
Hash
c01203976510876fd8e799812ab93671
635d2fa47e62918cbff4fab7976731166749be5f
6f0edc9b956f6c3070bfa7d8bfb6d902d30a0ef27be83eb21756afd2a1a86e5f

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /1em/de/cd131898energy/pw50-p-de-mc-1em/index_files/css HTTP/1.1
Host: healthywealthy.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/octet-stream
content-length: 10698
server: nginx/1.22.0
last-modified: Thu, 19 Jan 2023 19:08:38 GMT
accept-ranges: bytes
date: Wed, 08 Feb 2023 13:25:44 GMT
etag: "63c99536-29ca"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: q7njBlT90HqVL7VozCzdjX2t0DiFHtKVHJp5YFnYr6dp8NJ8GfKekQ==
age: 28367
X-Firefox-Spdy: h2

healthywealthy.pro/1em/de/cd131898energy/pw50-p-de-mc-1em/index_files/bootstrap.min.js.download

54.230.111.51

200 OK

47 kB

URL HTTP/2
healthywealthy.pro/1em/de/cd131898energy/pw50-p-de-mc-1em/index_files/bootstrap.min.js.download
IP
54.230.111.51:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (32075)
Size
47 kB (46653 bytes)
Hash
0827a0bdcd9a917990eee461a77dd33e
6107d146e54a67c9998230abf839301575d05702
fa421b6ebbd2fb474d3a3866409ce6c1efd120b47ff256fffb8f8f50d556d3d9

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /1em/de/cd131898energy/pw50-p-de-mc-1em/index_files/bootstrap.min.js.download HTTP/1.1
Host: healthywealthy.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/octet-stream
content-length: 46653
server: nginx/1.22.0
last-modified: Thu, 19 Jan 2023 19:08:44 GMT
accept-ranges: bytes
date: Wed, 08 Feb 2023 13:25:44 GMT
etag: "63c9953c-b63d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: JNWrivxGVK8SNLQe2KaWb0y8z42NlxUrnfbgDCktd0ReYB-9pgtBHw==
age: 28367
X-Firefox-Spdy: h2

healthywealthy.pro/1em/de/cd131898energy/pw50-p-de-mc-1em/index_files/jquery-3.6.3.min

54.230.111.51

404 Not Found

153 B

URL HTTP/2
healthywealthy.pro/1em/de/cd131898energy/pw50-p-de-mc-1em/index_files/jquery-3.6.3.min
IP
54.230.111.51:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
153 B (153 bytes)
Hash
998368d7c95ea4293237f2320546e440
30dfd2d3bb8a7e3241bd7792e90a98ebb70be3a4
533a1ca5d6595793725bca7641d9461a0f00dd1732dded3e4281196f5dd21736

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /1em/de/cd131898energy/pw50-p-de-mc-1em/index_files/jquery-3.6.3.min HTTP/1.1
Host: healthywealthy.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
content-type: text/html
content-length: 153
date: Wed, 08 Feb 2023 21:18:32 GMT
server: nginx/1.22.1
x-cache: Error from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: vCYc4iLQo2LWVUc6qKcKJo709X0mD2UnMwo8W0qQ5v_Qf-z9LpGOyQ==
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Content-Type, Expires, Pragma, Retry-After, Last-Modified, ETag, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 08 Feb 2023 21:14:52 GMT
age: 220
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

healthywealthy.pro/1em/de/cd131898energy/pw50-p-de-mc-1em/index_files/jquery-1.12.4.min.js

54.230.111.51

200 OK

34 kB

URL HTTP/2
healthywealthy.pro/1em/de/cd131898energy/pw50-p-de-mc-1em/index_files/jquery-1.12.4.min.js
IP
54.230.111.51:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (65536), with no line terminators
Size
34 kB (33533 bytes)
Hash
8a1c31c196293c9d76d53b3c646d4c9f
b0cfc5dd5ba88edb75bedcb8eac6b6c23b21a8c5
bcc872ebfa6a344a2c64a90fe183086dbcd56879ea859223b869dd271309e8ca

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /1em/de/cd131898energy/pw50-p-de-mc-1em/index_files/jquery-1.12.4.min.js HTTP/1.1
Host: healthywealthy.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
server: nginx/1.22.0
last-modified: Tue, 10 Jan 2023 14:13:56 GMT
content-encoding: br
date: Wed, 08 Feb 2023 12:48:00 GMT
etag: W/"63bd72a4-1795d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: iReJtwZoyGYwDTXKvDP9p6UpA1B6n80ayr5w6u5LxJ7GsYS9FsiHFQ==
age: 30632
X-Firefox-Spdy: h2

healthywealthy.pro/1em/de/cd131898energy/pw50-p-de-mc-1em/index_files/energyfix_shot.jpg

54.230.111.51

200 OK

32 kB

URL HTTP/2
healthywealthy.pro/1em/de/cd131898energy/pw50-p-de-mc-1em/index_files/energyfix_shot.jpg
IP
54.230.111.51:0
ASN
#16509 AMAZON-02

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 715x500, components 3\012- data
Size
32 kB (32403 bytes)
Hash
c3b298315b0403ded9a6aed8f0f21aa5
da48119d05bc4f9d27671b59f32efa769f9b405a
3d065e3905fd7b1e58754d2ab668a498c4153c1e34f92f690b82649a6d32fa0a

HTTP Headers

GET /1em/de/cd131898energy/pw50-p-de-mc-1em/index_files/energyfix_shot.jpg HTTP/1.1
Host: healthywealthy.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
content-length: 32403
server: nginx/1.22.0
last-modified: Thu, 19 Jan 2023 19:08:42 GMT
accept-ranges: bytes
date: Wed, 08 Feb 2023 14:50:13 GMT
etag: "63c9953a-7e93"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: H6HP2i4ASqMVVu0_bJNXfIPB9kPkpWJujvdClkbNnzTkeLgg_7ukpw==
age: 23299
X-Firefox-Spdy: h2

healthywealthy.pro/1em/de/cd131898energy/pw50-p-de-mc-1em/index_files/statistik.jpg

54.230.111.51

200 OK

116 kB

URL HTTP/2
healthywealthy.pro/1em/de/cd131898energy/pw50-p-de-mc-1em/index_files/statistik.jpg
IP
54.230.111.51:0
ASN
#16509 AMAZON-02

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 1400x1300, components 3\012- data
Size
116 kB (116146 bytes)
Hash
49b83d0e9332be06bb35507be18ad402
8438b3a44bf5c89eea2ee7fbf4c8d81174659ad2
c1463833bfc155c809c9b4543aaf50ae1d074ba69a40f2bc5e0c35dcea1da861

HTTP Headers

GET /1em/de/cd131898energy/pw50-p-de-mc-1em/index_files/statistik.jpg HTTP/1.1
Host: healthywealthy.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
content-length: 116146
server: nginx/1.22.0
last-modified: Mon, 23 Jan 2023 07:01:06 GMT
accept-ranges: bytes
date: Wed, 08 Feb 2023 13:25:45 GMT
etag: "63ce30b2-1c5b2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: vHPzU8IdGOjIQzW2M-Sl7Zz4lbHByDmkTp1UXlImTb-4ya_qHIqlVQ==
age: 28367
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3a4d32e09a048c13b025f2fc8c27e450
3e0f979efcb7e9703514a3e8c36961f7b4341abf
2b670dfc2c08e67709b9da349b1de7b8cc67e5c5be9e695e6754048986ed6597

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2B670DFC2C08E67709B9DA349B1DE7B8CC67E5C5BE9E695E6754048986ED6597"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7130
Expires: Wed, 08 Feb 2023 23:17:23 GMT
Date: Wed, 08 Feb 2023 21:18:33 GMT
Connection: keep-alive

healthywealthy.pro/1em/de/cd131898energy/pw50-p-de-mc-1em/index_files/favicon.ico

54.230.111.51

200 OK

152 kB

URL HTTP/2
healthywealthy.pro/1em/de/cd131898energy/pw50-p-de-mc-1em/index_files/favicon.ico
IP
54.230.111.51:0
ASN
#16509 AMAZON-02

File type
MS Windows icon resource - 1 icon, -64x-64, 32 bits/pixel\012- data
Size
152 kB (152126 bytes)
Hash
a9e67c54fc0f4d65cd1c6edaf380c906
76ec28b0e831ab67dab7337d45e5066b9f40884d
ac69838bf56adb275ed5c99b7e5fae4d2eab21479f98e0a80dc9045043655638

HTTP Headers

GET /1em/de/cd131898energy/pw50-p-de-mc-1em/index_files/favicon.ico HTTP/1.1
Host: healthywealthy.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/x-icon
content-length: 152126
server: nginx/1.22.0
last-modified: Mon, 23 Jan 2023 01:30:00 GMT
accept-ranges: bytes
date: Wed, 08 Feb 2023 18:17:58 GMT
etag: "63cde318-2523e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: OjoUdEpePIuVrmGvCzLqBzUWo_0pvDx9IufGV3314XSfCMDhNX3yVQ==
age: 10835
X-Firefox-Spdy: h2

deefauph.com/zone?&pub=0&zone_id=5101589&is_mobile=false&domain=healthywealthy.pro&var=null&ymid=null&var_3=&dsig=&action=prerequest

139.45.197.251

200 OK

0 B

URL HTTP/2
deefauph.com/zone?&pub=0&zone_id=5101589&is_mobile=false&domain=healthywealthy.pro&var=null&ymid=null&var_3=&dsig=&action=prerequest
IP
139.45.197.251:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /zone?&pub=0&zone_id=5101589&is_mobile=false&domain=healthywealthy.pro&var=null&ymid=null&var_3=&dsig=&action=prerequest HTTP/1.1
Host: deefauph.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 21:18:33 GMT
content-length: 0
x-trace-id: 26c036e892987fbfc87b4d42b4b5c7d9
access-control-allow-origin: null
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

push.services.mozilla.com/

52.88.63.243

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.88.63.243:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: vetphzaaDBqiWP8yoWQh0Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: pg7S+Ox4hXTnAd91ibxyOVg0Hvw=

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
68273225f74fbf7493f395610d7a73fc
5a8779ef5656aeeba23b365aad60b7901c5dd7fc
c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6034
Expires: Wed, 08 Feb 2023 22:59:08 GMT
Date: Wed, 08 Feb 2023 21:18:34 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
68273225f74fbf7493f395610d7a73fc
5a8779ef5656aeeba23b365aad60b7901c5dd7fc
c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6034
Expires: Wed, 08 Feb 2023 22:59:08 GMT
Date: Wed, 08 Feb 2023 21:18:34 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
68273225f74fbf7493f395610d7a73fc
5a8779ef5656aeeba23b365aad60b7901c5dd7fc
c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6034
Expires: Wed, 08 Feb 2023 22:59:08 GMT
Date: Wed, 08 Feb 2023 21:18:34 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
68273225f74fbf7493f395610d7a73fc
5a8779ef5656aeeba23b365aad60b7901c5dd7fc
c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6034
Expires: Wed, 08 Feb 2023 22:59:08 GMT
Date: Wed, 08 Feb 2023 21:18:34 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
68273225f74fbf7493f395610d7a73fc
5a8779ef5656aeeba23b365aad60b7901c5dd7fc
c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6034
Expires: Wed, 08 Feb 2023 22:59:08 GMT
Date: Wed, 08 Feb 2023 21:18:34 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa8532aa1-7280-445c-9c4c-b562d09929d0.jpeg

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa8532aa1-7280-445c-9c4c-b562d09929d0.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10328 bytes)
Hash
1d2eccb9280b851aa1725df5681f6bbd
b4e2b14ee5bc9ee6c9c05666c34b2d1b6ec425b5
c64ece16f4c550feb05db1bccbf74b49d839e77fea31893d48a3f0c267939c92

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa8532aa1-7280-445c-9c4c-b562d09929d0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10328
x-amzn-requestid: 0b0b3fcd-416c-47ac-afa0-51be0ab85665
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_PPlGGqoAMFxYg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c596-219ee5023d71e4ce17d49233;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:41:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 1uPNh-FvA8oI5ZuruNle0ATMPSsyl-_ZjLrUnPQJrogPVREc8wrHMQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 22:12:09 GMT
etag: "b4e2b14ee5bc9ee6c9c05666c34b2d1b6ec425b5"
content-type: image/jpeg
age: 83185
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc7e586b8-49f5-40c3-b0d4-f6cdfc375a2b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.8 kB (9760 bytes)
Hash
18a84ae645223aba0709b5e16c0207f7
0b865e797846520ccc6fff6fb2ee38d8836bd2c0
b1e4868045f074a84e3de1d82ec3ae22f6d2a1a4131b2a40bcce7f3f5375aff7

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc7e586b8-49f5-40c3-b0d4-f6cdfc375a2b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9760
x-amzn-requestid: d5d8fdde-048f-4705-9fa4-99fd7d29d804
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f582DETSIAMFmEA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e0a826-52a3b175584df1914260c8ae;Sampled=0
x-amzn-remapped-date: Mon, 06 Feb 2023 07:11:34 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: wUaruDuqNDIlR6CWz9G7DAofcvS7UNmtPM7C2ve-RRbp57J43rWPxQ==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 04:09:02 GMT
age: 61772
etag: "0b865e797846520ccc6fff6fb2ee38d8836bd2c0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbee0b552-d236-4fa2-b702-1571b09d3fd6.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.1 kB (6060 bytes)
Hash
db6e81972b8835dc48a0dae751ffde5f
826e2195cc52905cfed0bc4f01646290261113b6
720e6105b2ccc9cbc8fd005d53873ced5467a852c7a5041ce2ef96785c0d92f7

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbee0b552-d236-4fa2-b702-1571b09d3fd6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6060
x-amzn-requestid: 80cbc454-e1b4-4e53-a3b6-3a5ac11920c7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_PPQEPNIAMFkqA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c594-4539ebb17f27d88a47100a82;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:41:40 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 50lUvmFMZ01J2FrO3AId_U87zBmCWLFQSDsly_Cd9xF_hVIOWbf3JA==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 22:14:43 GMT
age: 83031
etag: "826e2195cc52905cfed0bc4f01646290261113b6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99e021e8-f66e-44fd-94ca-b30d25a8f5b4.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.0 kB (4961 bytes)
Hash
544181f4aba24fc687a14522dd20f720
2b117270563b8c466ec774acce55271c38f6135b
607c45cc5b4726b92c8507988bbb90ac6a44a3cf22b290030d440266350099a1

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99e021e8-f66e-44fd-94ca-b30d25a8f5b4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4961
x-amzn-requestid: c3b9db99-726f-4473-a6b6-9cff0dceb949
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fswe1GeRoAMFiAA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63db612b-17b52fcd74e374f1104af709;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 07:07:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: dSxTM3mmYK8cLOy5_x4o-lew1goEgwT4fBHi0pM-HSK_qBC6rDAlzg==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 15:13:11 GMT
age: 21923
etag: "2b117270563b8c466ec774acce55271c38f6135b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F308abacb-8d5b-49bf-9e2b-59b6b40157cb.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (12772 bytes)
Hash
2bf626b824fefec1ecaceb9243f2e5ec
f222976d76d889a0cd767bfd73075ee114c531ce
3f981850c6e6628245be7f7e26418d8b945dbeaf45e06492d8e2ee9409245195

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F308abacb-8d5b-49bf-9e2b-59b6b40157cb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12772
x-amzn-requestid: a4603c5c-c842-4a1d-bf09-550f160e1082
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_O7OEz8oAMFbOg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c514-763b7ecf50411a4d13dd8a25;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:39:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ECAdRS7as57pL15HxK4Ep0YOho8Kba8RFhMVnXGdJuKYItQHNf2yHA==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 21:53:57 GMT
age: 84277
etag: "f222976d76d889a0cd767bfd73075ee114c531ce"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

14 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1a39697d-4bed-4ebe-970d-d9950958f814.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
14 kB (13714 bytes)
Hash
5de2fe3c9a2b091689a7213c4f781446
385fa88a857ba301f37ab56d72d11fb49abd8c6b
b64b11a68493fa304aa6102bf9b9ff11fab5e1536ecf768e4b0fa51470ae2293

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1a39697d-4bed-4ebe-970d-d9950958f814.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 13714
x-amzn-requestid: 8f776dba-4e5d-46e5-a3ac-459d86852375
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_PFjGNHIAMFrMA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c556-74429dc755cc37672c68b58b;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:40:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Cf-MbK2WIFs3foM-_Ou5OUg7IS8ovfw-dHJnIpVUvpeAbMi-TeC5SA==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 981753271eb5b6d11bc29d52f173a5da.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 21:54:34 GMT
etag: "385fa88a857ba301f37ab56d72d11fb49abd8c6b"
content-type: image/jpeg
age: 84240
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

healthywealthy.pro/1em/de/cd131898energy/pw50-p-de-mc-1em/

54.230.111.51

200 OK

0 B

URL HTTP/2
healthywealthy.pro/1em/de/cd131898energy/pw50-p-de-mc-1em/
IP
54.230.111.51:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /1em/de/cd131898energy/pw50-p-de-mc-1em/ HTTP/1.1
Host: healthywealthy.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
content-type: text/html
server: nginx/1.22.0
last-modified: Mon, 23 Jan 2023 18:55:38 GMT
content-encoding: br
date: Wed, 08 Feb 2023 17:51:08 GMT
etag: W/"63ced82a-45af"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: V0jHvvM4pLKnjLXL81coaNeulXGOcl4-6A9NQbAWZFlJJlkaVpMxNQ==
age: 12444
X-Firefox-Spdy: h2

healthywealthy.pro/1em/de/cd131898energy/pw50-p-de-mc-1em/index_files/font-awesome.min.css

54.230.111.51

200 OK

0 B

URL HTTP/2
healthywealthy.pro/1em/de/cd131898energy/pw50-p-de-mc-1em/index_files/font-awesome.min.css
IP
54.230.111.51:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /1em/de/cd131898energy/pw50-p-de-mc-1em/index_files/font-awesome.min.css HTTP/1.1
Host: healthywealthy.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/css
server: nginx/1.22.0
last-modified: Thu, 19 Jan 2023 19:08:36 GMT
content-encoding: br
date: Wed, 08 Feb 2023 13:25:44 GMT
etag: W/"63c99534-7918"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 8UTcC_rOzoFSENKRcjDwVCsybUILyxlEv4zjJJGc4j0VVom55vVT3A==
age: 28368
X-Firefox-Spdy: h2

deefauph.com/pfe/current/micro.tag.min.js?z=5101589&ymid=null&var=null&sw=/sw-check-permissions-4e1e4.js

139.45.197.251

200 OK

0 B

URL HTTP/2
deefauph.com/pfe/current/micro.tag.min.js?z=5101589&ymid=null&var=null&sw=/sw-check-permissions-4e1e4.js
IP
139.45.197.251:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /pfe/current/micro.tag.min.js?z=5101589&ymid=null&var=null&sw=/sw-check-permissions-4e1e4.js HTTP/1.1
Host: deefauph.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 21:18:33 GMT
content-type: application/javascript
last-modified: Tue, 07 Feb 2023 14:32:43 GMT
etag: W/"63e2610b-a083"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2

healthywealthy.pro/1em/de/cd131898energy/pw50-p-de-mc-1em/index_files/bootstrap.min.css

54.230.111.51

200 OK

0 B

URL HTTP/2
healthywealthy.pro/1em/de/cd131898energy/pw50-p-de-mc-1em/index_files/bootstrap.min.css
IP
54.230.111.51:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /1em/de/cd131898energy/pw50-p-de-mc-1em/index_files/bootstrap.min.css HTTP/1.1
Host: healthywealthy.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/css
date: Wed, 08 Feb 2023 21:17:24 GMT
server: nginx/1.22.1
last-modified: Thu, 19 Jan 2023 19:08:36 GMT
etag: W/"63c99534-24dd4"
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 3OxoWi1edETrsT6L1UaFjhkb1bF07IhOBTNPvWWYcPzSy-VvX-HQHw==
age: 68
X-Firefox-Spdy: h2

healthywealthy.pro/1em/de/cd131898energy/pw50-p-de-mc-1em/index_files/mediumish.css

54.230.111.51

200 OK

0 B

URL HTTP/2
healthywealthy.pro/1em/de/cd131898energy/pw50-p-de-mc-1em/index_files/mediumish.css
IP
54.230.111.51:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /1em/de/cd131898energy/pw50-p-de-mc-1em/index_files/mediumish.css HTTP/1.1
Host: healthywealthy.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/css
server: nginx/1.22.0
last-modified: Thu, 19 Jan 2023 19:08:38 GMT
content-encoding: br
date: Wed, 08 Feb 2023 13:25:44 GMT
etag: W/"63c99536-2611"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: IApwcRu8noDb1mY5C0aDre9u1FQAYzpiT8qW2NqcdZ31PpZ8VQLR3w==
age: 28367
X-Firefox-Spdy: h2

healthywealthy.pro/1em/de/cd131898energy/pw50-p-de-mc-1em/js-1em2.js

54.230.111.51

200 OK

0 B

URL HTTP/2
healthywealthy.pro/1em/de/cd131898energy/pw50-p-de-mc-1em/js-1em2.js
IP
54.230.111.51:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /1em/de/cd131898energy/pw50-p-de-mc-1em/js-1em2.js HTTP/1.1
Host: healthywealthy.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
server: nginx/1.22.0
last-modified: Mon, 23 Jan 2023 14:51:34 GMT
content-encoding: br
date: Wed, 08 Feb 2023 13:25:44 GMT
etag: W/"63ce9ef6-b0b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: PnXqcIfqqBZ-yLjvmPjo9h0PqiUp8rrjVqRTrZqafC6ZvpRBTpC65g==
age: 28367
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (9)

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Observations