ahealthyaura.com
192.185.72.99 Malicious Activity!

Go To Rescan
Add Verdict Report

URL:
https://ahealthyaura.com/elonmusk/ElonMusk/
Submission: On March 14 via manual (March 14th 2023, 5:16:05 am UTC) from US — Scanned from DE

Summary HTTP 23 Redirects Links 16 Behaviour Indicators

Summary

This website contacted 11 IPs in 3 countries across 9 domains to perform 23 HTTP transactions. The main IP is 192.185.72.99, located in United States and belongs to NETWORK-SOLUTIONS-HOSTING, US. The main domain is ahealthyaura.com.
TLS certificate: Issued by R3 on March 10th 2023. Valid for: 3 months.

This is the only time ahealthyaura.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Crypto (Crypto Exchange)

Domain & IP information

	IP Address	AS Autonomous System
2	192.185.72.99 192.185.72.99	19871 (NETWORK-S...) (NETWORK-SOLUTIONS-HOSTING)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:3b	20446 (STACKPATH...) (STACKPATH-CDN)
2	192.0.77.40 192.0.77.40	2635 (AUTOMATTIC) (AUTOMATTIC)
10 10	199.232.196.193 199.232.196.193	54113 (FASTLY) (FASTLY)
10	146.75.116.193 146.75.116.193	54113 (FASTLY) (FASTLY)
1 2	2606:4700:7::... 2606:4700:7::a29f:9804	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.10.115.182 52.10.115.182	16509 (AMAZON-02) (AMAZON-02)
2	2a04:4e42:8d:... 2a04:4e42:8d::159	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
2	2606:4700:7::... 2606:4700:7::a29f:9904	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
23	11

2 192.185.72.99 (United States)

ASN19871 (NETWORK-SOLUTIONS-HOSTING, US)
PTR: 192-185-72-99.unifiedlayer.com

ahealthyaura.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:3b (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.77.40 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: assets.tumblr.com

static.tumblr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 199.232.196.193 (United States) 10 redirects

ASN54113 (FASTLY, US)

imgur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 146.75.116.193 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

i.imgur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:7::a29f:9804 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cdn-images-1.medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.10.115.182 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: blockonomics.co

www.blockonomics.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:8d::159 (United States)

ASN54113 (FASTLY, US)

pbs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:7::a29f:9904 (United States)

ASN13335 (CLOUDFLARENET, US)

glyph.medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	imgur.com 10 redirects imgur.com — Cisco Umbrella Rank: 4265 i.imgur.com — Cisco Umbrella Rank: 6053	371 KB
4	medium.com 1 redirects cdn-images-1.medium.com — Cisco Umbrella Rank: 47899 glyph.medium.com — Cisco Umbrella Rank: 21273	90 KB
2	twimg.com pbs.twimg.com — Cisco Umbrella Rank: 804	7 KB
2	tumblr.com static.tumblr.com — Cisco Umbrella Rank: 43506	575 KB
2	ahealthyaura.com ahealthyaura.com	84 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2388	254 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 42	77 KB
1	blockonomics.co www.blockonomics.co	4 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 686	30 KB
23	9

	Domain	Requested by
10	i.imgur.com	ahealthyaura.com
10	imgur.com	10 redirects
2	glyph.medium.com	static.tumblr.com
2	pbs.twimg.com	ahealthyaura.com
2	cdn-images-1.medium.com	1 redirects ahealthyaura.com
2	static.tumblr.com	ahealthyaura.com
2	ahealthyaura.com	ahealthyaura.com
1	region1.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	ahealthyaura.com
1	www.blockonomics.co	ahealthyaura.com
1	code.jquery.com	ahealthyaura.com
23	11

This site contains links to these domains. Also see Links.

Domain
medium.com
www.blockonomics.co

Subject Issuer	Validity	Valid
*.ahealthyaura.com R3	`2023-03-10` - `2023-06-08`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-03` - `2023-07-14`	a year	crt.sh
*.tumblr.com Sectigo ECC Domain Validation Secure Server CA	`2022-11-14` - `2023-12-15`	a year	crt.sh
*.blockonomics.co Sectigo RSA Domain Validation Secure Server CA	`2023-01-23` - `2024-02-23`	a year	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
medium.com Cloudflare Inc ECC CA-3	`2023-02-21` - `2023-05-22`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://ahealthyaura.com/elonmusk/ElonMusk/
Frame ID: 5141F448091A5FDB77F5A117509B8523
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Medium (Blogs) Expand

Overall confidence: 100%
Detected patterns

medium\.com

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

23
Requests

52 %
HTTPS

55 %
IPv6

9
Domains

11
Subdomains

11
IPs

3
Countries

1281 kB
Transfer

1615 kB
Size

2
Cookies

16 Outgoing links

These are links going to different origins than the main page.

URL: https://medium.com/
Title: Homepage

Search URL Search Domain Scan URL

URL: https://medium.com/membership?source=upgrade_membership---nav_full
Title: Become a member

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?redirect=https%3A%2F%2Fmedium.com%2F%40Natalixxxx98%2Fmcafee-crypto-extravaganza-btc-and-eth-airdrop-promo-d0f0afa4999f&source=--------------------------nav_reg&operation=login
Title: Sign in

Search URL Search Domain Scan URL

URL: https://medium.com/?source=post_header_lockup

Search URL Search Domain Scan URL

URL: https://www.blockonomics.co/pay-url/0d9be8350df749de

Search URL Search Domain Scan URL

URL: https://medium.com/?source=footer_card

Search URL Search Domain Scan URL

URL: https://medium.com/@cryptorand

Search URL Search Domain Scan URL

URL: https://medium.com/@AleksandarSvetski

Search URL Search Domain Scan URL

URL: https://medium.com/@ThisIsKlinger

Search URL Search Domain Scan URL

URL: https://medium.com/@crpto3332
Title: Digital Asset Investor

Search URL Search Domain Scan URL

URL: https://medium.com/@e434534egwer

Search URL Search Domain Scan URL

URL: https://medium.com/@NateRubenRDM

Search URL Search Domain Scan URL

URL: https://medium.com/p/d0f0afa4999f/share/twitter

Search URL Search Domain Scan URL

URL: https://medium.com/p/d0f0afa4999f/share/facebook

Search URL Search Domain Scan URL

URL: https://medium.com/@Medium/personalize-your-medium-experience-with-users-publications-tags-26a41ab1ee0c#.hx4zuv3mg
Title: Learn more

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

https://imgur.com/FfuCMlE.png HTTP 301
https://i.imgur.com/FfuCMlE.png

Request Chain 5

https://cdn-images-1.medium.com/max/800/1*8VDWw33n-eu85f0nFTbP5g.jpeg HTTP 301
https://cdn-images-1.medium.com/v2/resize:fit:800/1*8VDWw33n-eu85f0nFTbP5g.jpeg

Request Chain 9

https://imgur.com/fxEuNMj.jpg HTTP 301
https://i.imgur.com/fxEuNMj.jpg

Request Chain 10

https://imgur.com/EmRUP3S.jpg HTTP 301
https://i.imgur.com/EmRUP3S.jpg

Request Chain 11

https://imgur.com/ZmO7j4s.jpg HTTP 301
https://i.imgur.com/ZmO7j4s.jpg

Request Chain 12

https://imgur.com/GOV2rh7.jpg HTTP 301
https://i.imgur.com/GOV2rh7.jpg

Request Chain 13

https://imgur.com/kKTtsr7.jpg HTTP 301
https://i.imgur.com/kKTtsr7.jpg

Request Chain 14

https://imgur.com/EyAtCTu.jpg HTTP 301
https://i.imgur.com/EyAtCTu.jpg

Request Chain 15

https://imgur.com/WzzWZyq.jpg HTTP 301
https://i.imgur.com/WzzWZyq.jpg

Request Chain 16

https://imgur.com/ULdp2iV.jpg HTTP 301
https://i.imgur.com/ULdp2iV.jpg

Request Chain 17

https://imgur.com/fzSkCnJ.jpg HTTP 301
https://i.imgur.com/fzSkCnJ.jpg

23 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
ahealthyaura.com/elonmusk/ElonMusk/ 202 KB
73 KB 1508ms
244ms Document
text/html 192.185.72.99
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://ahealthyaura.com/elonmusk/ElonMusk/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.72.99 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: 192-185-72-99.unifiedlayer.com
Software: Apache /
Resource Hash: 71f7f5908526a35599554854dbad5c5c27beab85d65f5192e811aeb93b263864

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-type: text/html
date: Tue, 14 Mar 2023 05:16:07 GMT
last-modified: Sun, 12 Mar 2023 11:59:50 GMT
server: Apache
vary: Accept-Encoding

GET
H2 200 jquery-3.4.1.min.js Show response
code.jquery.com/ 86 KB
30 KB 113ms
23ms Script
application/javascript 2001:4de0:ac18::1:a:3b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.4.1.min.js
Requested by: Host: ahealthyaura.com
URL: https://ahealthyaura.com/elonmusk/ElonMusk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ahealthyaura.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 14 Mar 2023 05:16:07 GMT
content-encoding: gzip
last-modified: Fri, 12 Aug 2022 13:47:02 GMT
server: nginx
etag: W/"62f659d6-15851"
vary: Accept-Encoding
x-hw: 1678770967.dop128.fr8.t,1678770967.cds051.fr8.hn,1678770967.cds236.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30638

GET
H2 200 m2.css
static.tumblr.com/bejxdgc/NDhpx23f1/ 64 KB
64 KB 68ms
18ms Stylesheet
text/css 192.0.77.40
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tumblr.com/bejxdgc/NDhpx23f1/m2.css

Requested by

Host: ahealthyaura.com
URL: https://ahealthyaura.com/elonmusk/ElonMusk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.40 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

assets.tumblr.com

Software

nginx /

Resource Hash

29e89f00341d65ffbab6fdfce78f7e42a1daf4bda2e3615ad9466e2ce47760ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ahealthyaura.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Tue, 14 Mar 2023 05:16:07 GMT
strict-transport-security: max-age=31536000; preload
last-modified: Fri, 30 Aug 2019 15:37:50 GMT
server: nginx
etag: "376dd17dad7defb0a0c4f2d99445382f"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 65054
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 main-branding-base.css
static.tumblr.com/bejxdgc/H7hpx23gv/ 510 KB
511 KB 68ms
18ms Stylesheet
text/css 192.0.77.40
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tumblr.com/bejxdgc/H7hpx23gv/main-branding-base.css

Requested by

Host: ahealthyaura.com
URL: https://ahealthyaura.com/elonmusk/ElonMusk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.40 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

assets.tumblr.com

Software

nginx /

Resource Hash

be9a62a389ef14e5aa7c9c7ef9f7bec271ecce1f86aa8f0cdcc9a5e3acf7948e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ahealthyaura.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Tue, 14 Mar 2023 05:16:07 GMT
strict-transport-security: max-age=31536000; preload
last-modified: Fri, 30 Aug 2019 15:38:57 GMT
server: nginx
etag: "0acc5b1299f898a0c3a615c3aab31699"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 522276
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

FfuCMlE.png
i.imgur.com/
Redirect Chain

https://imgur.com/FfuCMlE.png
https://i.imgur.com/FfuCMlE.png

12 KB
12 KB

241ms
115ms

Image
image/jpeg

146.75.116.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/FfuCMlE.png

Requested by

Host: ahealthyaura.com
URL: https://ahealthyaura.com/elonmusk/ElonMusk/

Protocol

Server

146.75.116.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

b5d341b9eecdadc00ffa76fb9e5a05983b31cbac7ab6450f9c768202185ead4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ahealthyaura.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 14 Mar 2023 05:16:08 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
age: 4828029
x-cache: HIT, MISS
content-length: 12581
x-served-by: cache-iad-kiad7000058-IAD, cache-fra-eddf8230104-FRA
last-modified: Mon, 25 Oct 2021 13:11:52 GMT
server: cat factory 1.0
x-timer: S1678770968.977742,VS0,VE92
etag: "f9269250017bc53f6764e86659540328"
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 42, 0

Redirect headers

x-cache-hits: 0
date: Tue, 14 Mar 2023 05:16:07 GMT
strict-transport-security: max-age=300
server: cat factory 1.0
x-timer: S1678770968.817736,VS0,VE0
x-frame-options: DENY
x-cache: HIT
location: https://i.imgur.com/FfuCMlE.png
access-control-allow-origin: https://imgur.com
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials: false
accept-ranges: bytes
content-length: 0
retry-after: 0
x-served-by: cache-hhn-etou8220051-HHN

GET
H2 404 1UATD6Vui-5Xa4Vb2QAOtbg_002.png
ahealthyaura.com/elonmusk/ElonMusk/medium/ 12 KB
12 KB 131ms
131ms Image
text/html 192.185.72.99
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ahealthyaura.com/elonmusk/ElonMusk/medium/1UATD6Vui-5Xa4Vb2QAOtbg_002.png
Requested by: Host: ahealthyaura.com
URL: https://ahealthyaura.com/elonmusk/ElonMusk/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.72.99 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: 192-185-72-99.unifiedlayer.com
Software: Apache /
Resource Hash: bccb23d41c2cc69cf0c7d22c4314ca8181a513c6999b73e45307792830f4e482

Request headers

Referer: https://ahealthyaura.com/elonmusk/ElonMusk/
Origin: https://ahealthyaura.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 14 Mar 2023 05:16:07 GMT
content-encoding: gzip
last-modified: Sat, 01 Oct 2022 14:55:20 GMT
server: Apache
vary: Accept-Encoding
content-type: text/html
accept-ranges: bytes
content-length: 4677

GET
H2

200

1*8VDWw33n-eu85f0nFTbP5g.jpeg
cdn-images-1.medium.com/v2/resize:fit:800/
Redirect Chain

https://cdn-images-1.medium.com/max/800/1*8VDWw33n-eu85f0nFTbP5g.jpeg
https://cdn-images-1.medium.com/v2/resize:fit:800/1*8VDWw33n-eu85f0nFTbP5g.jpeg

49 KB
50 KB

131ms
131ms

Image
image/jpeg

2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-images-1.medium.com/v2/resize:fit:800/1*8VDWw33n-eu85f0nFTbP5g.jpeg

Requested by

Host: ahealthyaura.com
URL: https://ahealthyaura.com/elonmusk/ElonMusk/

Protocol

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed7111fe81e321fdbe690130e31ef9685dcdbc68e89594d59b4f428fb386a5f9

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ahealthyaura.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 14 Mar 2023 05:16:08 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: script-src 'none'
cf-cache-status: HIT
x-envoy-upstream-service-time: 146
content-disposition: inline; filename="1*8VDWw33n-eu85f0nFTbP5g.jpg"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 50634
x-request-id: daf046fe-2e72-4ed3-a177-db71c7580b57
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "GDaGwHs-RUT5Ax-stAuS-u0PJhh3XQBIr57rmGRtHhk/RImYxNTBkNmMzN2RlN2Y5ZWJiY2U1ZmQyNzE1MzZjZmU2Ig"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
medium-fulfilled-by: miro-v2/main-20230303-101917-2bba7b0c9d
accept-ranges: bytes
cf-ray: 7a7a0af699399019-FRA
expires: Wed, 13 Mar 2024 05:16:08 GMT

Redirect headers

date: Tue, 14 Mar 2023 05:16:08 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-envoy-upstream-service-time: 1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
sepia-upstream: medium
server: cloudflare
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
location: /v2/resize:fit:800/1*8VDWw33n-eu85f0nFTbP5g.jpeg
cache-control: public, max-age=7200
cf-ray: 7a7a0af5c89f9019-FRA
expires: Tue, 14 Mar 2023 07:16:08 GMT

GET
H/1.1 200
OK pay_with_bitcoin_medium.png
www.blockonomics.co/img/ 4 KB
4 KB 796ms
193ms Image
image/png 52.10.115.182
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.blockonomics.co/img/pay_with_bitcoin_medium.png

Requested by

Host: ahealthyaura.com
URL: https://ahealthyaura.com/elonmusk/ElonMusk/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.10.115.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

blockonomics.co

Software

nginx/1.8.0 /

Resource Hash

6f15fa5979d25404827a7329e8a5ec332a42cf4fd73e27a2c3ccda017034e1b0

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ahealthyaura.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Tue, 14 Mar 2023 05:14:58 GMT
Server: nginx/1.8.0
ETag: "63b121d2-ea2"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=300
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3746
Expires: Tue, 14 Mar 2023 05:19:58 GMT

GET
H2 404 FS8-70Ie_400x400.jpg
pbs.twimg.com/profile_images/1474910968157249536/ 0
163 B 207ms
32ms Image
image/jpeg 2a04:4e42:8d::159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1474910968157249536/FS8-70Ie_400x400.jpg

Requested by

Host: ahealthyaura.com
URL: https://ahealthyaura.com/elonmusk/ElonMusk/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:8d::159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ahealthyaura.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
date: Tue, 14 Mar 2023 05:16:07 GMT
x-content-type-options: nosniff
x-cache: HIT, MISS
server-timing: x-cache;desc=MISS, x-tw-cdn;desc=FT
content-length: 0
x-served-by: cache-lhr7323-LHR, cache-fra-eddf8230101-FRA, cache-tw-ZZZ1
x-tw-cdn: FT
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: 3cd4655020e22b11
access-control-expose-headers: Content-Length
cache-control: max-age=3600, must-revalidate
perf: 7626143928
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 pXvMgIpb_400x400.jpg
pbs.twimg.com/profile_images/1245646911530385416/ 6 KB
6 KB 193ms
19ms Image
image/jpeg 2a04:4e42:8d::159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1245646911530385416/pXvMgIpb_400x400.jpg

Requested by

Host: ahealthyaura.com
URL: https://ahealthyaura.com/elonmusk/ElonMusk/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:8d::159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

5b209ef1a852caa73dabdcfb3a9852d877034db402efe34523f518bf1b14ad42

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ahealthyaura.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
date: Tue, 14 Mar 2023 05:16:07 GMT
x-content-type-options: nosniff
x-cache: HIT, HIT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 6238
x-served-by: cache-lhr7357-LHR, cache-fra-eddf8230101-FRA, cache-tw-ZZZ1
last-modified: Thu, 02 Apr 2020 09:37:01 GMT
x-tw-cdn: FT
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: 1cbcd9325824676a
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7626143928
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2

200

fxEuNMj.jpg
i.imgur.com/
Redirect Chain

https://imgur.com/fxEuNMj.jpg
https://i.imgur.com/fxEuNMj.jpg

59 KB
59 KB

181ms
56ms

Image
image/png

146.75.116.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/fxEuNMj.jpg

Requested by

Host: ahealthyaura.com
URL: https://ahealthyaura.com/elonmusk/ElonMusk/

Protocol

Server

146.75.116.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

0bf49c44b081b5734010a8ba3fd13b7c85d9c500cb1f5451b37b7054c212b4a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ahealthyaura.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 14 Mar 2023 05:16:07 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
age: 3585308
x-cache: HIT, HIT
content-length: 60348
x-served-by: cache-iad-kcgs7200033-IAD, cache-fra-eddf8230104-FRA
last-modified: Tue, 29 Jun 2021 18:15:14 GMT
server: cat factory 1.0
x-timer: S1678770968.978194,VS0,VE1
etag: "a4e7831d2b27dc6b4c16ebf842d4fc77"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1025, 1

Redirect headers

x-cache-hits: 0
date: Tue, 14 Mar 2023 05:16:07 GMT
strict-transport-security: max-age=300
server: cat factory 1.0
x-timer: S1678770968.818076,VS0,VE0
x-frame-options: DENY
x-cache: HIT
location: https://i.imgur.com/fxEuNMj.jpg
access-control-allow-origin: https://imgur.com
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials: false
accept-ranges: bytes
content-length: 0
retry-after: 0
x-served-by: cache-hhn-etou8220051-HHN

GET
H2

200

EmRUP3S.jpg
i.imgur.com/
Redirect Chain

https://imgur.com/EmRUP3S.jpg
https://i.imgur.com/EmRUP3S.jpg

6 KB
7 KB

240ms
115ms

Image
image/jpeg

146.75.116.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/EmRUP3S.jpg

Requested by

Host: ahealthyaura.com
URL: https://ahealthyaura.com/elonmusk/ElonMusk/

Protocol

Server

146.75.116.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

f9d10459c0e3e0b29ebdae9a54c33abc5b95071d43006fb6b17cbf7608036173

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ahealthyaura.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 14 Mar 2023 05:16:08 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
age: 770720
x-cache: HIT, MISS
content-length: 6569
x-served-by: cache-iad-kiad7000046-IAD, cache-fra-eddf8230104-FRA
last-modified: Tue, 29 Jun 2021 18:16:08 GMT
server: cat factory 1.0
x-timer: S1678770968.978508,VS0,VE92
etag: "799ffed6fed295650a2a7b16559fec5d"
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 52, 0

Redirect headers

x-cache-hits: 0
date: Tue, 14 Mar 2023 05:16:07 GMT
strict-transport-security: max-age=300
server: cat factory 1.0
x-timer: S1678770968.818303,VS0,VE0
x-frame-options: DENY
x-cache: HIT
location: https://i.imgur.com/EmRUP3S.jpg
access-control-allow-origin: https://imgur.com
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials: false
accept-ranges: bytes
content-length: 0
retry-after: 0
x-served-by: cache-hhn-etou8220051-HHN

GET
H2

200

ZmO7j4s.jpg
i.imgur.com/
Redirect Chain

https://imgur.com/ZmO7j4s.jpg
https://i.imgur.com/ZmO7j4s.jpg

78 KB
78 KB

191ms
65ms

Image
image/jpeg

146.75.116.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/ZmO7j4s.jpg

Requested by

Host: ahealthyaura.com
URL: https://ahealthyaura.com/elonmusk/ElonMusk/

Protocol

Server

146.75.116.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

8414c30a198206c39659a3480d99d096bbc830911bae3a1ca7022d500d548c3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ahealthyaura.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 14 Mar 2023 05:16:07 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
age: 1867757
x-cache: HIT, HIT
content-length: 79366
x-served-by: cache-iad-kcgs7200111-IAD, cache-fra-eddf8230104-FRA
last-modified: Tue, 29 Jun 2021 18:17:20 GMT
server: cat factory 1.0
x-timer: S1678770968.978486,VS0,VE1
etag: "a94e4504f7c70c06596ff03e670c709c"
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 788, 1

Redirect headers

x-cache-hits: 0
date: Tue, 14 Mar 2023 05:16:07 GMT
strict-transport-security: max-age=300
server: cat factory 1.0
x-timer: S1678770968.818034,VS0,VE0
x-frame-options: DENY
x-cache: HIT
location: https://i.imgur.com/ZmO7j4s.jpg
access-control-allow-origin: https://imgur.com
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials: false
accept-ranges: bytes
content-length: 0
retry-after: 0
x-served-by: cache-hhn-etou8220051-HHN

GET
H2

200

GOV2rh7.jpg
i.imgur.com/
Redirect Chain

https://imgur.com/GOV2rh7.jpg
https://i.imgur.com/GOV2rh7.jpg

102 KB
102 KB

193ms
67ms

Image
image/jpeg

146.75.116.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/GOV2rh7.jpg

Requested by

Host: ahealthyaura.com
URL: https://ahealthyaura.com/elonmusk/ElonMusk/

Protocol

Server

146.75.116.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

8f70c1bb63bcd03623b5c8b4cb078b9b3bdc931692522bf49967d6a57ec0a9c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ahealthyaura.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 14 Mar 2023 05:16:07 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
age: 2379548
x-cache: HIT, HIT
content-length: 104379
x-served-by: cache-iad-kcgs7200153-IAD, cache-fra-eddf8230104-FRA
last-modified: Tue, 29 Jun 2021 18:18:27 GMT
server: cat factory 1.0
x-timer: S1678770968.978787,VS0,VE2
etag: "5d2a503ea94c137158664a118c52ff02"
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 759, 1

Redirect headers

x-cache-hits: 0
date: Tue, 14 Mar 2023 05:16:07 GMT
strict-transport-security: max-age=300
server: cat factory 1.0
x-timer: S1678770968.817735,VS0,VE0
x-frame-options: DENY
x-cache: HIT
location: https://i.imgur.com/GOV2rh7.jpg
access-control-allow-origin: https://imgur.com
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials: false
accept-ranges: bytes
content-length: 0
retry-after: 0
x-served-by: cache-hhn-etou8220051-HHN

GET
H2

200

kKTtsr7.jpg
i.imgur.com/
Redirect Chain

https://imgur.com/kKTtsr7.jpg
https://i.imgur.com/kKTtsr7.jpg

18 KB
18 KB

151ms
25ms

Image
image/jpeg

146.75.116.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/kKTtsr7.jpg

Requested by

Host: ahealthyaura.com
URL: https://ahealthyaura.com/elonmusk/ElonMusk/

Protocol

Server

146.75.116.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

03d71e2470a7b7f26c4eeb073b600f56acee001873b872df9f72065ac6f07132

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ahealthyaura.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 14 Mar 2023 05:16:07 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
age: 2379549
x-cache: HIT, HIT
content-length: 18464
x-served-by: cache-iad-kjyo7100105-IAD, cache-fra-eddf8230104-FRA
last-modified: Tue, 29 Jun 2021 18:19:21 GMT
server: cat factory 1.0
x-timer: S1678770968.978094,VS0,VE1
etag: "103a2af7e51e1b79446a3b570ce4de62"
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 101, 1

Redirect headers

x-cache-hits: 0
date: Tue, 14 Mar 2023 05:16:07 GMT
strict-transport-security: max-age=300
server: cat factory 1.0
x-timer: S1678770968.818581,VS0,VE0
x-frame-options: DENY
x-cache: HIT
location: https://i.imgur.com/kKTtsr7.jpg
access-control-allow-origin: https://imgur.com
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials: false
accept-ranges: bytes
content-length: 0
retry-after: 0
x-served-by: cache-hhn-etou8220051-HHN

GET
H2

200

EyAtCTu.jpg
i.imgur.com/
Redirect Chain

https://imgur.com/EyAtCTu.jpg
https://i.imgur.com/EyAtCTu.jpg

31 KB
31 KB

101ms
67ms

Image
image/jpeg

146.75.116.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/EyAtCTu.jpg

Requested by

Host: ahealthyaura.com
URL: https://ahealthyaura.com/elonmusk/ElonMusk/

Protocol

Server

146.75.116.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

2d1196c31e454364bf96cc774bfd0da0e0fca248b334e2084d5f27fbc489d12d

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ahealthyaura.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 14 Mar 2023 05:16:07 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
age: 2983615
x-cache: HIT, HIT
content-length: 31406
x-served-by: cache-iad-kcgs7200067-IAD, cache-fra-eddf8230104-FRA
last-modified: Tue, 29 Jun 2021 18:20:10 GMT
server: cat factory 1.0
x-timer: S1678770968.995301,VS0,VE1
etag: "923066db3173660015afa2cc2ace6e31"
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 55, 1

Redirect headers

x-cache-hits: 0
date: Tue, 14 Mar 2023 05:16:07 GMT
strict-transport-security: max-age=300
server: cat factory 1.0
x-timer: S1678770968.924177,VS0,VE0
x-frame-options: DENY
x-cache: HIT
location: https://i.imgur.com/EyAtCTu.jpg
access-control-allow-origin: https://imgur.com
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials: false
accept-ranges: bytes
content-length: 0
retry-after: 0
x-served-by: cache-hhn-etou8220051-HHN

GET
H2

200

WzzWZyq.jpg
i.imgur.com/
Redirect Chain

https://imgur.com/WzzWZyq.jpg
https://i.imgur.com/WzzWZyq.jpg

19 KB
20 KB

55ms
22ms

Image
image/jpeg

146.75.116.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/WzzWZyq.jpg

Requested by

Host: ahealthyaura.com
URL: https://ahealthyaura.com/elonmusk/ElonMusk/

Protocol

Server

146.75.116.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

4370ae6c750b86a4ed5409ac3278fc076573eb04ed16619174ef01ed15f5f724

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ahealthyaura.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 14 Mar 2023 05:16:07 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
age: 4142154
x-cache: HIT, HIT
content-length: 19834
x-served-by: cache-iad-kcgs7200176-IAD, cache-fra-eddf8230104-FRA
last-modified: Tue, 29 Jun 2021 18:35:51 GMT
server: cat factory 1.0
x-timer: S1678770968.978075,VS0,VE1
etag: "43933e2340c67d75328e84815489b409"
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 244, 1

Redirect headers

x-cache-hits: 0
date: Tue, 14 Mar 2023 05:16:07 GMT
strict-transport-security: max-age=300
server: cat factory 1.0
x-timer: S1678770968.924401,VS0,VE0
x-frame-options: DENY
x-cache: HIT
location: https://i.imgur.com/WzzWZyq.jpg
access-control-allow-origin: https://imgur.com
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials: false
accept-ranges: bytes
content-length: 0
retry-after: 0
x-served-by: cache-hhn-etou8220051-HHN

GET
H2

200

ULdp2iV.jpg
i.imgur.com/
Redirect Chain

https://imgur.com/ULdp2iV.jpg
https://i.imgur.com/ULdp2iV.jpg

15 KB
15 KB

101ms
68ms

Image
image/jpeg

146.75.116.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/ULdp2iV.jpg

Requested by

Host: ahealthyaura.com
URL: https://ahealthyaura.com/elonmusk/ElonMusk/

Protocol

Server

146.75.116.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

fc5fe349128c5c34464403ff2c77de78b74f24ec0f38c7919cd3603060667531

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ahealthyaura.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 14 Mar 2023 05:16:07 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
age: 326258
x-cache: HIT, HIT
content-length: 15501
x-served-by: cache-iad-kcgs7200130-IAD, cache-fra-eddf8230104-FRA
last-modified: Tue, 29 Jun 2021 18:36:44 GMT
server: cat factory 1.0
x-timer: S1678770968.995210,VS0,VE1
etag: "f479c6c8318ffbd03029cbbdcdd0abc9"
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 5, 1

Redirect headers

x-cache-hits: 0
date: Tue, 14 Mar 2023 05:16:07 GMT
strict-transport-security: max-age=300
server: cat factory 1.0
x-timer: S1678770968.924389,VS0,VE0
x-frame-options: DENY
x-cache: HIT
location: https://i.imgur.com/ULdp2iV.jpg
access-control-allow-origin: https://imgur.com
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials: false
accept-ranges: bytes
content-length: 0
retry-after: 0
x-served-by: cache-hhn-etou8220051-HHN

GET
H2

200

fzSkCnJ.jpg
i.imgur.com/
Redirect Chain

https://imgur.com/fzSkCnJ.jpg
https://i.imgur.com/fzSkCnJ.jpg

28 KB
28 KB

58ms
25ms

Image
image/jpeg

146.75.116.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/fzSkCnJ.jpg

Requested by

Host: ahealthyaura.com
URL: https://ahealthyaura.com/elonmusk/ElonMusk/

Protocol

Server

146.75.116.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

e1dcf10c94027fc9946bc9aaa7eb98cdec4d81b9c0693e2ab2959746f1043075

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ahealthyaura.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 14 Mar 2023 05:16:07 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
age: 1132261
x-cache: HIT, HIT
content-length: 28578
x-served-by: cache-iad-kcgs7200091-IAD, cache-fra-eddf8230104-FRA
last-modified: Tue, 29 Jun 2021 18:37:28 GMT
server: cat factory 1.0
x-timer: S1678770968.978081,VS0,VE1
etag: "1871e36dee49a62c4afddd68e10e8e3d"
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 689, 1

Redirect headers

x-cache-hits: 0
date: Tue, 14 Mar 2023 05:16:07 GMT
strict-transport-security: max-age=300
server: cat factory 1.0
x-timer: S1678770968.924391,VS0,VE0
x-frame-options: DENY
x-cache: HIT
location: https://i.imgur.com/fzSkCnJ.jpg
access-control-allow-origin: https://imgur.com
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials: false
accept-ranges: bytes
content-length: 0
retry-after: 0
x-served-by: cache-hhn-etou8220051-HHN

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 220 KB
77 KB 96ms
43ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-GJ66QD6E96

Requested by

Host: ahealthyaura.com
URL: https://ahealthyaura.com/elonmusk/ElonMusk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0c36538b0ffb7cb07a1d8591f24b334224c5009704b51be05c7f3feaec609486

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ahealthyaura.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 14 Mar 2023 05:16:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78594
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 14 Mar 2023 05:16:07 GMT

GET
DATA 200
OK truncated
/ 9 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fa98238b98383829699b89aa8d4b2835dd6856dc85e3d7525ac22b0b12d07e69

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8c3c5f2623afaaa4ad6af8048c6e37fa1a4ead58a7a00c5d0b680f09b6850eab

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ 14 KB
14 KB Font
font/opentype

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d1de21730854ea4db035a81914cb0bd57aa74d715af6f89b46a2d002917ca1ed

Request headers

Referer
Origin: https://ahealthyaura.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: font/opentype

GET
H2 200 fell-400-normal.woff
glyph.medium.com/font/78ce731/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 24 KB
25 KB 199ms
36ms Font
application/font-woff 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/78ce731/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/fell-400-normal.woff

Requested by

Host: static.tumblr.com
URL: https://static.tumblr.com/bejxdgc/NDhpx23f1/m2.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e8fed51ae35ba9d9c900b99b774df79551240e4954aa5bdd2289cf32d64c1715

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://static.tumblr.com/
Origin: https://ahealthyaura.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 14 Mar 2023 05:16:07 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 3540400
x-envoy-upstream-service-time: 40
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
cf-ray: 7a7a0af5de95361e-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Wed, 13 Mar 2024 05:16:07 GMT

GET
DATA 200
OK truncated
/ 15 KB
15 KB Font
font/opentype

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ff4c91bf9cb91b2fb2e0344577754e3f2ade240aa8d8d8db0171901c9115feb1

Request headers

Referer
Origin: https://ahealthyaura.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: font/opentype

GET
H2 200 charter-700-normal.woff
glyph.medium.com/font/f50d520/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 15 KB
16 KB 198ms
35ms Font
application/font-woff 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/f50d520/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/charter-700-normal.woff

Requested by

Host: static.tumblr.com
URL: https://static.tumblr.com/bejxdgc/NDhpx23f1/m2.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

582a04757d62c3d9ad1c9cc5d7e40787a900fd02b3aeace43d41008a7658d071

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://static.tumblr.com/
Origin: https://ahealthyaura.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 14 Mar 2023 05:16:07 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 3540400
x-envoy-upstream-service-time: 90
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
cf-ray: 7a7a0af5de97361e-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Wed, 13 Mar 2024 05:16:07 GMT

GET
DATA 200
OK truncated
/ 14 KB
14 KB Font
font/opentype

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 99a9df080944a29084bf6f88ccc49b1f3a0cee1aed655c640ca433871a6af398

Request headers

Referer
Origin: https://ahealthyaura.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: font/opentype

POST
H2 204 collect
region1.google-analytics.com/g/ 0
254 B 125ms
27ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-GJ66QD6E96&gtm=45je33d0h2&_p=1494205643&cid=469692600.1678770968&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1678770968&sct=1&seg=0&dl=https%3A%2F%2Fahealthyaura.com%2Felonmusk%2FElonMusk%2F&dt=5000%20BTC%20Elon%20Musk%20Airdrop%20%E2%80%93%20Medium&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GJ66QD6E96
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ahealthyaura.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Mar 2023 05:16:08 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ahealthyaura.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Crypto (Crypto Exchange)

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.ahealthyaura.com/	1970-01-20 19:55:30	Name: _ga Value: GA1.1.469692600.1678770968
			.ahealthyaura.com/	1970-01-20 19:55:30	Name: _ga_GJ66QD6E96 Value: GS1.1.1678770968.1.0.1678770968.0.0.0

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://ahealthyaura.com/elonmusk/ElonMusk/medium/1UATD6Vui-5Xa4Vb2QAOtbg_002.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://pbs.twimg.com/profile_images/1474910968157249536/FS8-70Ie_400x400.jpg Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ahealthyaura.com
cdn-images-1.medium.com
code.jquery.com
glyph.medium.com
i.imgur.com
imgur.com
pbs.twimg.com
region1.google-analytics.com
static.tumblr.com
www.blockonomics.co
www.googletagmanager.com
146.75.116.193
192.0.77.40
192.185.72.99
199.232.196.193
2001:4860:4802:32::36
2001:4de0:ac18::1:a:3b
2606:4700:7::a29f:9804
2606:4700:7::a29f:9904
2a00:1450:4001:811::2008
2a04:4e42:8d::159
52.10.115.182
03d71e2470a7b7f26c4eeb073b600f56acee001873b872df9f72065ac6f07132
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0bf49c44b081b5734010a8ba3fd13b7c85d9c500cb1f5451b37b7054c212b4a7
0c36538b0ffb7cb07a1d8591f24b334224c5009704b51be05c7f3feaec609486
29e89f00341d65ffbab6fdfce78f7e42a1daf4bda2e3615ad9466e2ce47760ef
2d1196c31e454364bf96cc774bfd0da0e0fca248b334e2084d5f27fbc489d12d
4370ae6c750b86a4ed5409ac3278fc076573eb04ed16619174ef01ed15f5f724
582a04757d62c3d9ad1c9cc5d7e40787a900fd02b3aeace43d41008a7658d071
5b209ef1a852caa73dabdcfb3a9852d877034db402efe34523f518bf1b14ad42
6f15fa5979d25404827a7329e8a5ec332a42cf4fd73e27a2c3ccda017034e1b0
71f7f5908526a35599554854dbad5c5c27beab85d65f5192e811aeb93b263864
8414c30a198206c39659a3480d99d096bbc830911bae3a1ca7022d500d548c3c
8c3c5f2623afaaa4ad6af8048c6e37fa1a4ead58a7a00c5d0b680f09b6850eab
8f70c1bb63bcd03623b5c8b4cb078b9b3bdc931692522bf49967d6a57ec0a9c6
99a9df080944a29084bf6f88ccc49b1f3a0cee1aed655c640ca433871a6af398
b5d341b9eecdadc00ffa76fb9e5a05983b31cbac7ab6450f9c768202185ead4d
bccb23d41c2cc69cf0c7d22c4314ca8181a513c6999b73e45307792830f4e482
be9a62a389ef14e5aa7c9c7ef9f7bec271ecce1f86aa8f0cdcc9a5e3acf7948e
d1de21730854ea4db035a81914cb0bd57aa74d715af6f89b46a2d002917ca1ed
e1dcf10c94027fc9946bc9aaa7eb98cdec4d81b9c0693e2ab2959746f1043075
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8fed51ae35ba9d9c900b99b774df79551240e4954aa5bdd2289cf32d64c1715
ed7111fe81e321fdbe690130e31ef9685dcdbc68e89594d59b4f428fb386a5f9
f9d10459c0e3e0b29ebdae9a54c33abc5b95071d43006fb6b17cbf7608036173
fa98238b98383829699b89aa8d4b2835dd6856dc85e3d7525ac22b0b12d07e69
fc5fe349128c5c34464403ff2c77de78b74f24ec0f38c7919cd3603060667531
ff4c91bf9cb91b2fb2e0344577754e3f2ade240aa8d8d8db0171901c9115feb1

ahealthyaura.com Open in urlscan Pro 192.185.72.99 Malicious Activity!

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

23 Requests

52 %HTTPS

55 %IPv6

9 Domains

11 Subdomains

11 IPs

3 Countries

1281 kBTransfer

1615 kBSize

2 Cookies

16 Outgoing links

Redirected requests

23 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

ahealthyaura.com
192.185.72.99 Malicious Activity!

Screenshot
Live screenshot

Full Image

23
Requests

52 %
HTTPS

55 %
IPv6

9
Domains

11
Subdomains

11
IPs

3
Countries

1281 kB
Transfer

1615 kB
Size

2
Cookies

23 HTTP transactions
5 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!