Overview

URLdirect-medical-claims.com/lt/iueumq
IP 34.102.136.180 (United States)
ASN#15169 GOOGLE
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-10-08 05:28:53 UTC
StatusLoading report..
IDS alerts0
Blocklist alert3
urlquery alerts No alerts detected
Tags None

Domain Summary (15)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
api.aws.parking.godaddy.com (4) 36127 2020-03-23 21:33:37 UTC 2022-10-07 11:08:07 UTC 54.144.191.120
r3.o.lencr.org (7) 344 2020-12-02 08:52:13 UTC 2022-10-07 04:53:48 UTC 23.36.76.226
img1.wsimg.com (2) 9893 2012-06-20 14:42:31 UTC 2022-10-08 04:37:50 UTC 23.36.79.43
direct-medical-claims.com (1) 0 2020-05-21 14:45:27 UTC 2022-10-08 02:05:06 UTC 34.102.136.180 Unknown ranking
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-10-08 04:04:25 UTC 34.117.237.239
ocsp.digicert.com (1) 86 2012-05-21 07:02:23 UTC 2022-10-07 17:24:28 UTC 93.184.220.29
push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-10-07 05:03:51 UTC 52.39.175.179
img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-10-07 18:07:15 UTC 34.120.237.76
firefox.settings.services.mozilla.com (2) 867 2020-05-28 17:26:30 UTC 2022-10-07 22:50:55 UTC 54.230.111.65
content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-10-07 04:59:13 UTC 34.160.144.191
partner.googleadservices.com (1) 798 2012-10-03 01:04:21 UTC 2022-10-07 08:54:36 UTC 172.217.21.162
afs.googleusercontent.com (2) 12123 2013-05-07 00:37:08 UTC 2022-10-07 05:13:46 UTC 142.250.74.33
www.google.com (1) 7 2016-08-04 12:36:31 UTC 2022-10-08 04:42:31 UTC 142.250.74.164
ocsp.pki.goog (7) 175 2017-06-14 07:23:31 UTC 2022-10-07 04:53:39 UTC 142.250.74.3
ocsp.godaddy.com (2) 698 2012-05-20 19:28:57 UTC 2022-10-07 04:54:36 UTC 192.124.249.24

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-10-08 2 direct-medical-claims.com/lt/iueumq Malware

mnemonic secure dns
Scan Date Severity Indicator Comment
2022-10-08 2 direct-medical-claims.com Sinkholed

Quad9 DNS
Scan Date Severity Indicator Comment
2022-10-08 2 direct-medical-claims.com Sinkholed


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 34.102.136.180
Date UQ / IDS / BL URL IP
2023-01-30 00:00:05 +0000 0 - 0 - 0 arc-inc.org 34.102.136.180
2023-01-29 22:11:39 +0000 0 - 0 - 1 appleabroadsolution.com/ 34.102.136.180
2023-01-29 21:41:34 +0000 0 - 0 - 1 app-stonemeuacesso.com/ 34.102.136.180
2023-01-29 21:11:40 +0000 0 - 0 - 1 clseo1.me/ 34.102.136.180
2023-01-29 20:33:15 +0000 0 - 0 - 1 mrcbdsprays.com/ 34.102.136.180


Last 5 reports on ASN: GOOGLE
Date UQ / IDS / BL URL IP
2023-01-30 01:49:48 +0000 0 - 0 - 4 northamerica-northeast1-carbon-mediator-37181 (...) 216.239.36.54
2023-01-30 01:37:22 +0000 0 - 0 - 3 ringrentsanthtar1974.blogspot.com.cy/ 142.250.74.97
2023-01-30 01:36:56 +0000 0 - 0 - 3 marilynmonroedaniellecohn.blogspot.kr/ 142.250.74.97
2023-01-30 01:35:28 +0000 0 - 0 - 4 musclerobloxtshirt.blogspot.com.br/ 142.250.74.97
2023-01-30 01:34:33 +0000 0 - 0 - 3 robloxflyhackpastebin.blogspot.si/ 142.250.74.97


Last 5 reports on domain: direct-medical-claims.com
Date UQ / IDS / BL URL IP
2022-10-12 19:45:22 +0000 0 - 0 - 2 direct-medical-claims.com/lt/lmiteebaor 34.102.136.180
2022-10-11 16:45:02 +0000 0 - 0 - 2 direct-medical-claims.com/lt/lmiteebaor 34.102.136.180
2022-10-11 16:44:57 +0000 0 - 0 - 2 direct-medical-claims.com/lt/iueumq 34.102.136.180
2022-10-10 14:06:22 +0000 0 - 0 - 3 direct-medical-claims.com/lt/lmiteebaor 34.102.136.180
2022-10-10 14:05:56 +0000 0 - 0 - 3 direct-medical-claims.com/lt/iueumq 34.102.136.180


Last 5 reports with similar screenshot
Date UQ / IDS / BL URL IP
2022-12-02 21:50:14 +0000 0 - 0 - 1 homesweethyland.com/invoice/updation 34.98.99.30
2022-12-01 04:34:00 +0000 0 - 0 - 1 petersburgkappas.com/wp-includes/class-wp-err (...) 34.102.136.180
2022-11-29 02:27:34 +0000 0 - 0 - 1 livescanoxnard.com/outlook/56yu7/login.php 34.102.136.180
2022-11-23 09:57:00 +0000 0 - 0 - 1 kwiklearningapp.site/ 34.102.136.180
2022-11-23 03:20:56 +0000 0 - 0 - 1 loscabosnights.com/wp-includes/pomo/translati (...) 34.102.136.180

JavaScript

Executed Scripts (7)

Executed Evals (0)

Executed Writes (0)


HTTP Transactions (39)


Request Response
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         54.230.111.65
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=259200
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 05 Oct 2022 15:47:18 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: -a6dKzqinEf3rQas9yOPxHcCBpT-Wc_c3y1DjnNzbS1BWtBIBpUEAg==
Age: 222084


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    2d12f67fe57a87e7366b662d153a5582
Sha1:   d7b02d81cc74f24a251d9363e0f4b0a149264ec1
Sha256: 73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
                                        
                                            GET /lt/iueumq HTTP/1.1 
Host: direct-medical-claims.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         34.102.136.180
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Server: openresty
Date: Sat, 08 Oct 2022 05:28:42 GMT
Content-Length: 2551
Last-Modified: Sat, 01 Oct 2022 13:49:32 GMT
ETag: "6338456c-9f7"
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_ducls/7sANRR6phAgx4oP4DVsrr3bLzLRDOrhDmO5z+htLn9Ab6iFE4XfV6KVlD8ToylVfPRFKMWjFTEmw15LQ
Set-Cookie: system=PW;Path=/;Max-Age=86400; caf_ipaddr=91.90.42.154;Path=/;Max-Age=86400; country=NO;Path=/;Max-Age=86400; city="";Path=/;Max-Age=86400; traffic_target=gd;Path=/;Max-Age=86400;
Accept-Ranges: bytes
Via: 1.1 google


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2551), with no line terminators
Size:   2551
Md5:    6e0e72649d50296f15557e931c1e05e9
Sha1:   a86f0f6aa222653013fe3c36d434f67057c85e64
Sha256: 895c0f60e59fdd84e53ab7ddb8866c8f49e45386632dca017efedd48313c9e0c

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EE3C03CC0A659FBC43D34FEAA79A8AD6627B9C525D675956CDB434C1590DB89E"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8586
Expires: Sat, 08 Oct 2022 07:51:48 GMT
Date: Sat, 08 Oct 2022 05:28:42 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "582364F9F6014520C269F1F794E7C34027BD2697B53E5D02FAD43E74A735E471"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11081
Expires: Sat, 08 Oct 2022 08:33:23 GMT
Date: Sat, 08 Oct 2022 05:28:42 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: 3bXdTPbVPxlFtl0EhBgCXRle0froL9oNKwBaa5BdB9JcUnNR+jKe8qX8JQgPoNysZ2PjHU3vH3Q=
x-amz-request-id: AQ70BFCS2GSXG6FA
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 08 Oct 2022 04:31:29 GMT
age: 3433
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    67d5a988edcda47bc3b3b3f65d32b4b6
Sha1:   d4f0e0da8b3690cc7da925026d3414b68c7d954f
Sha256: 55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Sat, 08 Oct 2022 05:28:42 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /parking-lander/static/js/main.4e219663.chunk.js HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://direct-medical-claims.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         23.36.79.43
HTTP/2 200 OK
content-type: application/javascript
                                        
x-amz-id-2: ePBtPNltighZ03JBS/Xu3LYeSA7F1yzEuIL6FXs/YdArb0qYS2ZncKxSX45UyFn4EY1mPti8L0Y=
x-amz-request-id: Q5Y8PK0VHGD0XQRS
last-modified: Fri, 16 Sep 2022 16:45:04 GMT
etag: "87b518e8e45487e774f8d47f2dc0026f"
x-amz-server-side-encryption: AES256
x-amz-version-id: 2Wom95JLG5jhnN_DEOMzqRfOKsQDbi7Z
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 58202
cache-control: max-age=31536000
expires: Sun, 08 Oct 2023 05:28:42 GMT
date: Sat, 08 Oct 2022 05:28:42 GMT
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65459)
Size:   58202
Md5:    feb46b3c6b7556a8bf123a5e87ffd2b5
Sha1:   aff2efba814012e9fe1586055599069f77e6a062
Sha256: 6f8d46c42987c0d7b471b54065e6b8fd6e965452ccc5c2fcd12f25e5362b5fd7
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 08 Oct 2022 05:28:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 08 Oct 2022 05:28:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         54.230.111.65
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Expires, Backoff, ETag, Last-Modified, Pragma, Cache-Control, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Sat, 08 Oct 2022 04:29:41 GMT
Expires: Sat, 08 Oct 2022 05:22:51 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: -F9-7h_436MAx12QLZQGbkWLKA_ZOMoYGMTu23jY74TQza_YxjuwGQ==
Age: 3542


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.godaddy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         192.124.249.24
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Sucuri/Cloudproxy
Date: Sat, 08 Oct 2022 05:28:43 GMT
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sat, 08 Oct 2022 01:57:58 GMT
Expires: Sun, 09 Oct 2022 01:57:58 GMT
ETag: "f35843d43c3574d0eee9c12d5742da129375817f"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"


--- Additional Info ---
Magic:  data
Size:   1777
Md5:    e4f11ec67e49d780c8072ff0e05bccd1
Sha1:   f35843d43c3574d0eee9c12d5742da129375817f
Sha256: 09ff0cc56e059a58a7280eb40f6fad6d1d1a2b38ed1e9538da060daeeccbb156
                                        
                                            POST / HTTP/1.1 
Host: ocsp.godaddy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         192.124.249.24
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Sucuri/Cloudproxy
Date: Sat, 08 Oct 2022 05:28:43 GMT
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sat, 08 Oct 2022 01:57:58 GMT
Expires: Sun, 09 Oct 2022 01:57:58 GMT
ETag: "f35843d43c3574d0eee9c12d5742da129375817f"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"


--- Additional Info ---
Magic:  data
Size:   1777
Md5:    e4f11ec67e49d780c8072ff0e05bccd1
Sha1:   f35843d43c3574d0eee9c12d5742da129375817f
Sha256: 09ff0cc56e059a58a7280eb40f6fad6d1d1a2b38ed1e9538da060daeeccbb156
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3525
Cache-Control: 'max-age=158059'
Date: Sat, 08 Oct 2022 05:28:43 GMT
Last-Modified: Sat, 08 Oct 2022 04:29:58 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471

                                        
                                            OPTIONS /v1/parking/landers/direct-medical-claims.com?trafficTarget=gd HTTP/1.1 
Host: api.aws.parking.godaddy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-request-id
Referer: http://direct-medical-claims.com/
Origin: http://direct-medical-claims.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         54.144.191.120
HTTP/2 200 OK
                                        
date: Sat, 08 Oct 2022 05:28:43 GMT
content-length: 0
set-cookie: AWSALB=7x7XJqdXhiqL+5sTpRK8vk531H8WojloCdhxG8bTuifvnmz4KRFdvspSZ4azRlsPiJJmVp/t0CHb2bjRlvJPcFkF3O+i58hfaXM7o/glUMtaznzgnXWLMnVbEYMf; Expires=Sat, 15 Oct 2022 05:28:43 GMT; Path=/ AWSALBCORS=7x7XJqdXhiqL+5sTpRK8vk531H8WojloCdhxG8bTuifvnmz4KRFdvspSZ4azRlsPiJJmVp/t0CHb2bjRlvJPcFkF3O+i58hfaXM7o/glUMtaznzgnXWLMnVbEYMf; Expires=Sat, 15 Oct 2022 05:28:43 GMT; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
access-control-allow-headers: X-Request-Id
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: http://direct-medical-claims.com
access-control-max-age: 600
x-request-id: BRlYUwjH
X-Firefox-Spdy: h2

                                        
                                            GET /v1/parking/landers/direct-medical-claims.com?trafficTarget=gd HTTP/1.1 
Host: api.aws.parking.godaddy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://direct-medical-claims.com/
X-Request-Id: 843a7747-96ce-493d-bb47-a014553d429f
Origin: http://direct-medical-claims.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         54.144.191.120
HTTP/2 200 OK
content-type: application/json
                                        
date: Sat, 08 Oct 2022 05:28:43 GMT
content-length: 876
set-cookie: AWSALB=Hxo4FjRNwc3R90bOkRlB9ckrSQnuQmtyoadi007SNUAmZrGO9qeXVVVGNMp7++7ZSCax565UEbxwokkwX6yJmh1yK9rlwLVLDvUYt+BRH6QFZc4gD06WhZjC1UlD; Expires=Sat, 15 Oct 2022 05:28:43 GMT; Path=/ AWSALBCORS=Hxo4FjRNwc3R90bOkRlB9ckrSQnuQmtyoadi007SNUAmZrGO9qeXVVVGNMp7++7ZSCax565UEbxwokkwX6yJmh1yK9rlwLVLDvUYt+BRH6QFZc4gD06WhZjC1UlD; Expires=Sat, 15 Oct 2022 05:28:43 GMT; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
access-control-allow-origin: http://direct-medical-claims.com
access-control-max-age: 600
x-request-id: 843a7747-96ce-493d-bb47-a014553d429f
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (875)
Size:   876
Md5:    9f65d6033acbbe99ff959efe36a42b49
Sha1:   155333a9ac4109d08500303a617d63b529e93a25
Sha256: 460501af2f8e11937338278b014ee40b8507a98fb74adcbeea5859958f7869c1
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 08 Oct 2022 05:28:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /gampad/cookie.js?domain=direct-medical-claims.com&client=dp-godaddy1_xml&product=SAS&callback=__sasCookie HTTP/1.1 
Host: partner.googleadservices.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://direct-medical-claims.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         172.217.21.162
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sat, 08 Oct 2022 05:28:43 GMT
server: cafe
cache-control: private
content-length: 193
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   193
Md5:    a875e7101bb85004cab71240fabf4ccc
Sha1:   2aca8a8bda3c329eddd1c4987c8fdb1bb03c5bef
Sha256: 9ef4f8bd64eee65cd9c08f33821e1d0a7c7835c818e07b2b7a594c40f34f4cb2
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 08 Oct 2022 05:28:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: +lDnCP1KJ8WSL8i1ZARivQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         52.39.175.179
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 67naJF0Fy6pvP4AsMAwGtHAkthg=

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 08 Oct 2022 05:28:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 08 Oct 2022 05:28:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /ad_icons/standard/publisher_icon_image/search.svg?c=%231967d2 HTTP/1.1 
Host: afs.googleusercontent.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.33
HTTP/2 200 OK
content-type: image/svg+xml
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-length: 272
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Sat, 08 Oct 2022 00:38:53 GMT
expires: Sat, 08 Oct 2022 23:38:53 GMT
cache-control: public, max-age=82800
age: 17390
last-modified: Thu, 19 Dec 2019 14:15:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (390)
Size:   272
Md5:    bbbac37f0b6e29a6099e4aa7cb19d6ca
Sha1:   0acafe95e2141f0af6109203efeb2d98e6b926c6
Sha256: a3d7b37475de5a3a350d4dc4790f14a6a5f4045726d2eae4cbe9bd59aeba2fe2
                                        
                                            GET /ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff HTTP/1.1 
Host: afs.googleusercontent.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.33
HTTP/2 200 OK
content-type: image/svg+xml
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-length: 174
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Fri, 07 Oct 2022 14:04:12 GMT
expires: Sat, 08 Oct 2022 13:04:12 GMT
cache-control: public, max-age=82800
age: 55471
last-modified: Thu, 22 Oct 2020 21:45:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with no line terminators
Size:   174
Md5:    4de8b85c8915995b571bde50e231be7c
Sha1:   29c226ca7b9cbe1d44e5480ce95bbb42727b2d99
Sha256: 2ec9168c4507546748c5f400f5030031f0eb06f2aed8deaa11362c395bff4f7a
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 08 Oct 2022 05:28:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            OPTIONS /v1/parkingEvents HTTP/1.1 
Host: api.aws.parking.godaddy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: http://direct-medical-claims.com/
Origin: http://direct-medical-claims.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         54.144.191.120
HTTP/2 200 OK
content-type: text/plain
                                        
date: Sat, 08 Oct 2022 05:28:43 GMT
content-length: 0
set-cookie: AWSALB=XECMkXDhg2pYxRJfotALaSXXaCb/sGlJHdLnqapn0mUxUYxNpSIt7na+N5Ed8MkhOIzRHaKboMK6D8Abpj8JWmTvtN7sBQPVSnnTx0d1k6oVdw81tS5PlNbffpIA; Expires=Sat, 15 Oct 2022 05:28:43 GMT; Path=/ AWSALBCORS=XECMkXDhg2pYxRJfotALaSXXaCb/sGlJHdLnqapn0mUxUYxNpSIt7na+N5Ed8MkhOIzRHaKboMK6D8Abpj8JWmTvtN7sBQPVSnnTx0d1k6oVdw81tS5PlNbffpIA; Expires=Sat, 15 Oct 2022 05:28:43 GMT; Path=/; SameSite=None; Secure
access-control-allow-methods: POST
access-control-allow-headers: content-type
access-control-allow-origin: *
X-Firefox-Spdy: h2

                                        
                                            POST /v1/parkingEvents HTTP/1.1 
Host: api.aws.parking.godaddy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://direct-medical-claims.com/
Content-Type: application/json
Origin: http://direct-medical-claims.com
Content-Length: 668
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         54.144.191.120
HTTP/2 200 OK
content-type: text/plain
                                        
date: Sat, 08 Oct 2022 05:28:43 GMT
content-length: 0
set-cookie: AWSALB=jInh1/+FAhr5yVA2BdhnK0vs2PEbulw9hhhiWR9AX39kB2fC3YxSvJWEpRbUvlKPetETSrChyLF/0rpLIkJse5kY8rcLbx0nCGyhIXXurixxYr8KXBkR0bWJsYqH; Expires=Sat, 15 Oct 2022 05:28:43 GMT; Path=/ AWSALBCORS=jInh1/+FAhr5yVA2BdhnK0vs2PEbulw9hhhiWR9AX39kB2fC3YxSvJWEpRbUvlKPetETSrChyLF/0rpLIkJse5kY8rcLbx0nCGyhIXXurixxYr8KXBkR0bWJsYqH; Expires=Sat, 15 Oct 2022 05:28:43 GMT; Path=/; SameSite=None; Secure
access-control-allow-origin: *
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "65D8A97F6DF1E110333A01D1F6DCB4982DB7BB4B1C5F3F1498FAFA716E250C0F"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13812
Expires: Sat, 08 Oct 2022 09:18:56 GMT
Date: Sat, 08 Oct 2022 05:28:44 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "65D8A97F6DF1E110333A01D1F6DCB4982DB7BB4B1C5F3F1498FAFA716E250C0F"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13812
Expires: Sat, 08 Oct 2022 09:18:56 GMT
Date: Sat, 08 Oct 2022 05:28:44 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "65D8A97F6DF1E110333A01D1F6DCB4982DB7BB4B1C5F3F1498FAFA716E250C0F"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13812
Expires: Sat, 08 Oct 2022 09:18:56 GMT
Date: Sat, 08 Oct 2022 05:28:44 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "65D8A97F6DF1E110333A01D1F6DCB4982DB7BB4B1C5F3F1498FAFA716E250C0F"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13812
Expires: Sat, 08 Oct 2022 09:18:56 GMT
Date: Sat, 08 Oct 2022 05:28:44 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "65D8A97F6DF1E110333A01D1F6DCB4982DB7BB4B1C5F3F1498FAFA716E250C0F"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13812
Expires: Sat, 08 Oct 2022 09:18:56 GMT
Date: Sat, 08 Oct 2022 05:28:44 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe1bcebbe-27c2-4099-bbc1-abdf6256ab4e.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5569
x-amzn-requestid: b5c3249d-a0e8-47c9-871a-394b337fec1b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zp1DlFI0IAMF4Vw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63409bb0-46cfa015483870b42e070a3f;Sampled=0
x-amzn-remapped-date: Fri, 07 Oct 2022 21:35:44 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: yIhLr2mHrPQObhv3lmE9JG31lkn0lkB-zfIbx-Pc74GIZIdGNfmuQA==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Fri, 07 Oct 2022 21:55:12 GMT
age: 27212
etag: "7775f508ca5c217a6a78f3189c5755a1a305a784"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5569
Md5:    22b9c4fdd287de207445661529599897
Sha1:   7775f508ca5c217a6a78f3189c5755a1a305a784
Sha256: ac1864dda4b4000a089aad6b4499a7d5f1ead6094a1194bd7618775952d399dc
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F133e90d6-616e-420a-b28c-3bc0e9f41004.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6196
x-amzn-requestid: 225da0b3-92a4-4378-a971-1134e304725d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zp2o4Gb8IAMFauw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63409e38-27c2f72c3531a47720107b2e;Sampled=0
x-amzn-remapped-date: Fri, 07 Oct 2022 21:46:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 7UrEqUsz3LS16XXwCerczzXV-FgKzWV0RYCbnOrqDvf7hDwXNmEnGA==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Fri, 07 Oct 2022 21:50:49 GMT
age: 27475
etag: "0e9b97fed2c3039b50c222315792c1c26ee47d61"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6196
Md5:    a318cb4259fd9b29184711e0bdc012b7
Sha1:   0e9b97fed2c3039b50c222315792c1c26ee47d61
Sha256: f9b358364e93b3de38d39afb8703fb76f0290f84007c6a939653207cb7d266f9
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F80ea69a5-f119-4320-8a89-eaa422dade08.png HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 12216
x-amzn-requestid: 38c08aa2-1085-42b7-803c-73d87f28b6cb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zp3AjEF6IAMFkLA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63409ed0-413a197b3d45bd916588196b;Sampled=0
x-amzn-remapped-date: Fri, 07 Oct 2022 21:49:04 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: J7myCPUqf_CObucnOeOSbw5x8sPsIVDNWbjpcEgdL7x-kY-ViNnEsg==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Fri, 07 Oct 2022 21:50:33 GMT
age: 27491
etag: "cebb1cf36cf6b4a0209cd8f4989b8f5168e2a59c"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   12216
Md5:    55147b91b97ad22c45c980671947f39c
Sha1:   cebb1cf36cf6b4a0209cd8f4989b8f5168e2a59c
Sha256: ca84bb5317079b510de8e83c6c17b715dc5e0c3ec27ef7ead9f03fbcfe3d2b44
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9176a06a-294d-4b65-8535-846b9386ccc6.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6766
x-amzn-requestid: 8534c4a9-161b-4f7d-a956-36f5d35fde26
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zp1DmGLzIAMFxbw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63409bb0-7b2d96e3559d6d057f27d9cf;Sampled=0
x-amzn-remapped-date: Fri, 07 Oct 2022 21:35:44 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NV1e4Qk40mQQBEQsD87vjiyz0yqsw8UYCfyq27LIgA5aOfZkRpKmFQ==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Fri, 07 Oct 2022 21:55:32 GMT
age: 27192
etag: "46583b7657dadcffbea286bd45fad99a10f81335"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6766
Md5:    97c7f371036a91fd437db5abc3decdfd
Sha1:   46583b7657dadcffbea286bd45fad99a10f81335
Sha256: 7da3c89d51447ee13c701c892e6b7a4094da97cd1cd7c08322e085d0f49586b9
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ceff04a-841a-487e-8a19-5bf8deb18775.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9270
x-amzn-requestid: cbab3d28-6a82-4dcb-893f-2d65f62964b4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zp1R5H7MoAMFjtw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63409c0b-0742c17042e08a403c3afcfb;Sampled=0
x-amzn-remapped-date: Fri, 07 Oct 2022 21:37:15 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: vvIXg3LNlltrHMME43_Z3L-qUTocl70oRb3qQnUyj3PQFaasDGijSQ==
via: 1.1 6ca7826fb0f4c565b1af9c7737725c48.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 07 Oct 2022 21:37:16 GMT
etag: "f64c6152a5e4591e93e4a7b199785f1486354602"
age: 28288
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9270
Md5:    c656736249c63b689259baf51691e164
Sha1:   f64c6152a5e4591e93e4a7b199785f1486354602
Sha256: f4a342ef5a47b99e74d467dd23c9190bda65f8b58dfb469be07a5819f61f80f4
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa0b7bc4b-b79a-4bab-9bec-87695d757b08.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10987
x-amzn-requestid: c2ab1012-1afd-4d74-8114-97977b43da24
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZgCHwGdGoAMFvyg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633cb097-3237927a0c1e081d22c902f7;Sampled=0
x-amzn-remapped-date: Tue, 04 Oct 2022 22:15:51 GMT
x-amz-cf-pop: SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: iClOZEPMiFmpeprT8McJ2HI0dCmyxkhEdfYr0qP0YK3U_Pcd9N0Fhg==
via: 1.1 3dde68f1f52282c9e1ee336d97233b0a.cloudfront.net (CloudFront), 1.1 b47618c03bd47cf085f27b1e215f76cc.cloudfront.net (CloudFront), 1.1 google
date: Fri, 07 Oct 2022 11:08:01 GMT
age: 66043
etag: "c47f0525fe5354ee13fe63c0ec31f0f826a58005"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10987
Md5:    53b7ffdc3799e0ac7a225145242579ef
Sha1:   c47f0525fe5354ee13fe63c0ec31f0f826a58005
Sha256: 4bb518afc9b3e7bfb976d343e46b306155834adbe71fa35b0d6f509959f78aca
                                        
                                            GET /adsense/domains/caf.js HTTP/1.1 
Host: www.google.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://direct-medical-claims.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.164
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
date: Sat, 08 Oct 2022 05:28:42 GMT
expires: Sat, 08 Oct 2022 05:28:42 GMT
cache-control: private, max-age=3600
etag: "13930622978783687029"
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /parking-lander/static/js/2.5940ae1c.chunk.js HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://direct-medical-claims.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         23.36.79.43
HTTP/2 200 OK
content-type: application/javascript
                                        
x-amz-id-2: BJKddOb28V2CtOYHtdx3dgS4ijBb8z9Zz0e916fBJ6yIzilOfuV7lgEi1PzYX2UW11Gi/zLf5Nk=
x-amz-request-id: A0GTYC5KNWH4XAW6
last-modified: Fri, 16 Sep 2022 17:52:00 GMT
etag: "04bb6e8d9135d976f28e9ba68fbc6f67"
x-amz-server-side-encryption: AES256
x-amz-version-id: 4zafttojs22R6rxiZs_M0ICLL.vyZxyd
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=31536000
expires: Sun, 08 Oct 2023 05:28:42 GMT
date: Sat, 08 Oct 2022 05:28:42 GMT
content-length: 135541
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---