Report - www.claimwell.com/

Report Overview

Submitted URL
www.claimwell.com/
IP
151.101.130.159
ASN
#54113 FASTLY
Submitted
2022-11-13 21:53:30
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
88

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-10T13:49:44Z	1.0 kB	2.2 kB	93.184.220.29
www.claimwell.com	unknown	2021-06-08T21:43:15Z	2022-12-09T19:12:16Z	349 B	709 B	151.101.130.159
claimwell.com	unknown	2017-06-19T09:43:26Z	2023-02-20T03:46:54Z	30 kB	825 kB	151.101.130.159
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-10T05:11:10Z	4.5 kB	9.1 kB	142.250.74.35
www.googletagmanager.com	75	2013-05-22T04:07:37Z	2023-03-10T13:03:15Z	383 B	44 kB	142.250.74.168
player.vimeo.com	1858	2013-09-26T05:16:08Z	2023-03-10T14:01:02Z	539 B	10 kB	162.159.138.60
www.gstatic.com	unknown	2016-07-26T11:37:06Z	2023-03-10T12:47:01Z	437 B	164 kB	142.250.74.163
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-10T05:10:00Z	333 B	229 B	34.117.237.239
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-10T05:10:04Z	3.2 kB	54 kB	34.120.237.76
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-10T05:10:00Z	782 B	2.4 kB	34.102.187.140
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-10T05:12:35Z	413 B	5.8 kB	34.160.144.191
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-10T05:10:02Z	606 B	127 B	54.148.77.40
region1.google-analytics.com	unknown	2022-03-17T12:26:33Z	2023-03-10T05:19:43Z	694 B	560 B	216.239.32.36
fresnel.vimeocdn.com	3128	2014-12-13T10:04:00Z	2023-03-10T15:04:05Z	1.0 kB	520 B	34.120.202.204
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-10T12:25:49Z	746 B	746 B	142.250.74.10
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-10T05:09:10Z	2.0 kB	5.3 kB	23.36.76.226
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-10T14:37:36Z	967 B	79 kB	216.58.207.195
www.google-analytics.com	40	2012-10-03T03:04:21Z	2023-03-10T13:35:34Z	1.2 kB	21 kB	142.250.74.174
f.vimeocdn.com	3234	2014-04-09T20:24:34Z	2023-03-10T14:01:02Z	1.6 kB	256 kB	151.101.86.109
i.vimeocdn.com	3126	2014-03-27T23:24:57Z	2023-03-10T14:01:03Z	967 B	15 kB	151.101.86.109
import.themovation.com	unknown	2015-06-27T13:11:33Z	2023-02-03T17:20:36Z	422 B	13 kB	174.138.58.92

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-11-13	medium	www.claimwell.com/	Phishing
2022-11-13	medium	claimwell.com/	Phishing
2022-11-13	medium	claimwell.com/wp-content/plugins/formidable/css/formidableforms.css?ver=10242250	Phishing
2022-11-13	medium	claimwell.com/wp-content/plugins/th-widget-pack/assets/icons/icons.css?ver=2.1.14	Phishing
2022-11-13	medium	claimwell.com/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.8.0	Phishing
2022-11-13	medium	claimwell.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0	Phishing
2022-11-13	medium	claimwell.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/v4-shims.min.css?ver=3.8.0	Phishing
2022-11-13	medium	claimwell.com/wp-content/uploads/elementor/css/post-3890.css?ver=1667319926	Phishing
2022-11-13	medium	claimwell.com/wp-content/plugins/th-widget-pack/header-footer/inc/widgets-css/frontend.css?ver=2.1.14	Phishing
2022-11-13	medium	claimwell.com/wp-content/plugins/header-footer-elementor/inc/widgets-css/frontend.css?ver=1.6.13	Phishing
2022-11-13	medium	claimwell.com/wp-content/plugins/th-widget-pack/header-footer/assets/css/header-footer-elementor.css?ver=2.1.14	Phishing
2022-11-13	medium	claimwell.com/wp-content/uploads/elementor/css/post-5004.css?ver=1667319981	Phishing
2022-11-13	medium	claimwell.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=3.8.0	Phishing
2022-11-13	medium	claimwell.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0	Phishing
2022-11-13	medium	claimwell.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.3	Phishing
2022-11-13	medium	claimwell.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0	Phishing
2022-11-13	medium	claimwell.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3	Phishing
2022-11-13	medium	claimwell.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3	Phishing
2022-11-13	medium	claimwell.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.8.0	Phishing
2022-11-13	medium	claimwell.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.8.0	Phishing
2022-11-13	medium	claimwell.com/wp-content/plugins/elementor-pro/assets/lib/smartmenus/jquery.smartmenus.min.js?ver=1.0.1	Phishing
2022-11-13	medium	claimwell.com/wp-content/plugins/th-widget-pack/js/themo-foot.js?ver=2.1.14	Phishing
2022-11-13	medium	claimwell.com/wp-content/themes/stratusx/assets/js/main.js?ver=1.2	Phishing
2022-11-13	medium	claimwell.com/wp-includes/js/imagesloaded.min.js?ver=4.1.4	Phishing
2022-11-13	medium	claimwell.com/wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/js/view/general.min.js?ver=5.4.2	Phishing
2022-11-13	medium	claimwell.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2	Phishing
2022-11-13	medium	claimwell.com/wp-content/plugins/elementor/assets/lib/jquery-numerator/jquery-numerator.min.js?ver=0.2.1	Phishing
2022-11-13	medium	claimwell.com/wp-content/plugins/elementor/assets/lib/font-awesome/js/v4-shims.min.js?ver=3.8.0	Phishing
2022-11-13	medium	claimwell.com/wp-content/uploads/essential-addons-elementor/eael-3890.js?ver=1631176832	Phishing
2022-11-13	medium	claimwell.com/wp-content/uploads/2021/03/dollar-sign-circle.svg	Phishing
2022-11-13	medium	claimwell.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9	Phishing
2022-11-13	medium	claimwell.com/wp-includes/js/dist/hooks.min.js?ver=c6d64f2cb8f5c6bb49caca37f8828ce3	Phishing
2022-11-13	medium	claimwell.com/wp-includes/js/dist/i18n.min.js?ver=ebee46757c6a411e38fd079a7ac71d94	Phishing
2022-11-13	medium	claimwell.com/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.8.0	Phishing
2022-11-13	medium	claimwell.com/wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.8.0	Phishing
2022-11-13	medium	claimwell.com/wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js?ver=3.8.0	Phishing
2022-11-13	medium	claimwell.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3	Phishing
2022-11-13	medium	claimwell.com/wp-content/uploads/essential-addons-elementor/eael-3890.css?ver=1631176832	Phishing
2022-11-13	medium	claimwell.com/wp-content/fonts/raleway/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVs9pbCIPrcVIT9d4cw.woff	Phishing
2022-11-13	medium	claimwell.com/wp-content/fonts/raleway/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCIPrcVIT9d4cw.woff	Phishing
2022-11-13	medium	claimwell.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-regular-400.woff2	Phishing
2022-11-13	medium	claimwell.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2	Phishing
2022-11-13	medium	claimwell.com/wp-content/fonts/raleway/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVuEorCIPrcVIT9d4cw.woff	Phishing
2022-11-13	medium	claimwell.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (54)

	URL	Size	First Seen	Last Seen
	claimwell.com/wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js?ver=3.8.0	3.8 kB	2023-03-08	2024-03-27
Pretty URL claimwell.com/wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js?ver=3.8.0 IP 151.101.130.159 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:23:52 Last Seen2024-03-27 12:08:51 Times Seen80 Hash eb516a522b58bed320e5f84398c6fc7b 0d16533aafbf908f8e01d9c8fb7e272e14747590 f21b923285e6f48addadbed2568b5308dd73c5edb7c2dc6c8f1fe6523883bbf6 Loading...

	www.googletagmanager.com/gtag/js?id=G-1FHZ4B327M&l=dataLayer&cx=c	217 kB	2023-03-11	2023-03-11
Pretty URL www.googletagmanager.com/gtag/js?id=G-1FHZ4B327M&l=dataLayer&cx=c IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 11:43:22 Last Seen2023-03-11 11:43:23 Times Seen1 Hash 7f82b702b9f1e82af494240d81be0c42 8360c01e9da1a4e1855f1098318b21c87f0dba52 bc6f5df5908c69db7d3d9812b1ad489cea385ecf5bb0be05dbf6d82d88f23f19 Loading...

	player.vimeo.com/video/589397769?color&autopause=0&loop=0&muted=0&title=0&portrait=0&byline=0#t=	1.2 kB	2023-03-11	2023-03-11
Pretty URL player.vimeo.com/video/589397769?color&autopause=0&loop=0&muted=0&title=0&portrait=0&byline=0#t= IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 11:43:22 Last Seen2023-03-11 11:43:24 Times Seen1 Hash c13ed8c98e35d8b3a4084eaf3f343bcc 02f1dd8aa104b7148356992373ed3a4395efe379 e4834dd91ab47cc8f7da2bee22975cf4ba0ac2faab7fb270a8708b202636658c Loading...

	claimwell.com/	2.2 kB	2023-03-11	2023-03-11
Pretty URL claimwell.com/ IP 151.101.130.159 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 11:38:10 Last Seen2023-03-11 11:43:24 Times Seen1 Hash 6eb4a97b4454a2184036b89c6769ef4c 631eb78dfa09fea4b12c1f3d555d609d69431cf4 67daa6a7811f1e3218d7ccd7d703dfc0f3aff9c2f11f69c3c76af4534b160531 Loading...

	claimwell.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2	11 kB	2023-03-07	2024-04-23
Pretty URL claimwell.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 IP 151.101.130.159 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-23 14:29:05 Times Seen68564 Hash 79b4956b7ec478ec10244b5e2d33ac7d a46025b9d05e3df30d610a8aef14f392c7058dc9 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300 Loading...

	claimwell.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.8.0	40 kB	2023-03-08	2024-03-19
Pretty URL claimwell.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.8.0 IP 151.101.130.159 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:24:20 Last Seen2024-03-19 21:41:36 Times Seen402 Hash 63da63aaa1485c280f3505da6724bccf 1c5110797988e86ffd37f66a79cec3dc023a66eb 4276020d6f31a5d3116fde82520418b99a39cf1fc04d578b8eecab57894126a1 Loading...

	claimwell.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9	6.5 kB	2023-03-07	2024-04-23
Pretty URL claimwell.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 IP 151.101.130.159 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-23 14:29:05 Times Seen15486 Hash 61449413a42d2daaa79dbe7298b40e21 d86c474164c603084397bdc50fb0e469d28b5772 f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a Loading...

	player.vimeo.com/video/589397769?color&autopause=0&loop=0&muted=0&title=0&portrait=0&byline=0#t=	88 B	2023-03-08	2023-03-18
Pretty URL player.vimeo.com/video/589397769?color&autopause=0&loop=0&muted=0&title=0&portrait=0&byline=0#t= IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:23:12 Last Seen2023-03-18 07:43:21 Times Seen1 Hash ad413198e105cd8f701ecfbbd330f933 10ce91413b40b42e0db106f75f9b906c53aadeae a2eae90d055f51a5223ced60b71f552e93c37d5a8c6caa224f92b90af6a2b971 Loading...

	player.vimeo.com/video/589397769?color&autopause=0&loop=0&muted=0&title=0&portrait=0&byline=0#t=	359 B	2023-03-08	2023-03-18
Pretty URL player.vimeo.com/video/589397769?color&autopause=0&loop=0&muted=0&title=0&portrait=0&byline=0#t= IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:23:12 Last Seen2023-03-18 07:43:20 Times Seen1 Hash 3bebca74492661d309358758a5066f7f 35eb0d0a00a8f3df0c825a0093eacb71bc6e7d43 c5251ebe799b83572d361fe5378abcfe1c5f08fd2f9ad71d34e43b492b85b94b Loading...

	claimwell.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0	90 kB	2023-03-07	2024-04-23
Pretty URL claimwell.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0 IP 151.101.130.159 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-23 14:29:05 Times Seen31794 Hash 02dd5d04add4759122013c5ab4dc5cc2 a45a56e396ac549b4ff39b696ce9e0c16a7612de bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea Loading...

	claimwell.com/wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/js/view/general.min.js?ver=5.4.2	8.0 kB	2023-03-08	2023-12-11
Pretty URL claimwell.com/wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/js/view/general.min.js?ver=5.4.2 IP 151.101.130.159 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:24:20 Last Seen2023-12-11 08:09:31 Times Seen56 Hash ef711018665b24a570d3605255874523 bdcb5e1cc811c120fd2983444b296254b7618a8b d7b10b7ce6eceb9ee2483874f0f972e419ab10692ed738c1ae3422e48c489775 Loading...

	claimwell.com/wp-content/plugins/elementor/assets/lib/font-awesome/js/v4-shims.min.js?ver=3.8.0	15 kB	2023-03-07	2024-04-23
Pretty URL claimwell.com/wp-content/plugins/elementor/assets/lib/font-awesome/js/v4-shims.min.js?ver=3.8.0 IP 151.101.130.159 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:07 Last Seen2024-04-23 15:35:23 Times Seen16372 Hash 7a5dea0a705cc2f4cd87dbaaa6666bc6 678bc6f750f13adb29bbc158eb0d9cd813b736fa 97cf1307c16a437b77b5f7f5c9bc0b985d0745a14be5a279019aca5a3432e264 Loading...

	www.google.com/recaptcha/api.js?render=explicit&ver=3.8.0	852 B	2023-03-11	2023-03-11
Pretty URL www.google.com/recaptcha/api.js?render=explicit&ver=3.8.0 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 10:27:30 Last Seen2023-03-11 14:12:11 Times Seen1 Hash 65d52fa042885ac29a7c7ddfe2f26a16 93ae30766d6bc7f14b9a27ca611a59f9a4b22ad5 1daa619eea79c2e89a5f86fc564d9c9a1c14fd6faee474f790283a23c792f8f1 Loading...

	claimwell.com/	1.2 kB	2023-03-11	2023-03-11
Pretty URL claimwell.com/ IP 151.101.130.159 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 11:38:10 Last Seen2023-03-11 11:43:24 Times Seen1 Hash 5e4ff533fe3e79beb56726ec02f9c486 d7706ab4a5fe1b19d97ba957bb0f019d60666b6c ef5475471067303155827e5ffe5fbc11df1f3e1a7d5d3de03954c3f0327c0b29 Loading...

	claimwell.com/wp-content/plugins/elementor/assets/js/preloaded-modules.min.js?ver=3.8.0	43 kB	2023-03-08	2024-03-04
Pretty URL claimwell.com/wp-content/plugins/elementor/assets/js/preloaded-modules.min.js?ver=3.8.0 IP 151.101.130.159 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:24:20 Last Seen2024-03-04 09:49:35 Times Seen118 Hash 4f3146d8fc678b718f1b7ad07292455d 69fba0deea0d36d39a4a9aa4611d293bad3a671d 59c3d3d0b50f56b9760ee59d09fdb21949b917015026542d88d9c22a070fc8d8 Loading...

	claimwell.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3	19 kB	2023-03-07	2024-04-23
Pretty URL claimwell.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3 IP 151.101.130.159 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-23 14:29:05 Times Seen38024 Hash 32beb68a374e3aeac00abdf9e12b84ea b5d18aa625e8696dd9d07cd0869337717b211ae0 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782 Loading...

	claimwell.com/wp-content/plugins/elementor/assets/lib/jquery-numerator/jquery-numerator.min.js?ver=0.2.1	1.8 kB	2023-03-07	2024-04-23
Pretty URL claimwell.com/wp-content/plugins/elementor/assets/lib/jquery-numerator/jquery-numerator.min.js?ver=0.2.1 IP 151.101.130.159 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:31 Last Seen2024-04-23 15:17:09 Times Seen3253 Hash 4d43b2fcb5ef3e6afdcd539f46148514 0ff4d5160beb004c439b20c6343044917c629d10 9aa9bb8be2b834059533ce5de7eed3a662ad3d3e70643bbe5f75265075e9bd28 Loading...

	claimwell.com/	2.0 kB	2023-03-11	2023-03-11
Pretty URL claimwell.com/ IP 151.101.130.159 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 11:43:22 Last Seen2023-03-11 11:43:24 Times Seen1 Hash d7f2331d6b9f2caa6dde1a60ea5a55f2 b32f4e3accd9cdd6675035faac22707d9ce3efdb c8fa1610d6ea6cd09db90854e719d89a0fc763f4e209f6e78ff8661143db4b81 Loading...

	player.vimeo.com/video/589397769?color&autopause=0&loop=0&muted=0&title=0&portrait=0&byline=0#t=	200 B	2023-03-07	2023-12-19
Pretty URL player.vimeo.com/video/589397769?color&autopause=0&loop=0&muted=0&title=0&portrait=0&byline=0#t= IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:34 Last Seen2023-12-19 13:15:14 Times Seen10 Hash af8cc9e4334b181797ba45066b8ef4d8 c4c1b4ea678176597ae6720445f701d40bfda97d f675bde2f1e403c77205aa30dfe61dc90f15027df3679a79c4582cc804690783 Loading...

	f.vimeocdn.com/p/4.13.5/js/vendor.module.js	490 kB	2023-03-11	2023-03-11
Pretty URL f.vimeocdn.com/p/4.13.5/js/vendor.module.js IP 151.101.86.109 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 10:27:12 Last Seen2023-03-11 12:41:39 Times Seen1 Hash 946c7902977807bd24f3126c91a106ec 0eab773375a9713dd8c52898b856fed00c861407 5640a771b9584a5a3ad8e0b634451909b66b17e3596a9732d3d15395c169fc53 Loading...

	www.google.com/recaptcha/api2/anchor?ar=1&k=6LfduXQdAAAAACZtlA_yNXJge96LetJz60Kz49r6&co=aHR0cHM6Ly9jbGFpbXdlbGwuY29tOjQ0Mw..&hl=en&type=v2_checkbox&v=jF-AgDWy8ih0GfLx4Semh9UK&theme=light&size=normal&cb=s36egry5es5a	36 kB	2023-03-11	2023-03-11
Pretty URL www.google.com/recaptcha/api2/anchor?ar=1&k=6LfduXQdAAAAACZtlA_yNXJge96LetJz60Kz49r6&co=aHR0cHM6Ly9jbGFpbXdlbGwuY29tOjQ0Mw..&hl=en&type=v2_checkbox&v=jF-AgDWy8ih0GfLx4Semh9UK&theme=light&size=normal&cb=s36egry5es5a IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 11:43:22 Last Seen2023-03-11 11:43:22 Times Seen1 Hash a6641f5c4b84749a30b58e2331219bcc 25ba9d80f9a0ec27477d871c36201caf0458c73c c36a84a78190fde9872dc813e22b5f341a922b7714f5152613be0dcec376fac5 Loading...

	claimwell.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.8.0	33 kB	2023-03-08	2024-03-19
Pretty URL claimwell.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.8.0 IP 151.101.130.159 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:24:20 Last Seen2024-03-19 21:41:36 Times Seen365 Hash e7034cc4a25a7e6912a857bdcfe45899 5b30046f597c18765062572a00e7221cc490b5f8 ab3426e035a4ecbad44e1352a8f7433d0dba2f1a5b72382e2af9eb00a17a798c Loading...

	claimwell.com/wp-content/plugins/th-widget-pack/header-footer/inc/js/frontend.js?ver=2.1.14	26 kB	2023-03-07	2024-03-27
Pretty URL claimwell.com/wp-content/plugins/th-widget-pack/header-footer/inc/js/frontend.js?ver=2.1.14 IP 151.101.130.159 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:48:16 Last Seen2024-03-27 12:08:51 Times Seen43 Hash c0c6aa4e5df8fe37d06e16d942589ba9 16f90e2caa273a48eed5b9d39992011306284de5 e92fb6dc00e3c04e1f9af5a1554a33e2b3f2b1d7f9a9266066863a932437f0b9 Loading...

	claimwell.com/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.9.0	11 kB	2023-03-07	2024-04-23
Pretty URL claimwell.com/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.9.0 IP 151.101.130.159 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-23 15:32:39 Times Seen5352 Hash 4eee50ac6f4f364ba3a284d0753ddae3 a8e7e824e6824ae0b370ff36e2c07ca07276fae0 b936db5880aa9b6b2f26a8d32fc2b689fb75f69d971b94194f16dba801221ffe Loading...

	claimwell.com/	927 B	2023-03-11	2023-03-11
Pretty URL claimwell.com/ IP 151.101.130.159 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 11:43:22 Last Seen2023-03-11 11:43:24 Times Seen1 Hash bebe22ad297fa1ce937a76719b225059 6d0e5dae4f1dec3f5b342b1a9f130445e553cc1f 217c93b61eb251b564f0476e2c89d0fe595761fa261374c778a4a8b04f817cb9 Loading...

	f.vimeocdn.com/js_opt/modules/utils/vuid.min.js	1.9 kB	2023-03-07	2024-04-22
Pretty URL f.vimeocdn.com/js_opt/modules/utils/vuid.min.js IP 151.101.86.109 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:34 Last Seen2024-04-22 22:56:20 Times Seen1353 Hash 83583a4061ddc27e8b6ee0dc269519cd 8b1c0acc28729208f640473eb5d8fb82c4ba3e15 c051b8b5eb2a0aef699780f15a449491868faa6f8b39b684b5ae8f64f345b94a Loading...

	claimwell.com/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.8.0	5.2 kB	2023-03-08	2024-03-31
Pretty URL claimwell.com/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.8.0 IP 151.101.130.159 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:23:52 Last Seen2024-03-31 13:37:46 Times Seen160 Hash f0ec20191944f58a275e3c7d643f38c6 f8c59757ff502526429eae1ffe71ebc389b4a74b 11419ff9af708505354449e2cf7337b30a444b1eb923a1442cfa61742206af7b Loading...

	claimwell.com/wp-content/themes/stratusx/assets/js/main.js?ver=1.2	11 kB	2023-03-11	2023-03-11
Pretty URL claimwell.com/wp-content/themes/stratusx/assets/js/main.js?ver=1.2 IP 151.101.130.159 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 11:38:10 Last Seen2023-03-11 11:43:24 Times Seen1 Hash 5689c58b8e3cd1782fd39dfcc7cbacaa 67e2b586581711f4bcacc3fafa79854b9728cbac f2b5fcc07fa30cc130cf4849210e0e56c7f7486200ad4ca7b004e77a2944968d Loading...

	claimwell.com/wp-includes/js/imagesloaded.min.js?ver=4.1.4	5.6 kB	2023-03-07	2024-04-23
Pretty URL claimwell.com/wp-includes/js/imagesloaded.min.js?ver=4.1.4 IP 151.101.130.159 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:40 Last Seen2024-04-23 15:35:22 Times Seen30953 Hash 3a56752b736635bf69cb069b8818cbfd 42e0951fe74bb3f56a30f51291823bcd4a84d76e ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869 Loading...

	www.google.com/recaptcha/api2/bframe?hl=en&v=jF-AgDWy8ih0GfLx4Semh9UK&k=6LfduXQdAAAAACZtlA_yNXJge96LetJz60Kz49r6	178 B	2023-03-11	2023-03-11
Pretty URL www.google.com/recaptcha/api2/bframe?hl=en&v=jF-AgDWy8ih0GfLx4Semh9UK&k=6LfduXQdAAAAACZtlA_yNXJge96LetJz60Kz49r6 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 11:38:14 Last Seen2023-03-11 11:43:24 Times Seen1 Hash 3476b8670c4e33f8700603ce1531edfd 2ed360d7f373f9d0f9ecfd68afdcf53e802b1b67 d8947df1a305316ecfd97474a106fa614aaacfc9755b4d80c9469869eb43d6c9 Loading...

	claimwell.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.8.0	5.0 kB	2023-03-08	2024-03-19
Pretty URL claimwell.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.8.0 IP 151.101.130.159 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:24:20 Last Seen2024-03-19 21:41:35 Times Seen353 Hash f24a41ebe5fbe2440caff2972b7c3341 a58d0685eb8defda0252ce1620c5fef93d297ea0 dca573f6831bcc39828ef0c435568a4ff0980edefdfbcf52e15ff8566befb529 Loading...

	claimwell.com/wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.8.0	2.6 kB	2023-03-07	2024-04-23
Pretty URL claimwell.com/wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.8.0 IP 151.101.130.159 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:07 Last Seen2024-04-23 15:17:09 Times Seen11285 Hash 020e87460ce58802842e34a3aac97d83 d2eed5f7573c0bd640fb9f125b6bfedf43ebf9b9 138154c0deed3326477b9b4909175101070a5a3a95342291b53d8cc9879a5f47 Loading...

	player.vimeo.com/video/589397769?color&autopause=0&loop=0&muted=0&title=0&portrait=0&byline=0#t=	15 kB	2023-03-11	2023-03-11
Pretty URL player.vimeo.com/video/589397769?color&autopause=0&loop=0&muted=0&title=0&portrait=0&byline=0#t= IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 11:43:22 Last Seen2023-03-11 11:43:22 Times Seen1 Hash e1a5eef3907e499caabcd4efe0b6f8df c86f8484a81cee8af2ea4caba86b9e64a0cfc321 80ec7ee62aaa201459fa8ce29e9a52fe989f438ed5a9d26c0c8e8cec36db0bc4 Loading...

	claimwell.com/wp-includes/js/dist/i18n.min.js?ver=ebee46757c6a411e38fd079a7ac71d94	10 kB	2023-03-07	2024-04-21
Pretty URL claimwell.com/wp-includes/js/dist/i18n.min.js?ver=ebee46757c6a411e38fd079a7ac71d94 IP 151.101.130.159 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-21 09:39:37 Times Seen2078 Hash f270dd1f483179fdcfb29ce5f91aea13 166661187a97f0b6b685ec4dbdff871e9824168f 1dc4b29dd0acbed77ec2fd81036c33efd4ab5989e8182705a30615a00a0117f7 Loading...

	claimwell.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1	21 kB	2023-03-07	2024-04-22
Pretty URL claimwell.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1 IP 151.101.130.159 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-22 09:02:49 Times Seen3648 Hash 6aaf0a4e8eac131defea126f5b1b5fbf 24da0326af36303e5a1e9799a3c26f7a1077928c 240b702419d6c39ecc4896f0132ccfc9bc517e9aef0c782d99580e0c678b47d5 Loading...

	player.vimeo.com/video/589397769?color&autopause=0&loop=0&muted=0&title=0&portrait=0&byline=0#t=	820 B	2023-03-08	2023-03-18
Pretty URL player.vimeo.com/video/589397769?color&autopause=0&loop=0&muted=0&title=0&portrait=0&byline=0#t= IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:23:12 Last Seen2023-03-18 07:43:22 Times Seen1 Hash ef57c0109c58c2cbc1c0ef49652eb902 180b3bab67f413ffb480bd1eabfe0c66e2550b1a 5598f2690bcdf9b90ff7c652108104895b8e0f0346dd6cf425e4b36380a2a411 Loading...

	www.gstatic.com/recaptcha/releases/jF-AgDWy8ih0GfLx4Semh9UK/recaptcha__en.js	409 kB	2023-03-11	2023-03-11
Pretty URL www.gstatic.com/recaptcha/releases/jF-AgDWy8ih0GfLx4Semh9UK/recaptcha__en.js IP 142.250.74.163 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 10:24:46 Last Seen2023-03-11 14:12:13 Times Seen1 Hash 5e4857e008de71aa0e33e9cd123d008e 307c748fabe2497c790a20dcacde300ff7e20749 fdfeba02862c96c6d6fa5c6ecc5db0b1f9c04b93941ffa0dd47b23e66a7f9e8f Loading...

	claimwell.com/wp-content/plugins/elementor-pro/assets/lib/smartmenus/jquery.smartmenus.min.js?ver=1.0.1	25 kB	2023-03-07	2024-04-23
Pretty URL claimwell.com/wp-content/plugins/elementor-pro/assets/lib/smartmenus/jquery.smartmenus.min.js?ver=1.0.1 IP 151.101.130.159 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-23 15:17:11 Times Seen16570 Hash 046405de007ff73e52d17dab2af75258 887cfb8a9de27005875f6e1c1d1ead43bd0865c8 533e264cc615ee4601da8d2c1dee4a8987319e53d4d7162272f067fbbf250020 Loading...

	claimwell.com/wp-content/plugins/th-widget-pack/js/themo-foot.js?ver=2.1.14	11 kB	2023-03-07	2024-03-27
Pretty URL claimwell.com/wp-content/plugins/th-widget-pack/js/themo-foot.js?ver=2.1.14 IP 151.101.130.159 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:05 Last Seen2024-03-27 12:08:51 Times Seen64 Hash eeb5ce6b81552236bb1780997fc7c64b 7d0d8bdadfa4694eb4c016d2acc2a8b70211c151 be557052880037a1c160050458fc687e95a193799d58686f0e2eefc8b39f4f42 Loading...

	unknown	0 B	2023-03-07	2024-04-23
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-23 17:07:16 Times Seen37022799 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www.googletagmanager.com/gtag/js?id=UA-207882829-1	112 kB	2023-03-11	2023-03-11
Pretty URL www.googletagmanager.com/gtag/js?id=UA-207882829-1 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 11:43:22 Last Seen2023-03-11 11:43:24 Times Seen1 Hash 03b34ba2ae9279a0df8b861dacc064f4 dee3eadf0b9c46be1979acfaffeee6a17285beb4 34aa118caac0740117da0bde089ba9e4794255ccdc09e76099d5e05cbd6d6cc1 Loading...

	claimwell.com/wp-content/uploads/essential-addons-elementor/eael-3890.js?ver=1631176832	2.1 kB	2023-03-08	2023-11-22
Pretty URL claimwell.com/wp-content/uploads/essential-addons-elementor/eael-3890.js?ver=1631176832 IP 151.101.130.159 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 01:57:59 Last Seen2023-11-22 05:19:00 Times Seen10 Hash b3ed2d2a48e64f5c3e5822e63af4ab3e e8082c0a2f2768c907ec9c463033ad6aeb84a6f6 e6fb53a1517b560c0e3c173ce39ed4f7a5520e08ebdf97273dded75a971684d4 Loading...

	claimwell.com/wp-includes/js/dist/hooks.min.js?ver=c6d64f2cb8f5c6bb49caca37f8828ce3	4.9 kB	2023-03-07	2024-04-23
Pretty URL claimwell.com/wp-includes/js/dist/hooks.min.js?ver=c6d64f2cb8f5c6bb49caca37f8828ce3 IP 151.101.130.159 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-23 10:05:23 Times Seen24376 Hash b33ab4d5dcf02436276a717e9d1b7c18 f47b9a9c41b3b11c9dffabca22945727c3ec6566 9bd82960d99b3a76f4af77a88a346bd61f87bac5ff2f385ee28cd669d8f22134 Loading...

	claimwell.com/	68 B	2023-03-07	2024-04-23
Pretty URL claimwell.com/ IP 151.101.130.159 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-23 15:35:22 Times Seen22433 Hash d30f13da1f424ee0383b76edc55881e1 7e348a5f57ab13eedbc4ed917cdeee5bb9f9bd46 cf01a621447e67a81629bc28276677c86c48fd72c44cba83a82448574aadfd60 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-08	2024-04-20
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.174 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:22:31 Last Seen2024-04-20 17:36:09 Times Seen1522 Hash fda30e8a22c9bcd954fd8d0fadd0e77c ae47cd34cbde081a48d7f92fc80aaf06a1381193 b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719 Loading...

	claimwell.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2	12 kB	2023-03-07	2024-04-23
Pretty URL claimwell.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2 IP 151.101.130.159 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-23 16:25:41 Times Seen52617 Hash 3819c3569da71daec283a75483735f7e ecd40a5cc6f0b76200c454ca880210dc301cfab8 214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0 Loading...

	claimwell.com/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.8.0	22 kB	2023-03-08	2024-03-31
Pretty URL claimwell.com/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.8.0 IP 151.101.130.159 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:23:52 Last Seen2024-03-31 13:37:46 Times Seen175 Hash 640f6ba78342d98a181de1778c4a761f 30f2e35b7fce66756676e1edd7ecd833e7318e1a dedf00f95adadf2d612af384431bb49bb3c367eae2fb071581c1ac82a769428e Loading...

	claimwell.com/	298 B	2023-03-11	2023-03-11
Pretty URL claimwell.com/ IP 151.101.130.159 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 11:38:10 Last Seen2023-03-11 11:43:24 Times Seen1 Hash 98f9f827f8f2a4cfc40cc82f33a98740 047a4b8a53578df27a0051eb83c05dd6cd66eccf d3f51ac0e9755f8f4656a70cdd772d6a1e68b476bea2ae94be5f69236e086291 Loading...

	www.google.com/recaptcha/api2/anchor?ar=1&k=6LfduXQdAAAAACZtlA_yNXJge96LetJz60Kz49r6&co=aHR0cHM6Ly9jbGFpbXdlbGwuY29tOjQ0Mw..&hl=en&type=v2_checkbox&v=jF-AgDWy8ih0GfLx4Semh9UK&theme=light&size=normal&cb=s36egry5es5a	69 B	2023-03-07	2024-04-23
Pretty URL www.google.com/recaptcha/api2/anchor?ar=1&k=6LfduXQdAAAAACZtlA_yNXJge96LetJz60Kz49r6&co=aHR0cHM6Ly9jbGFpbXdlbGwuY29tOjQ0Mw..&hl=en&type=v2_checkbox&v=jF-AgDWy8ih0GfLx4Semh9UK&theme=light&size=normal&cb=s36egry5es5a IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:05 Last Seen2024-04-23 16:25:39 Times Seen99259 Hash 45ecf7458f42da80ac248ad42d610372 a5b3edf8328769bc754e6e616a957ceed4fdadd7 75867e75b209895995014b43c3d711476e3437481e5fbec91a4da674302558bf Loading...

		Size	First Seen	Last Seen
	#1 Eval - 103ad078266c4ffc0331b8ada72e3414	15 kB	2023-03-11	2023-03-11
Pretty Observations First Seen2023-03-11 11:43:23 Last Seen2023-03-11 11:43:23 Times Seen1 Hash 103ad078266c4ffc0331b8ada72e3414 e8f527906ec7e12afc3fa0dd0cc383c58716847b 1cbce1215ed045aae217898b645ba59613cd25194f4db744cd48d04346073fb9 Loading...

	#2 Eval - 46183603a054f61e78d236cd32155e01	64 B	2023-03-08	2023-11-27
Pretty Observations First Seen2023-03-08 15:11:02 Last Seen2023-11-27 18:41:34 Times Seen7 Hash 46183603a054f61e78d236cd32155e01 dd12f5d1b52edb18fcda3543fb3e986d462fc19a 9908576f4e1cce70106175d94488f9071022d3485f8a8ccf0655b399b318a7c4 Loading...

	#3 Eval - dd094b41102e445694a12d22f18a0a42	22 B	2023-03-08	2023-11-27
Pretty Observations First Seen2023-03-08 15:11:02 Last Seen2023-11-27 18:41:34 Times Seen7 Hash dd094b41102e445694a12d22f18a0a42 60b620c007b5f0a0b23d1fe2f5000f6b8ee33e38 662748d1507b16ab56d1bceff58b8302eb43f21ce0de70b24b21b8ef39aeff35 Loading...

	#4 Eval - fba1b70efc8b76a94dba85c8cedda52c	16 kB	2023-03-08	2023-11-27
Pretty Observations First Seen2023-03-08 15:11:02 Last Seen2023-11-27 18:41:34 Times Seen6 Hash fba1b70efc8b76a94dba85c8cedda52c 9be3e7cd439d0f20baa4f353e8c44a472195e796 d4be0587aacd19697ae508209e99aa30536e2b75393db507b1cd329131d8e19c Loading...

	#5 Eval - c2239b252cbc75a06b64813caea5b634	22 B	2023-03-08	2023-11-27
Pretty Observations First Seen2023-03-08 15:11:02 Last Seen2023-11-27 18:41:34 Times Seen7 Hash c2239b252cbc75a06b64813caea5b634 864e590dcd20c840b49589a5f0d5a92af3226abf 355b9b382781cde432ccca7627a8fdecad5040be2910428d5fc5b4b57fed949b Loading...

HTTP Transactions (119)

URL IP Response Size

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3d0727e32cd103ddd4b73f28c81758aa
197a7bf43d63723fc532c23c6dced68d5cc36652
d3f75d03561d6a47d19370292e821a86e58381466f0c69386a21175de55882ff

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D3F75D03561D6A47D19370292E821A86E58381466F0C69386A21175DE55882FF"
Last-Modified: Fri, 11 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9425
Expires: Mon, 14 Nov 2022 00:30:24 GMT
Date: Sun, 13 Nov 2022 21:53:19 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
b1e969be0f3201087da138cbc8b89f10
d0a27f525f2b242b5dafa157f126c2ba880c8809
f7e5f39372b5adcc30c27e727eee1b19e6d13ed1b54fa1ad67235dc8ee08ac51

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5917
Cache-Control: max-age=137799
Content-Type: application/ocsp-response
Date: Sun, 13 Nov 2022 21:53:19 GMT
Etag: "6370c779-1d7"
Expires: Tue, 15 Nov 2022 12:09:58 GMT
Last-Modified: Sun, 13 Nov 2022 10:31:21 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5076aaa9f4ccd602540286ce0590cb9a
bbf7936a8413a564478971d9e19beb6338cbc869
00e3b967c579b0ccf709b78d497a43d95646b16eb50925fef1e2694c58f290b2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "00E3B967C579B0CCF709B78D497A43D95646B16EB50925FEF1E2694C58F290B2"
Last-Modified: Fri, 11 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3999
Expires: Sun, 13 Nov 2022 22:59:58 GMT
Date: Sun, 13 Nov 2022 21:53:19 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
4736bac84ca28f2b1e961159fb4ea098
1319612979f53896fcfeacd4215c2715d4951e4c
5e81213e111ddf68c7f884f72b4e06fc4dc95eb902c3cf0762236b2418840dba

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Alert, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 13 Nov 2022 21:44:10 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 549
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: 4YWZlLWpWlMDHFInSKUKuitwjSS5/ZyuZsxKJdI3MJTkg3Zl4U/Ynexwqhn5EL9fTc8TrWB41WY=
x-amz-request-id: 7YP7W2NCR3BN46Q5
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 13 Nov 2022 21:13:35 GMT
age: 2384
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 13 Nov 2022 21:53:19 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

www.claimwell.com/

151.101.130.159

301 Moved Permanently

162 B

URL HTTP/1.1
www.claimwell.com/
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: www.claimwell.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Location: https://claimwell.com/
X-XSS-Protection: 1
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer-when-downgrade
X-FW-Server: Flywheel/5.1.0
X-FW-Hash: ogapwyqe2r
X-FW-Version: 5.0.0
Server: Flywheel/5.1.0
Accept-Ranges: bytes
Date: Sun, 13 Nov 2022 21:53:19 GMT
X-Served-By: cache-bma1663-BMA
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1668376399.996087,VS0,VE361
X-FW-Serve: TRUE
X-FW-Static: NO
X-FW-Type: VISIT

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Last-Modified, Cache-Control, Retry-After, Content-Length, Expires, ETag, Pragma, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 13 Nov 2022 21:25:00 GMT
cache-control: public,max-age=3600
age: 1699
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
0a9a357f652868f9317812b8103ba15d
95a90c7a07b591dce7f39c6f9ab27974d1a1ed2a
16fd52c7ee6806455e724f30af8d58630a141a8a3823c48c20b5da3a71f066da

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5041
Cache-Control: max-age=131854
Content-Type: application/ocsp-response
Date: Sun, 13 Nov 2022 21:53:19 GMT
Etag: "6370b3ac-1d7"
Expires: Tue, 15 Nov 2022 10:30:53 GMT
Last-Modified: Sun, 13 Nov 2022 09:06:52 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

54.148.77.40

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.148.77.40:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: yT2ylWKZfwHjqcW27d52dw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: hplk0Nq6ZVV4nJnviXSi4M3AvuU=

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
29b1503232a9cf0843bd9f0d01c0a9a5
620b3b98a58cd32175d40534dca81ef4a26d880f
1f54c0fa57ea62f131e173d4a365d6d2d4d10e0993eb69eaf9e27d3788a5daf8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F54C0FA57EA62F131E173D4A365D6D2D4D10E0993EB69EAF9E27D3788A5DAF8"
Last-Modified: Sat, 12 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8307
Expires: Mon, 14 Nov 2022 00:11:48 GMT
Date: Sun, 13 Nov 2022 21:53:21 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
29b1503232a9cf0843bd9f0d01c0a9a5
620b3b98a58cd32175d40534dca81ef4a26d880f
1f54c0fa57ea62f131e173d4a365d6d2d4d10e0993eb69eaf9e27d3788a5daf8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F54C0FA57EA62F131E173D4A365D6D2D4D10E0993EB69EAF9E27D3788A5DAF8"
Last-Modified: Sat, 12 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8307
Expires: Mon, 14 Nov 2022 00:11:48 GMT
Date: Sun, 13 Nov 2022 21:53:21 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
29b1503232a9cf0843bd9f0d01c0a9a5
620b3b98a58cd32175d40534dca81ef4a26d880f
1f54c0fa57ea62f131e173d4a365d6d2d4d10e0993eb69eaf9e27d3788a5daf8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F54C0FA57EA62F131E173D4A365D6D2D4D10E0993EB69EAF9E27D3788A5DAF8"
Last-Modified: Sat, 12 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8307
Expires: Mon, 14 Nov 2022 00:11:48 GMT
Date: Sun, 13 Nov 2022 21:53:21 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
29b1503232a9cf0843bd9f0d01c0a9a5
620b3b98a58cd32175d40534dca81ef4a26d880f
1f54c0fa57ea62f131e173d4a365d6d2d4d10e0993eb69eaf9e27d3788a5daf8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F54C0FA57EA62F131E173D4A365D6D2D4D10E0993EB69EAF9E27D3788A5DAF8"
Last-Modified: Sat, 12 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8307
Expires: Mon, 14 Nov 2022 00:11:48 GMT
Date: Sun, 13 Nov 2022 21:53:21 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4af930b9-b854-4316-8425-07c6aa06477a.jpeg

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4af930b9-b854-4316-8425-07c6aa06477a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11715 bytes)
Hash
cd5bdc050716bb76afe8090fc81617e7
5109c156b180727767fc03c411190ccc0d3fb5fc
9b13e7838946c6654dda17886c2ca8d42de934acb93f4bddb1008dfa1bd1ea99

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4af930b9-b854-4316-8425-07c6aa06477a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11715
x-amzn-requestid: 20e508bd-6568-4225-9bee-c683a49d44f6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdMhUHkpIAMFfJg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec13b-7dc726b94a37fc667e2e6646;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:40:11 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: X3SUo1LP97TxraRav0ftskBhzWkTJInHaS44PW26yloF-dgD-bHBuA==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 13 Nov 2022 21:45:57 GMT
age: 444
etag: "5109c156b180727767fc03c411190ccc0d3fb5fc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa0f558ca-3fcd-40ca-bb1c-ef126918959d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.1 kB (4122 bytes)
Hash
69f064e6ea676998a7371ceb25a310ed
91e8debd93ce098249d973807859993bd19bff62
2b12427099bccbdfaeb01104ce99185f91846f7112a4cf201481a300e1851e8a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa0f558ca-3fcd-40ca-bb1c-ef126918959d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4122
x-amzn-requestid: 9340162b-fc1e-4f3d-a45e-8ebd9a4875e2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bgfLqHqxoAMFzfQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6370124a-25a4e62a6f8e87d103e35953;Sampled=0
x-amzn-remapped-date: Sat, 12 Nov 2022 21:38:18 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: hmlaoE2J_B_cu-dW_vYP1UWAgnGKgjOtzdNsNfydANBkuc5q4L6_HA==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Sat, 12 Nov 2022 22:04:43 GMT
age: 85718
etag: "91e8debd93ce098249d973807859993bd19bff62"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7bfc69f5-02e2-48e4-a7f8-345ee02dd656.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11187 bytes)
Hash
4f181df0e475c123b46f016d3c0bbaa5
399ce32b1fdcdef9061bddb840663f35e39b919a
ed9ba753f718903cd997c027f58b63f41e32107367b22b03f964d7eecdf9ba16

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7bfc69f5-02e2-48e4-a7f8-345ee02dd656.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11187
x-amzn-requestid: 475229e1-bbb5-43a0-8733-1140a99b6b6e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bEIaqFFrIAMF7KA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6364baaa-4261a60e57ae0c4d7a62e5e9;Sampled=0
x-amzn-remapped-date: Fri, 04 Nov 2022 07:09:30 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 8JN1YNJmiZpeJsUVH5sQhYw2rZbvvzxVrt2IgDxHro9z3CfcFeVCGg==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Sun, 13 Nov 2022 06:02:58 GMT
age: 57023
etag: "399ce32b1fdcdef9061bddb840663f35e39b919a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a09e7de-c2b9-4cf4-a032-cdce1be83c46.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.4 kB (7394 bytes)
Hash
bed1df7954a5380cf2c090a4a20e3035
32b8ed02d309d66ac642683470d5f799e22afeaf
7a4b252d81b5ee8a8904aeb572110e78d5ecc3e80c11ead3158d863784bcbff1

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a09e7de-c2b9-4cf4-a032-cdce1be83c46.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7394
x-amzn-requestid: 78860ce6-f1ce-40a6-a901-3630dcdd6c3b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bekDRHb6oAMFU_A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636f4d47-1534ce03076a581f5721b4ba;Sampled=0
x-amzn-remapped-date: Sat, 12 Nov 2022 07:37:43 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: s7Qs5JcCh9H0SevsGfU4qw5PrtDxFPsa5o6HPXIuHHY7NzYcn8guAg==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Sat, 12 Nov 2022 21:54:29 GMT
age: 86332
etag: "32b8ed02d309d66ac642683470d5f799e22afeaf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa23e03e8-7a4b-473b-801f-39322d374478.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.1 kB (5149 bytes)
Hash
31a009393081c25d9afbde558a278ebf
bf8de6c00f579baa320456bd0e79ab80978008bc
90e81f6a10d3dbc56a45e9cfd65dbcd6bddf9e3ab526b4cca270bc2f26404950

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa23e03e8-7a4b-473b-801f-39322d374478.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5149
x-amzn-requestid: 394f108e-48b9-4550-ab9f-5b4883792485
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bEIqfHOoIAMFlCw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6364bb0f-648124d07e289043410f1dd0;Sampled=0
x-amzn-remapped-date: Fri, 04 Nov 2022 07:11:11 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: tW81M1o1m_OdLZJLg7dvgbaugRKYpHzHx-8R1g4YcGH74YnIquTuAQ==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 13 Nov 2022 04:57:39 GMT
age: 60942
etag: "bf8de6c00f579baa320456bd0e79ab80978008bc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F80441337-327d-4d34-9fe8-53269c39ac18.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.9 kB (7867 bytes)
Hash
26249508ef18eac51cf62cf6e90339a4
a9922959c532dd26f21bda4f74ee1fa8496e862e
25075ef6337bae8e60412cdca98afbae6aca61d889aadce4cbad4a8522f4c4b1

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F80441337-327d-4d34-9fe8-53269c39ac18.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7867
x-amzn-requestid: e05d4978-6f46-4395-8121-4d969a222328
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bgfLqFWIoAMF01A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6370124a-4033150d0180e56e2965e26e;Sampled=0
x-amzn-remapped-date: Sat, 12 Nov 2022 21:38:18 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: YDkJ7OIcS3FiDPufRTj5VtL5CMxbNN2o2Zq50QQ9UNeDw4uE4j3jrw==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 b13f158bdf9805ca47e07c0c35870c12.cloudfront.net (CloudFront), 1.1 google
date: Sat, 12 Nov 2022 21:54:29 GMT
age: 86332
etag: "a9922959c532dd26f21bda4f74ee1fa8496e862e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

claimwell.com/

151.101.130.159

200 OK

47 kB

URL HTTP/2
claimwell.com/
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8489)
Size
47 kB (47352 bytes)
Hash
6102ac1da6a67ada31d6807ed0e826f8
be4a2a1b6fccde5a76e28239a7970d540957efed
9d18ae13d80d8f9d26a13172baf2821771c6eaf6af0046c094e1acd527e8941c

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: claimwell.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
content-type: text/html; charset=UTF-8
link: <https://claimwell.com/wp-json/>; rel="https://api.w.org/", <https://claimwell.com/wp-json/wp/v2/pages/3890>; rel="alternate"; type="application/json", <https://claimwell.com/>; rel=shortlink
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-dynamic: TRUE
x-fw-hash: ogapwyqe2r
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Sun, 13 Nov 2022 21:53:22 GMT
x-served-by: cache-bma1654-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1668376399.442299,VS0,VE2675
vary: Accept-Encoding
x-fw-serve: TRUE
x-fw-static: NO
x-fw-type: VISIT
content-length: 47352
X-Firefox-Spdy: h2

claimwell.com/wp-content/plugins/formidable/css/formidableforms.css?ver=10242250

151.101.130.159

200 OK

10 kB

URL HTTP/2
claimwell.com/wp-content/plugins/formidable/css/formidableforms.css?ver=10242250
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (52279)
Size
10 kB (10150 bytes)
Hash
327656c6623189eb218b3a05b4a7ac28
021dce514a3506e9fcb547cbbcb6ceb08df69c4b
6fd36dfdab0fd0e28e65ff4818da4820c6acb6e9597ca17ef6e931ba853cba29

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/formidable/css/formidableforms.css?ver=10242250 HTTP/1.1
Host: claimwell.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://claimwell.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/css
last-modified: Mon, 24 Oct 2022 22:50:53 GMT
etag: W/"635716cd-cc9c"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ogapwyqe2r
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Sun, 13 Nov 2022 21:53:22 GMT
x-served-by: cache-bma1654-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1668376402.211801,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 10150
X-Firefox-Spdy: h2

claimwell.com/wp-content/plugins/th-widget-pack/assets/icons/icons.css?ver=2.1.14

151.101.130.159

200 OK

8.6 kB

URL HTTP/2
claimwell.com/wp-content/plugins/th-widget-pack/assets/icons/icons.css?ver=2.1.14
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type
ASCII text
Size
8.6 kB (8578 bytes)
Hash
6dbc0f0655775fc588d0784519520f25
74db90c46ed1888978b16eb4d6505a64d2d29889
96cb95468d35fd20563225b3838ab15c7a12a18f03e8b87d1ce0235b6d722dfb

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/th-widget-pack/assets/icons/icons.css?ver=2.1.14 HTTP/1.1
Host: claimwell.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://claimwell.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/css
last-modified: Mon, 24 Oct 2022 22:49:55 GMT
etag: W/"63571693-d147"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ogapwyqe2r
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Sun, 13 Nov 2022 21:53:22 GMT
x-served-by: cache-bma1654-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1668376402.212077,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 8578
X-Firefox-Spdy: h2

claimwell.com/wp-content/plugins/th-widget-pack/css/global.css?ver=1666651795

151.101.130.159

200 OK

321 B

URL HTTP/2
claimwell.com/wp-content/plugins/th-widget-pack/css/global.css?ver=1666651795
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (1621)
Size
321 B (321 bytes)
Hash
e42d16a433ebd4cfc77d6fb73dfaff9c
701b9f69df90a90570e72da552218fe9695cdf13
6eaa3417104d1fe73f61c14b4f46e5663b7b2a3babd76109ec504681ae280f00

HTTP Headers

GET /wp-content/plugins/th-widget-pack/css/global.css?ver=1666651795 HTTP/1.1
Host: claimwell.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://claimwell.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/css
last-modified: Mon, 24 Oct 2022 22:49:55 GMT
etag: W/"63571693-656"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ogapwyqe2r
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Sun, 13 Nov 2022 21:53:22 GMT
x-served-by: cache-bma1654-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1668376402.212651,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 321
X-Firefox-Spdy: h2

claimwell.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3

151.101.130.159

200 OK

14 kB

URL HTTP/2
claimwell.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (43771)
Size
14 kB (13906 bytes)
Hash
1047dd6779111ec73736abd71a40fef9
e08643922ce9a1a488f2a72c0341807f59f7528e
d85287eacda4e97356cf1b53ec765e34c8913558d6fb485b334debf78c89a3bf

HTTP Headers

GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.3 HTTP/1.1
Host: claimwell.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://claimwell.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/css
last-modified: Tue, 18 Oct 2022 08:13:20 GMT
etag: W/"634e6020-15b64"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
cache-control: public, max-age=31536000
x-fw-hash: ogapwyqe2r
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Sun, 13 Nov 2022 21:53:22 GMT
x-served-by: cache-bma1654-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1668376402.213416,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 13906
X-Firefox-Spdy: h2

claimwell.com/wp-content/plugins/header-footer-elementor/assets/css/header-footer-elementor.css?ver=1.6.13

151.101.130.159

200 OK

335 B

URL HTTP/2
claimwell.com/wp-content/plugins/header-footer-elementor/assets/css/header-footer-elementor.css?ver=1.6.13
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type
ASCII text
Size
335 B (335 bytes)
Hash
844db2405eae764da7a0eff19010ea8e
1fffb2a992d9fa84f0ea5a7afcbbdefbc59e238c
6421a7f673a09c660f6de4c37a4ac770239bac9ad46b87c75fdee466f09553c8

HTTP Headers

GET /wp-content/plugins/header-footer-elementor/assets/css/header-footer-elementor.css?ver=1.6.13 HTTP/1.1
Host: claimwell.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://claimwell.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/css
last-modified: Mon, 24 Oct 2022 22:49:39 GMT
etag: W/"63571683-308"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ogapwyqe2r
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Sun, 13 Nov 2022 21:53:22 GMT
x-served-by: cache-bma1654-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1668376402.213951,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 335
X-Firefox-Spdy: h2

claimwell.com/wp-content/plugins/elementor/assets/css/frontend-legacy.min.css?ver=3.8.0

151.101.130.159

200 OK

967 B

URL HTTP/2
claimwell.com/wp-content/plugins/elementor/assets/css/frontend-legacy.min.css?ver=3.8.0
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (13766)
Size
967 B (967 bytes)
Hash
85c186d70976153b68df9fac46944882
ffc8003843cfdb2e6062cf4289d8db213b7497c7
519b04684c2ced5330630bdf9a688c3dfb26c3a9677064a3384c49cc224c2d02

HTTP Headers

GET /wp-content/plugins/elementor/assets/css/frontend-legacy.min.css?ver=3.8.0 HTTP/1.1
Host: claimwell.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://claimwell.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/css
last-modified: Tue, 01 Nov 2022 16:22:32 GMT
etag: W/"636147c8-35ed"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ogapwyqe2r
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Sun, 13 Nov 2022 21:53:22 GMT
x-served-by: cache-bma1654-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1668376402.214586,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 967
X-Firefox-Spdy: h2

claimwell.com/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.8.0

151.101.130.159

200 OK

24 kB

URL HTTP/2
claimwell.com/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.8.0
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (65497)
Size
24 kB (23565 bytes)
Hash
3c3a7fde2c8c53f39bc2291f6abf140d
73ec7f561448784f9776dd954b7e9e0b8b8b82a5
da82ebd0bf834cfa45fc99db134763c67f27c4c756201288ae52ea686c4c18df

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.8.0 HTTP/1.1
Host: claimwell.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://claimwell.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/css
last-modified: Tue, 01 Nov 2022 16:22:32 GMT
etag: W/"636147c8-27687"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ogapwyqe2r
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Sun, 13 Nov 2022 21:53:22 GMT
x-served-by: cache-bma1654-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1668376402.215188,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 23565
X-Firefox-Spdy: h2

claimwell.com/wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/css/view/general.min.css?ver=5.4.2

151.101.130.159

200 OK

876 B

URL HTTP/2
claimwell.com/wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/css/view/general.min.css?ver=5.4.2
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (3432)
Size
876 B (876 bytes)
Hash
1485a50ba7eb9b0552c47212ac9e1f8d
20114142c5961b11782d0473d7eddbb5ea2fe857
036dc37c7c15dd4c5666eb283a674fe5eab437db700916680cdc59082b40810e

HTTP Headers

GET /wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/css/view/general.min.css?ver=5.4.2 HTTP/1.1
Host: claimwell.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://claimwell.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/css
last-modified: Tue, 01 Nov 2022 16:22:49 GMT
etag: W/"636147d9-d69"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ogapwyqe2r
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Sun, 13 Nov 2022 21:53:22 GMT
x-served-by: cache-bma1654-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1668376402.215712,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 876
X-Firefox-Spdy: h2

claimwell.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0

151.101.130.159

200 OK

4.3 kB

URL HTTP/2
claimwell.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (19233)
Size
4.3 kB (4343 bytes)
Hash
604fd8fa6bb661c05803395e60da945e
5026347d7d843b0cf1d969674dcce39fa798f1f6
1cde42ac7a1ff03a443a2ab4d73fefc03c962aea0f9f3745256d9f3eef2d1d8b

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0 HTTP/1.1
Host: claimwell.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://claimwell.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/css
last-modified: Tue, 01 Nov 2022 16:22:33 GMT
etag: W/"636147c9-4b4f"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ogapwyqe2r
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Sun, 13 Nov 2022 21:53:22 GMT
x-served-by: cache-bma1654-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1668376402.216857,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 4343
X-Firefox-Spdy: h2

claimwell.com/wp-content/uploads/elementor/css/post-465.css?ver=1667319843

151.101.130.159

200 OK

473 B

URL HTTP/2
claimwell.com/wp-content/uploads/elementor/css/post-465.css?ver=1667319843
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (1726), with no line terminators
Size
473 B (473 bytes)
Hash
2c31fb561e68949df39926d64829cbc0
1708a86fd4b7a328222cc257e0152a4b4c52acd4
5fbd8f2754092f0c96ddf8c4df98a2f4b303ef07fa7cb3f197d1b0a195127847

HTTP Headers

GET /wp-content/uploads/elementor/css/post-465.css?ver=1667319843 HTTP/1.1
Host: claimwell.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://claimwell.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/css
last-modified: Tue, 01 Nov 2022 16:24:03 GMT
etag: W/"63614823-6be"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ogapwyqe2r
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Sun, 13 Nov 2022 21:53:22 GMT
x-served-by: cache-bma1654-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1668376402.219843,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 473
X-Firefox-Spdy: h2

claimwell.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/v4-shims.min.css?ver=3.8.0

151.101.130.159

200 OK

4.6 kB

URL HTTP/2
claimwell.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/v4-shims.min.css?ver=3.8.0
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (26516)
Size
4.6 kB (4632 bytes)
Hash
374f31e96b90b8ae2792847d6f03ad7a
70735fd696d11f13de395e43c81b026d9c86528e
1192a2e289e37356ef9077427b1cd1ca3b950dd95f163459bc9c16f679989088

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/v4-shims.min.css?ver=3.8.0 HTTP/1.1
Host: claimwell.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://claimwell.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/css
last-modified: Tue, 01 Nov 2022 16:22:33 GMT
etag: W/"636147c9-684e"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ogapwyqe2r
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Sun, 13 Nov 2022 21:53:22 GMT
x-served-by: cache-bma1654-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1668376402.219755,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 4632
X-Firefox-Spdy: h2

claimwell.com/wp-content/plugins/elementor-pro/assets/css/frontend.min.css?ver=3.8.0

151.101.130.159

200 OK

53 kB

URL HTTP/2
claimwell.com/wp-content/plugins/elementor-pro/assets/css/frontend.min.css?ver=3.8.0
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (65493)
Size
53 kB (53064 bytes)
Hash
43cb961ce14b870c73851b62422e1969
796c81ab818410e4f123d7791c869bb4f091c5a3
6abf269f3316b1f09660d9408aafd7601f07d987ea20156fe7f1db5396745ed4

HTTP Headers

GET /wp-content/plugins/elementor-pro/assets/css/frontend.min.css?ver=3.8.0 HTTP/1.1
Host: claimwell.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://claimwell.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/css
last-modified: Tue, 01 Nov 2022 16:22:42 GMT
etag: W/"636147d2-78bee"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ogapwyqe2r
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Sun, 13 Nov 2022 21:53:22 GMT
x-served-by: cache-bma1654-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1668376402.219807,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 53064
X-Firefox-Spdy: h2

claimwell.com/wp-content/uploads/elementor/css/post-3890.css?ver=1667319926

151.101.130.159

200 OK

4.9 kB

URL HTTP/2
claimwell.com/wp-content/uploads/elementor/css/post-3890.css?ver=1667319926
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (49467), with no line terminators
Size
4.9 kB (4867 bytes)
Hash
9dae52c44237edf9b84b46bff73adc4c
97b3af59ccef18bd6674adcf61b285ff1b29f8f0
ee1a695e0b5a07871958b3bd1b53aa575fcac14cd0a3a88fe3904c96af0c8285

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/uploads/elementor/css/post-3890.css?ver=1667319926 HTTP/1.1
Host: claimwell.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://claimwell.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/css
last-modified: Tue, 01 Nov 2022 16:25:26 GMT
etag: W/"63614876-c13b"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ogapwyqe2r
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Sun, 13 Nov 2022 21:53:22 GMT
x-served-by: cache-bma1654-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1668376402.219956,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 4867
X-Firefox-Spdy: h2

claimwell.com/wp-content/plugins/th-widget-pack/header-footer/inc/widgets-css/frontend.css?ver=2.1.14

151.101.130.159

200 OK

10 kB

URL HTTP/2
claimwell.com/wp-content/plugins/th-widget-pack/header-footer/inc/widgets-css/frontend.css?ver=2.1.14
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type
Unicode text, UTF-8 text, with very long lines (1646)
Size
10 kB (10454 bytes)
Hash
66108675e6ad3f63704e02654048874c
14c327d135aab85d7a9e0ab0b5873083eca7f0d0
f0c5bd1483c4986014973afd3f1fbcb8aaf750a4b560608c7cb8e6a06efd5659

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/th-widget-pack/header-footer/inc/widgets-css/frontend.css?ver=2.1.14 HTTP/1.1
Host: claimwell.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://claimwell.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/css
last-modified: Mon, 24 Oct 2022 22:49:55 GMT
etag: W/"63571693-13c18"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ogapwyqe2r
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Sun, 13 Nov 2022 21:53:22 GMT
x-served-by: cache-bma1654-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1668376402.220264,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 10454
X-Firefox-Spdy: h2

claimwell.com/wp-content/plugins/header-footer-elementor/inc/widgets-css/frontend.css?ver=1.6.13

151.101.130.159

200 OK

9.6 kB

URL HTTP/2
claimwell.com/wp-content/plugins/header-footer-elementor/inc/widgets-css/frontend.css?ver=1.6.13
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type
Unicode text, UTF-8 text, with very long lines (1646)
Size
9.6 kB (9576 bytes)
Hash
eedfe054bcb463863781057ab6f69abb
448c2e7bab71dc8312c51536855e702b0eb9c515
88d7bd229f33e561df4a16846334228f0183334ab25813ee8022bd4fdb045867

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/header-footer-elementor/inc/widgets-css/frontend.css?ver=1.6.13 HTTP/1.1
Host: claimwell.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://claimwell.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/css
last-modified: Mon, 24 Oct 2022 22:49:39 GMT
etag: W/"63571683-127a4"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ogapwyqe2r
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Sun, 13 Nov 2022 21:53:22 GMT
x-served-by: cache-bma1654-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1668376402.220901,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 9576
X-Firefox-Spdy: h2

claimwell.com/wp-content/plugins/th-widget-pack/header-footer/assets/css/header-footer-elementor.css?ver=2.1.14

151.101.130.159

200 OK

456 B

URL HTTP/2
claimwell.com/wp-content/plugins/th-widget-pack/header-footer/assets/css/header-footer-elementor.css?ver=2.1.14
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type
ASCII text
Size
456 B (456 bytes)
Hash
ed50d0b8f686c12f99af00f219a76b85
fab2c67ea39365dde11acbeda939187db4eedb8b
98c0713ed54c191d8a0868b6a6f103b133a81c2593758ed71cabcbb700423106

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/th-widget-pack/header-footer/assets/css/header-footer-elementor.css?ver=2.1.14 HTTP/1.1
Host: claimwell.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://claimwell.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/css
last-modified: Mon, 24 Oct 2022 22:49:55 GMT
etag: W/"63571693-4c6"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ogapwyqe2r
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Sun, 13 Nov 2022 21:53:22 GMT
x-served-by: cache-bma1654-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1668376402.222006,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 456
X-Firefox-Spdy: h2

claimwell.com/wp-content/uploads/elementor/css/post-5004.css?ver=1667319981

151.101.130.159

200 OK

3.1 kB

URL HTTP/2
claimwell.com/wp-content/uploads/elementor/css/post-5004.css?ver=1667319981
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (11072)
Size
3.1 kB (3119 bytes)
Hash
925a76356addac87430f5bbb1a45a575
cf44e04548456d25eb9af9d884a56c072eb1d468
e4d6e25f69067d9a972e15e1e39f49b8641d9b236faf99237298f3bef26d115f

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/uploads/elementor/css/post-5004.css?ver=1667319981 HTTP/1.1
Host: claimwell.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://claimwell.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/css
last-modified: Tue, 01 Nov 2022 16:26:21 GMT
etag: W/"636148ad-85b2"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ogapwyqe2r
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Sun, 13 Nov 2022 21:53:22 GMT
x-served-by: cache-bma1654-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1668376402.223414,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 3119
X-Firefox-Spdy: h2

claimwell.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=3.8.0

151.101.130.159

200 OK

14 kB

URL HTTP/2
claimwell.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=3.8.0
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (59158)
Size
14 kB (14284 bytes)
Hash
25b37bc500e807c9f09d41f36d06a3ad
008541e3bc221a9e0cfa873248ee4dc05b563d8e
1033a30450338e77b9c322f9ae9ad68b50f801272bef293933d6135f9126aa13

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=3.8.0 HTTP/1.1
Host: claimwell.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://claimwell.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/css
last-modified: Tue, 01 Nov 2022 16:22:33 GMT
etag: W/"636147c9-e7d0"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ogapwyqe2r
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Sun, 13 Nov 2022 21:53:22 GMT
x-served-by: cache-bma1654-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1668376402.219904,VS0,VE5
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 14284
X-Firefox-Spdy: h2

claimwell.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0

151.101.130.159

200 OK

7.8 kB

URL HTTP/2
claimwell.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (30837)
Size
7.8 kB (7780 bytes)
Hash
73e38ca778aab03265ab5c8c5922b3d3
d55aa22c1227719a6a5239b5f2c0251fc563d7e0
0d49cde3035dbb3baf30ac0e801b8a21175072224f0192675dabeda3b7159814

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0 HTTP/1.1
Host: claimwell.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://claimwell.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/css
last-modified: Tue, 01 Nov 2022 16:22:33 GMT
etag: W/"636147c9-7917"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ogapwyqe2r
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Sun, 13 Nov 2022 21:53:22 GMT
x-served-by: cache-bma1654-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1668376402.224170,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 7780
X-Firefox-Spdy: h2

claimwell.com/wp-content/themes/stratusx/assets/css/app.css?ver=1

151.101.130.159

200 OK

54 kB

URL HTTP/2
claimwell.com/wp-content/themes/stratusx/assets/css/app.css?ver=1
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (64784)
Size
54 kB (54340 bytes)
Hash
b2a3c4cd86a0bb706664510786d694e9
a7a2630965f395757ed0103d2567277947475b03
70f9fc283cde3260f98401c7aea5dafa6dba243a6b9f6fa6131f611a430c3f27

HTTP Headers

GET /wp-content/themes/stratusx/assets/css/app.css?ver=1 HTTP/1.1
Host: claimwell.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://claimwell.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/css
last-modified: Mon, 22 Nov 2021 21:02:06 GMT
etag: W/"619c054e-44269"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ogapwyqe2r
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Sun, 13 Nov 2022 21:53:22 GMT
x-served-by: cache-bma1654-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1668376402.224923,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 54340
X-Firefox-Spdy: h2

claimwell.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.3

151.101.130.159

200 OK

311 B

URL HTTP/2
claimwell.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.3
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (489)
Size
311 B (311 bytes)
Hash
c58b23e189e3c7cf45cb7014e704d05b
e6850968edf763aafe862a226a0a3380f4827488
6ba81ab0941a10e6bb1a48b83f30ddaedba974c6609bec7210d9a27e4b3ef38d

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.3 HTTP/1.1
Host: claimwell.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://claimwell.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/css
last-modified: Tue, 01 Nov 2022 16:22:33 GMT
etag: W/"636147c9-2a3"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ogapwyqe2r
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Sun, 13 Nov 2022 21:53:22 GMT
x-served-by: cache-bma1654-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1668376402.237544,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 311
X-Firefox-Spdy: h2

claimwell.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

151.101.130.159

200 OK

34 kB

URL HTTP/2
claimwell.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (65447)
Size
34 kB (34060 bytes)
Hash
22b0253c0ecce70e41e296d176b0d972
a161c363d2092739db21bfeb2cf23c980ec71580
181967b7928e133789c8edbb8bdcb73d44a0328d884b613f8ebfb182b4c3c52e

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: claimwell.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://claimwell.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 18 Oct 2022 08:13:20 GMT
etag: W/"634e6020-15db1"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
cache-control: public, max-age=31536000
x-fw-hash: ogapwyqe2r
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Sun, 13 Nov 2022 21:53:22 GMT
x-served-by: cache-bma1654-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1668376402.237501,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 34060
X-Firefox-Spdy: h2

claimwell.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3

151.101.130.159

200 OK

14 kB

URL HTTP/2
claimwell.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (57726)
Size
14 kB (13975 bytes)
Hash
2f0b07689b34366c1b04e9c84cc2b54c
0a49469573f7add891658c75253a4b68953925e5
6bddc997475f4020265128478b59384b44792a0f986d6a04cd79722b99f2f55f

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3 HTTP/1.1
Host: claimwell.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://claimwell.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/css
last-modified: Tue, 01 Nov 2022 16:22:33 GMT
etag: W/"636147c9-e238"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ogapwyqe2r
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Sun, 13 Nov 2022 21:53:22 GMT
x-served-by: cache-bma1654-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1668376402.237623,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 13975
X-Firefox-Spdy: h2

claimwell.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3

151.101.130.159

200 OK

312 B

URL HTTP/2
claimwell.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (483)
Size
312 B (312 bytes)
Hash
1a5f57a3c279130e5385dc23c63480ca
495d0b9326b42d552932276b815779bbc09d7083
6f5b533f1629e50e5fe7e2e9ede37072b0f9d65e439d0d56d43daa4373d1d745

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3 HTTP/1.1
Host: claimwell.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://claimwell.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/css
last-modified: Tue, 01 Nov 2022 16:22:33 GMT
etag: W/"636147c9-29d"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ogapwyqe2r
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Sun, 13 Nov 2022 21:53:22 GMT
x-served-by: cache-bma1654-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1668376402.237587,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 312
X-Firefox-Spdy: h2

claimwell.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/regular.min.css?ver=5.15.3

151.101.130.159

200 OK

310 B

URL HTTP/2
claimwell.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/regular.min.css?ver=5.15.3
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (491)
Size
310 B (310 bytes)
Hash
c62d5dcd85da44a1dfb134f50da09157
7ad9087d70136a8e584331db02048d13f8b95e82
ab305466b8f11236d52c021823260b82c195c627e6323e7079a8a7c733335f03

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/regular.min.css?ver=5.15.3 HTTP/1.1
Host: claimwell.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://claimwell.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/css
last-modified: Tue, 01 Nov 2022 16:22:33 GMT
etag: W/"636147c9-2a5"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ogapwyqe2r
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Sun, 13 Nov 2022 21:53:22 GMT
x-served-by: cache-bma1654-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1668376402.237562,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 310
X-Firefox-Spdy: h2

claimwell.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.8.0

151.101.130.159

200 OK

2.3 kB

URL HTTP/2
claimwell.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.8.0
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (4918)
Size
2.3 kB (2252 bytes)
Hash
9f4f8167378b3647579db7fdcd32222c
f39aed2f852126793181def8995a2f775b01e909
6e6e245457169f9ef416988e1569a55f965c750dda363ae567bd285a076ea6c9

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.8.0 HTTP/1.1
Host: claimwell.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://claimwell.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 01 Nov 2022 16:22:32 GMT
etag: W/"636147c8-135d"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ogapwyqe2r
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Sun, 13 Nov 2022 21:53:22 GMT
x-served-by: cache-bma1654-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1668376402.269949,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 2252
X-Firefox-Spdy: h2

claimwell.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.8.0

151.101.130.159

200 OK

12 kB

URL HTTP/2
claimwell.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.8.0
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type
Unicode text, UTF-8 text, with very long lines (32907)
Size
12 kB (11599 bytes)
Hash
85b9957cfe29d6b964ee7d5fe7a721e5
2a7ceee62c538ed2cf691c1a63c1b39e86f45642
eb64e609ea8c352fee372f74c1cea32033a25051f1d3fd41d0dd57a6f199f786

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.8.0 HTTP/1.1
Host: claimwell.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://claimwell.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 01 Nov 2022 16:22:32 GMT
etag: W/"636147c8-80b3"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ogapwyqe2r
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Sun, 13 Nov 2022 21:53:22 GMT
x-served-by: cache-bma1654-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1668376402.269886,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 11599
X-Firefox-Spdy: h2

claimwell.com/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.8.0

151.101.130.159

200 OK

2.4 kB

URL HTTP/2
claimwell.com/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.8.0
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (5191)
Size
2.4 kB (2439 bytes)
Hash
9a1f831972cf36eee6e2db70b9700bc4
0b5cbaed4bbae8e325a10b66afb502d025f7a297
fdfd0da5acc22a7dae57774bbee36b0c85ba3c7a6f4fab18a1773ccb1e17fe89

HTTP Headers

GET /wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.8.0 HTTP/1.1
Host: claimwell.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://claimwell.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 01 Nov 2022 16:22:43 GMT
etag: W/"636147d3-1472"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ogapwyqe2r
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Sun, 13 Nov 2022 21:53:22 GMT
x-served-by: cache-bma1654-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1668376402.269956,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 2439
X-Firefox-Spdy: h2

claimwell.com/wp-content/plugins/elementor-pro/assets/lib/smartmenus/jquery.smartmenus.min.js?ver=1.0.1

151.101.130.159

200 OK

7.9 kB

URL HTTP/2
claimwell.com/wp-content/plugins/elementor-pro/assets/lib/smartmenus/jquery.smartmenus.min.js?ver=1.0.1
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (25115)
Size
7.9 kB (7921 bytes)
Hash
980e80ed6ddbdc9807aea533c70bb286
5740cc3f4f32e6c07083b160e5e729ddca90b634
4a8490c04d4be66e5bb053e8f9483484cb5c798f93ef06f9f94aade11aa47533

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/elementor-pro/assets/lib/smartmenus/jquery.smartmenus.min.js?ver=1.0.1 HTTP/1.1
Host: claimwell.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://claimwell.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 01 Nov 2022 16:22:43 GMT
etag: W/"636147d3-6272"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ogapwyqe2r
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Sun, 13 Nov 2022 21:53:22 GMT
x-served-by: cache-bma1654-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1668376402.269994,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 7921
X-Firefox-Spdy: h2

claimwell.com/wp-content/plugins/th-widget-pack/js/themo-foot.js?ver=2.1.14

151.101.130.159

200 OK

3.3 kB

URL HTTP/2
claimwell.com/wp-content/plugins/th-widget-pack/js/themo-foot.js?ver=2.1.14
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type
ASCII text
Size
3.3 kB (3261 bytes)
Hash
aa423480c0248f90c164e37b73c1b1a5
ceb372bc26ddb3bd72a3a3beb5f6bf8f91df15da
d87417f4e43bd80bbe3f6ed9973ebe7b7e25c5d425b479e088f767099cb43d3b

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/th-widget-pack/js/themo-foot.js?ver=2.1.14 HTTP/1.1
Host: claimwell.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://claimwell.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
last-modified: Mon, 24 Oct 2022 22:49:55 GMT
etag: W/"63571693-2b02"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ogapwyqe2r
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Sun, 13 Nov 2022 21:53:22 GMT
x-served-by: cache-bma1654-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1668376402.270129,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 3261
X-Firefox-Spdy: h2

claimwell.com/wp-content/themes/stratusx/assets/js/main.js?ver=1.2

151.101.130.159

200 OK

3.8 kB

URL HTTP/2
claimwell.com/wp-content/themes/stratusx/assets/js/main.js?ver=1.2
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type
Unicode text, UTF-8 text
Size
3.8 kB (3808 bytes)
Hash
c72620fb8f97d6bcf2e405ed3e3e6ab7
eb51b8f6f793f0e19996870943f7a7933e2ee6a6
582b18057eb11108c5082817e9f3a6857afb6f6d7e76f92407a1d94df5e0b06d

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/stratusx/assets/js/main.js?ver=1.2 HTTP/1.1
Host: claimwell.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://claimwell.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
last-modified: Mon, 22 Nov 2021 21:02:06 GMT
etag: W/"619c054e-2a55"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ogapwyqe2r
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Sun, 13 Nov 2022 21:53:22 GMT
x-served-by: cache-bma1654-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1668376402.270060,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 3808
X-Firefox-Spdy: h2

claimwell.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2

151.101.130.159

200 OK

3.3 kB

URL HTTP/2
claimwell.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (12198), with no line terminators
Size
3.3 kB (3281 bytes)
Hash
e7e06a56acbe48a5e94540829d446734
a62e3d7ea0dbd0a3e771f419377882aee5512e67
42ba07f11715edb58a365296c32ae85230bb28f164a34f561f295cbceb1f5981

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2 HTTP/1.1
Host: claimwell.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://claimwell.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 01 Nov 2022 16:22:33 GMT
etag: W/"636147c9-2fa6"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ogapwyqe2r
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Sun, 13 Nov 2022 21:53:22 GMT
x-served-by: cache-bma1654-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1668376402.270191,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 3281
X-Firefox-Spdy: h2

claimwell.com/wp-includes/js/imagesloaded.min.js?ver=4.1.4

151.101.130.159

200 OK

1.9 kB

URL HTTP/2
claimwell.com/wp-includes/js/imagesloaded.min.js?ver=4.1.4
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (5477)
Size
1.9 kB (1946 bytes)
Hash
fcf12c7d3f5778470877aff26bdb3040
b8cc6b30eb49ef014651e6f22e4a33b74a3fde1e
2b6a1c6d97acd8b8f1460d8e4acbac8f911aa950c482ab794888f40c63fb2d6f

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/imagesloaded.min.js?ver=4.1.4 HTTP/1.1
Host: claimwell.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://claimwell.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 18 Oct 2022 08:13:20 GMT
etag: W/"634e6020-15fd"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
cache-control: public, max-age=31536000
x-fw-hash: ogapwyqe2r
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Sun, 13 Nov 2022 21:53:22 GMT
x-served-by: cache-bma1654-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1668376402.270011,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 1946
X-Firefox-Spdy: h2

claimwell.com/wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/js/view/general.min.js?ver=5.4.2

151.101.130.159

200 OK

3.0 kB

URL HTTP/2
claimwell.com/wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/js/view/general.min.js?ver=5.4.2
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (8014), with no line terminators
Size
3.0 kB (3000 bytes)
Hash
44cf56521abf6feb68df54afd572fba9
a5ba5bfd8c5fef35992d180830102c2e208713fb
8c5ab0acb7b0de7851ab139751ca2b8f2c3a042d1b74eeb593047199c0e5d0fb

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/js/view/general.min.js?ver=5.4.2 HTTP/1.1
Host: claimwell.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://claimwell.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 01 Nov 2022 16:22:49 GMT
etag: W/"636147d9-1f4e"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ogapwyqe2r
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Sun, 13 Nov 2022 21:53:22 GMT
x-served-by: cache-bma1654-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1668376402.270238,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 3000
X-Firefox-Spdy: h2

claimwell.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

151.101.130.159

200 OK

4.4 kB

URL HTTP/2
claimwell.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (11126)
Size
4.4 kB (4405 bytes)
Hash
24957bc8161f979c6e661f46fdc3974f
fa1237ffe8b3745baa78ac481239038e133fcc17
46acf87c90961d413ac24eace25b77a8d5236daf38799fec2daf0bc350cc6ebe

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: claimwell.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://claimwell.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 18 Oct 2022 08:13:20 GMT
etag: W/"634e6020-2bd8"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
cache-control: public, max-age=31536000
x-fw-hash: ogapwyqe2r
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Sun, 13 Nov 2022 21:53:22 GMT
x-served-by: cache-bma1654-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1668376402.270408,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 4405
X-Firefox-Spdy: h2

claimwell.com/wp-content/themes/stratusx/assets/js/vendor/vendor_footer.js?ver=1.2

151.101.130.159

200 OK

36 kB

URL HTTP/2
claimwell.com/wp-content/themes/stratusx/assets/js/vendor/vendor_footer.js?ver=1.2
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (65536), with no line terminators
Size
36 kB (35932 bytes)
Hash
8fabaacc1c210aec94b2224eb0434878
54e630b5711d880f85b9640f04df89d9d200cef9
a2f4874e50eee01e2623ed6f20737b3e9207627d45a5ba16977ccdedd65d96f3

HTTP Headers

GET /wp-content/themes/stratusx/assets/js/vendor/vendor_footer.js?ver=1.2 HTTP/1.1
Host: claimwell.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://claimwell.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
last-modified: Mon, 22 Nov 2021 21:02:06 GMT
etag: W/"619c054e-1d211"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ogapwyqe2r
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Sun, 13 Nov 2022 21:53:22 GMT
x-served-by: cache-bma1654-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1668376402.270101,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 35932
X-Firefox-Spdy: h2

claimwell.com/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.8.0

151.101.130.159

200 OK

2.9 kB

URL HTTP/2
claimwell.com/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.8.0
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (10019)
Size
2.9 kB (2945 bytes)
Hash
6a41a891222b20ffa888a263dadd9541
0a60e8f24954286903a61455c3b5dee0aed7893e
66f99b0608e47e9e1ecd50287f529a11b830d7e561b52da7f697fd91d7995db0

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.8.0 HTTP/1.1
Host: claimwell.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://claimwell.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/css
last-modified: Tue, 01 Nov 2022 16:22:32 GMT
etag: W/"636147c8-4824"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ogapwyqe2r
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Sun, 13 Nov 2022 21:53:22 GMT
x-served-by: cache-bma1654-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1668376402.270612,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 2945
X-Firefox-Spdy: h2

claimwell.com/wp-content/plugins/elementor/assets/lib/jquery-numerator/jquery-numerator.min.js?ver=0.2.1

151.101.130.159

200 OK

766 B

URL HTTP/2
claimwell.com/wp-content/plugins/elementor/assets/lib/jquery-numerator/jquery-numerator.min.js?ver=0.2.1
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (1801), with no line terminators
Size
766 B (766 bytes)
Hash
d050f456fb3f3eca90330ceb0589fdb8
4ef5b7af377ec4750713019e9fd07a618805971e
d8ff1d2961e2c14d53dc5c32541e9ee2cd0addd6aa84958d6f24a6bd3c3d8d2d

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/jquery-numerator/jquery-numerator.min.js?ver=0.2.1 HTTP/1.1
Host: claimwell.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://claimwell.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 01 Nov 2022 16:22:33 GMT
etag: W/"636147c9-709"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ogapwyqe2r
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Sun, 13 Nov 2022 21:53:22 GMT
x-served-by: cache-bma1654-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1668376402.270044,VS0,VE2
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 766
X-Firefox-Spdy: h2

claimwell.com/wp-content/plugins/elementor/assets/lib/font-awesome/js/v4-shims.min.js?ver=3.8.0

151.101.130.159

200 OK

4.6 kB

URL HTTP/2
claimwell.com/wp-content/plugins/elementor/assets/lib/font-awesome/js/v4-shims.min.js?ver=3.8.0
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (14869)
Size
4.6 kB (4631 bytes)
Hash
499ded81ca80920c1b3521598e259548
d6b47dce6475ee2b47e16ee211efab0e65b665ca
b7e9f78215fd2ffd092c2c5c456ade5e3f293b6411f6279caf40e3fb247b8fe1

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/font-awesome/js/v4-shims.min.js?ver=3.8.0 HTTP/1.1
Host: claimwell.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://claimwell.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 01 Nov 2022 16:22:33 GMT
etag: W/"636147c9-3acf"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ogapwyqe2r
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Sun, 13 Nov 2022 21:53:22 GMT
x-served-by: cache-bma1654-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1668376402.270511,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 4631
X-Firefox-Spdy: h2

claimwell.com/wp-content/plugins/th-widget-pack/header-footer/inc/js/frontend.js?ver=2.1.14

151.101.130.159

200 OK

4.2 kB

URL HTTP/2
claimwell.com/wp-content/plugins/th-widget-pack/header-footer/inc/js/frontend.js?ver=2.1.14
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type
ASCII text
Size
4.2 kB (4154 bytes)
Hash
fcddc76226a5d9daa33fa13cfd81a0dc
8204598ef91c5dd506ea28b13b2ee1826b115b3d
439623cc1a6b45a494093b92c6a5ae0a85cb7e2bbb46f7573ddf9a89a8161e18

HTTP Headers

GET /wp-content/plugins/th-widget-pack/header-footer/inc/js/frontend.js?ver=2.1.14 HTTP/1.1
Host: claimwell.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://claimwell.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
last-modified: Mon, 24 Oct 2022 22:49:55 GMT
etag: W/"63571693-6384"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ogapwyqe2r
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Sun, 13 Nov 2022 21:53:22 GMT
x-served-by: cache-bma1654-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1668376402.270168,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 4154
X-Firefox-Spdy: h2

claimwell.com/wp-content/uploads/essential-addons-elementor/eael-3890.js?ver=1631176832

151.101.130.159

200 OK

868 B

URL HTTP/2
claimwell.com/wp-content/uploads/essential-addons-elementor/eael-3890.js?ver=1631176832
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (2104), with no line terminators
Size
868 B (868 bytes)
Hash
bec8f4b34456c4c3dcbf4937bbda8d8a
7f2093800079cf133a01ed4bd2684328582ea59b
1bee1a4a3c209617ad7f3cf6170a5fba8357e4f70ad621423a8c534dc0e22714

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/uploads/essential-addons-elementor/eael-3890.js?ver=1631176832 HTTP/1.1
Host: claimwell.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://claimwell.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
last-modified: Mon, 24 Oct 2022 22:58:08 GMT
etag: W/"63571880-838"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ogapwyqe2r
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Sun, 13 Nov 2022 21:53:22 GMT
x-served-by: cache-bma1654-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1668376402.270233,VS0,VE2
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 868
X-Firefox-Spdy: h2

claimwell.com/wp-content/uploads/2020/12/RRE-Ventures.png

151.101.130.159

200 OK

6.8 kB

URL HTTP/2
claimwell.com/wp-content/uploads/2020/12/RRE-Ventures.png
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type
PNG image data, 900 x 600, 8-bit colormap, non-interlaced\012- data
Size
6.8 kB (6770 bytes)
Hash
ca7f4f0b097551d79d49369a5f034f1a
d3875cc8c88a254cc544fe0da10d4f9eea096376
cfbe866f18aa9783cf6ee684d887e71292bff73f50fa73329a0a559a0bd621fc

HTTP Headers

GET /wp-content/uploads/2020/12/RRE-Ventures.png HTTP/1.1
Host: claimwell.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://claimwell.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/png
last-modified: Mon, 22 Nov 2021 21:02:00 GMT
etag: W/"619c0548-1e6d"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ogapwyqe2r
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Sun, 13 Nov 2022 21:53:22 GMT
x-served-by: cache-bma1654-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1668376402.270723,VS0,VE3
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 6770
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
bc49d7a510846ce4c52fc2bcf19c591c
42189d9ddeba55c15da20ab02c8ccad4a8ad7ae2
86ce259086857d53f246aa21f8cb5dc2be85435601b687f727d3a5a2e38ec406

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 13 Nov 2022 21:53:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
d6dcd32d23f1840e1ed591b30b098bb6
98defcbcd3ae6d45e12b7ed0a55d7d32da675289
f7a78d0502af553972a836a0deb4a0239a3506fcf962f23f58c73fbb84c2313b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 13 Nov 2022 21:53:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

claimwell.com/wp-content/uploads/2021/03/dollar-sign-circle.svg

151.101.130.159

200 OK

801 B

URL HTTP/2
claimwell.com/wp-content/uploads/2021/03/dollar-sign-circle.svg
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1525), with no line terminators
Size
801 B (801 bytes)
Hash
e055afed172f07444a8754dd14ead516
3e6a2e9cb46e8f5ab04b1059b99ad8d04e43606e
5c5aaad0fbd414b6f7e5cd22ea20529c63ecd827c019f5675d6b1ff9de8e8205

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/uploads/2021/03/dollar-sign-circle.svg HTTP/1.1
Host: claimwell.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://claimwell.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Mon, 22 Nov 2021 21:01:41 GMT
etag: W/"619c0535-5f5"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ogapwyqe2r
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Sun, 13 Nov 2022 21:53:22 GMT
x-served-by: cache-bma1654-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1668376402.270444,VS0,VE10
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
access-control-allow-origin: *
x-fw-type: VISIT
content-length: 801
X-Firefox-Spdy: h2

claimwell.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9

151.101.130.159

200 OK

2.6 kB

URL HTTP/2
claimwell.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (6475), with no line terminators
Size
2.6 kB (2581 bytes)
Hash
cba765ca076cb13c7678f0293fb8a3da
98430a0a3db9c19a16f6940750a6738c4d00f962
f68a3fba394baf3508e7987049a6037d9f3e212dc9698976df9fbeb5703379ab

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP/1.1
Host: claimwell.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://claimwell.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 18 Oct 2022 08:13:20 GMT
etag: W/"634e6020-194b"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
cache-control: public, max-age=31536000
x-fw-hash: ogapwyqe2r
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Sun, 13 Nov 2022 21:53:22 GMT
x-served-by: cache-bma1654-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1668376402.302974,VS0,VE2
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 2581
X-Firefox-Spdy: h2

claimwell.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

151.101.130.159

200 OK

7.6 kB

URL HTTP/2
claimwell.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type
Unicode text, UTF-8 text, with very long lines (19138), with no line terminators
Size
7.6 kB (7559 bytes)
Hash
2059fe073bfc62ce84fe8fc1f42d35a9
68038ff5383ffde15542f57782d7a53c8de8bb48
543dbc6a5dd60032fb9d74beef1f7ac5f6cee543b6422b1f0928b9001d050eb8

HTTP Headers

GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: claimwell.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://claimwell.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 18 Oct 2022 08:13:20 GMT
etag: W/"634e6020-4ac6"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
cache-control: public, max-age=31536000
x-fw-hash: ogapwyqe2r
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Sun, 13 Nov 2022 21:53:22 GMT
x-served-by: cache-bma1654-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1668376402.303125,VS0,VE6
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 7559
X-Firefox-Spdy: h2

claimwell.com/wp-includes/js/dist/hooks.min.js?ver=c6d64f2cb8f5c6bb49caca37f8828ce3

151.101.130.159

200 OK

1.7 kB

URL HTTP/2
claimwell.com/wp-includes/js/dist/hooks.min.js?ver=c6d64f2cb8f5c6bb49caca37f8828ce3
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (4875)
Size
1.7 kB (1736 bytes)
Hash
13d536181f99675ef7d13d91c86c24dd
c30ec279027b1dc05df149f3953b384f50a72a05
1192c8ec0e73df274d3ffb2302091f67d2a4fc15200a6fd138661dfd7cc2f222

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/dist/hooks.min.js?ver=c6d64f2cb8f5c6bb49caca37f8828ce3 HTTP/1.1
Host: claimwell.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://claimwell.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 18 Oct 2022 08:13:20 GMT
etag: W/"634e6020-132e"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
cache-control: public, max-age=31536000
x-fw-hash: ogapwyqe2r
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Sun, 13 Nov 2022 21:53:22 GMT
x-served-by: cache-bma1654-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1668376402.311292,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 1736
X-Firefox-Spdy: h2

claimwell.com/wp-includes/js/dist/i18n.min.js?ver=ebee46757c6a411e38fd079a7ac71d94

151.101.130.159

200 OK

4.1 kB

URL HTTP/2
claimwell.com/wp-includes/js/dist/i18n.min.js?ver=ebee46757c6a411e38fd079a7ac71d94
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type
data
Size
4.1 kB (4059 bytes)
Hash
feb20fa17603ebf83bd29bb99298c82f
1944c6bf9ad5f4283fcb221ada39438b8528f5a2
eeffaf3cad83f30cadd4a89d66fcc4ea8e929330625ab40c6ac8a651e41eb595

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/dist/i18n.min.js?ver=ebee46757c6a411e38fd079a7ac71d94 HTTP/1.1
Host: claimwell.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://claimwell.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 18 Oct 2022 08:13:20 GMT
etag: W/"634e6020-27ee"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
cache-control: public, max-age=31536000
x-fw-hash: ogapwyqe2r
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Sun, 13 Nov 2022 21:53:22 GMT
x-served-by: cache-bma1654-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1668376402.311938,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 4059
X-Firefox-Spdy: h2

claimwell.com/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.8.0

151.101.130.159

200 OK

6.3 kB

URL HTTP/2
claimwell.com/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.8.0
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (21624)
Size
6.3 kB (6308 bytes)
Hash
327334f1610e7beca3db87254e141ede
88aad29b5322ece8aa9c63c72d8a25e4744acf3c
cecef52015c8fd37983e2e1afab16a577ebd4c1c0fbd6b073a58be6f43c46c52

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.8.0 HTTP/1.1
Host: claimwell.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://claimwell.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 01 Nov 2022 16:22:42 GMT
etag: W/"636147d2-54a3"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ogapwyqe2r
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Sun, 13 Nov 2022 21:53:22 GMT
x-served-by: cache-bma1654-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1668376402.312026,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 6308
X-Firefox-Spdy: h2

claimwell.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1

151.101.130.159

200 OK

7.4 kB

URL HTTP/2
claimwell.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type
Unicode text, UTF-8 text, with very long lines (8189)
Size
7.4 kB (7442 bytes)
Hash
7070cf6c839a09af2a84f926dd2f95e1
2ac5f6312b4cc85f39804d4a61eeb00c2cced58e
ed584ebba9826c2d9fb5078ca275ce47d05b2a9a1f075e7493526fe7fe458c4c

HTTP Headers

GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.1 HTTP/1.1
Host: claimwell.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://claimwell.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 18 Oct 2022 08:13:20 GMT
etag: W/"634e6020-50eb"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
cache-control: public, max-age=31536000
x-fw-hash: ogapwyqe2r
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Sun, 13 Nov 2022 21:53:22 GMT
x-served-by: cache-bma1654-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1668376402.312547,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 7442
X-Firefox-Spdy: h2

claimwell.com/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6

151.101.130.159

200 OK

40 kB

URL HTTP/2
claimwell.com/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (65280)
Size
40 kB (40188 bytes)
Hash
9ed258a936a3d2ce45e94a8db42f9d31
6165e240ceb0f3dffff99e006e4bde5a5039cc9e
2a21ec91e4a5790ad487670a13f80e62d6d17b6725d13d0e23c33e10ddda2311

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6 HTTP/1.1
Host: claimwell.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://claimwell.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 01 Nov 2022 16:22:33 GMT
etag: W/"636147c9-21f91"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ogapwyqe2r
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Sun, 13 Nov 2022 21:53:22 GMT
x-served-by: cache-bma1654-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1668376402.312615,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 40188
X-Firefox-Spdy: h2

claimwell.com/wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.8.0

151.101.130.159

200 OK

1.2 kB

URL HTTP/2
claimwell.com/wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.8.0
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (2620), with no line terminators
Size
1.2 kB (1163 bytes)
Hash
155e4f944ca10383b6595411b6dd9b73
7a350878d60b6574dc0b207ff5c40e9e1a833394
9b154543aa75cc39dced26c6e6cbc2e8f694299084b85c5ad35b489e3bcae14c

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.8.0 HTTP/1.1
Host: claimwell.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://claimwell.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 01 Nov 2022 16:22:33 GMT
etag: W/"636147c9-a3c"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ogapwyqe2r
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Sun, 13 Nov 2022 21:53:22 GMT
x-served-by: cache-bma1654-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1668376402.313274,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 1163
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
a635b6112e22763022c9bce0e9141fae
13ba9e635ad5bf7bb57c39a154eec28c4b326801
4b22d01fc2179a0a13fd70d7e80b98f0b865397af369c2dc03678b072b7f7e90

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 13 Nov 2022 21:53:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

claimwell.com/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.9.0

151.101.130.159

200 OK

3.7 kB

URL HTTP/2
claimwell.com/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.9.0
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (10544)
Size
3.7 kB (3713 bytes)
Hash
79154440db11a2fce12d7466816f540b
6936f61c5ec9b0fbb2c22f5b0360144200eee413
f380628bae09ae5f189c9a3beadacd7e0f39606d086476bc21f76c8d69fef241

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.9.0 HTTP/1.1
Host: claimwell.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://claimwell.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 01 Nov 2022 16:22:33 GMT
etag: W/"636147c9-29ba"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ogapwyqe2r
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Sun, 13 Nov 2022 21:53:22 GMT
x-served-by: cache-bma1654-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1668376402.319414,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 3713
X-Firefox-Spdy: h2

claimwell.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.8.0

151.101.130.159

200 OK

13 kB

URL HTTP/2
claimwell.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.8.0
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (40474)
Size
13 kB (13240 bytes)
Hash
4f77ab858523d1d3443d76a569cea6d2
eebca9a6d6c00a7f0db1f14678e3d2598de09ab1
11109fd617951d02cbaccfd9cc2773f0161e41d34169102b330051d23d280f25

HTTP Headers

GET /wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.8.0 HTTP/1.1
Host: claimwell.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://claimwell.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 01 Nov 2022 16:22:32 GMT
etag: W/"636147c8-9e41"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ogapwyqe2r
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Sun, 13 Nov 2022 21:53:22 GMT
x-served-by: cache-bma1654-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1668376402.360945,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 13240
X-Firefox-Spdy: h2

claimwell.com/wp-content/plugins/elementor/assets/js/preloaded-modules.min.js?ver=3.8.0

151.101.130.159

200 OK

14 kB

URL HTTP/2
claimwell.com/wp-content/plugins/elementor/assets/js/preloaded-modules.min.js?ver=3.8.0
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (43101)
Size
14 kB (14251 bytes)
Hash
cc1be579a6292ef0bfc7d812f432b738
5592e611fce34c3936a392d9a879476574569bf2
460826e1e23dda3d67c25eaa1ff89a4054f345cfdc60a6e6aecd433bdca1ba09

HTTP Headers

GET /wp-content/plugins/elementor/assets/js/preloaded-modules.min.js?ver=3.8.0 HTTP/1.1
Host: claimwell.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://claimwell.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 01 Nov 2022 16:22:32 GMT
etag: W/"636147c8-a884"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ogapwyqe2r
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Sun, 13 Nov 2022 21:53:22 GMT
x-served-by: cache-bma1654-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1668376402.391292,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 14251
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=UA-207882829-1

142.250.74.168

200 OK

44 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=UA-207882829-1
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1921)
Size
44 kB (43680 bytes)
Hash
7946ae6e272e9198e8f3bad80b04a79a
0a5617aedd0a2e206e1ac87850528ef1b501293c
0ecc925a2b0eddbcc7b014ba46853024b24ea7590dfa90d6afc653971e31a32c

HTTP Headers

GET /gtag/js?id=UA-207882829-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://claimwell.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 13 Nov 2022 21:53:22 GMT
expires: Sun, 13 Nov 2022 21:53:22 GMT
cache-control: private, max-age=900
last-modified: Sun, 13 Nov 2022 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43680
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

claimwell.com/wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js?ver=3.8.0

151.101.130.159

200 OK

1.7 kB

URL HTTP/2
claimwell.com/wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js?ver=3.8.0
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (3808)
Size
1.7 kB (1654 bytes)
Hash
3dced5421d2d005599ac20da0c49316f
8cfdfe1cc93dd6be5ad99c901d89e428acf7b051
e8554340ba7e8c478bf02d5c81b08bae64cf670b8b8bb2301482b3ac0fce36e2

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js?ver=3.8.0 HTTP/1.1
Host: claimwell.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://claimwell.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 01 Nov 2022 16:22:43 GMT
etag: W/"636147d3-ee1"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ogapwyqe2r
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Sun, 13 Nov 2022 21:53:22 GMT
x-served-by: cache-bma1654-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1668376402.391369,VS0,VE5
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 1654
X-Firefox-Spdy: h2

claimwell.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3

151.101.130.159

200 OK

5.5 kB

URL HTTP/2
claimwell.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (15660)
Size
5.5 kB (5515 bytes)
Hash
17db16eba9de064a60b18a592b36634a
82fc955209623803111e48d5be3cf345315be6f5
1144901adf4e1d54838e6e04a2b75314f3b95518ee654d8c1742af50e355b433

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.3 HTTP/1.1
Host: claimwell.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://claimwell.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 18 Oct 2022 08:13:20 GMT
etag: W/"634e6020-48b9"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
cache-control: public, max-age=31536000
x-fw-hash: ogapwyqe2r
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Sun, 13 Nov 2022 21:53:22 GMT
x-served-by: cache-bma1654-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1668376402.481554,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 5515
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
bc49d7a510846ce4c52fc2bcf19c591c
42189d9ddeba55c15da20ab02c8ccad4a8ad7ae2
86ce259086857d53f246aa21f8cb5dc2be85435601b687f727d3a5a2e38ec406

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 13 Nov 2022 21:53:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
d6dcd32d23f1840e1ed591b30b098bb6
98defcbcd3ae6d45e12b7ed0a55d7d32da675289
f7a78d0502af553972a836a0deb4a0239a3506fcf962f23f58c73fbb84c2313b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 13 Nov 2022 21:53:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
8407d0e10edccb49f0046879825b7141
c9c4dcfc9e674053ed246cc99500d4dd10065bce
9e41f526c12734040e62aac8d4b8b093f60977d9b00feb10e81f78db19de8c26

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 13 Nov 2022 21:53:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

claimwell.com/wp-content/uploads/essential-addons-elementor/eael-3890.css?ver=1631176832

151.101.130.159

200 OK

3.0 kB

URL HTTP/2
claimwell.com/wp-content/uploads/essential-addons-elementor/eael-3890.css?ver=1631176832
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (10267)
Size
3.0 kB (3026 bytes)
Hash
1ef8868a44fece784ed2780ecaf78d91
17cc90c5114099adf7e697a198376cdb8089297d
e9d84688dee5ffb6ae0ae3ed482ba082ee7a710c26b066cd2b977fa27ab2462a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/uploads/essential-addons-elementor/eael-3890.css?ver=1631176832 HTTP/1.1
Host: claimwell.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://claimwell.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/css
last-modified: Mon, 24 Oct 2022 22:58:08 GMT
etag: W/"63571880-43e1"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ogapwyqe2r
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Sun, 13 Nov 2022 21:53:22 GMT
x-served-by: cache-bma1654-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1668376402.216662,VS0,VE482
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 3026
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
fc3c340ec35ab7a79700a6b0e7aef096
e61179b93cf0d957bacde0e8fa0a4aa4606ce2c6
6d32037eb6c34d6df90931b148100f7ec5f8cdd9b969a1e12396d8636b7dcca2

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2255
Cache-Control: max-age=155731
Content-Type: application/ocsp-response
Date: Sun, 13 Nov 2022 21:53:22 GMT
Etag: "63711bd6-117"
Expires: Tue, 15 Nov 2022 17:08:53 GMT
Last-Modified: Sun, 13 Nov 2022 16:31:18 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 279

claimwell.com/wp-content/fonts/raleway/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVs9pbCIPrcVIT9d4cw.woff

151.101.130.159

200 OK

21 kB

URL HTTP/2
claimwell.com/wp-content/fonts/raleway/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVs9pbCIPrcVIT9d4cw.woff
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type
Web Open Font Format, TrueType, length 21288, version 1.1\012- data
Size
21 kB (21288 bytes)
Hash
b551d1a78c967fb1e854393a1114520a
211b36882d860210b9f01b4874aa823bcebe01fe
022b648ed96398d5358f30a503535bf52438c841bfcbc573c232fb5fb8d4d45f

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/fonts/raleway/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVs9pbCIPrcVIT9d4cw.woff HTTP/1.1
Host: claimwell.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://claimwell.com/
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/font-woff
last-modified: Sat, 23 Jul 2022 05:00:47 GMT
etag: "62db807f-5328"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ogapwyqe2r
cache-control: public, max-age=31536000
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Sun, 13 Nov 2022 21:53:22 GMT
x-served-by: cache-bma1654-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1668376403.825459,VS0,VE3
vary: Authorization
x-fw-serve: TRUE
x-fw-static: YES
access-control-allow-origin: *
x-fw-type: VISIT
content-length: 21288
X-Firefox-Spdy: h2

claimwell.com/wp-content/fonts/raleway/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCIPrcVIT9d4cw.woff

151.101.130.159

200 OK

21 kB

URL HTTP/2
claimwell.com/wp-content/fonts/raleway/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCIPrcVIT9d4cw.woff
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type
Web Open Font Format, TrueType, length 20972, version 1.1\012- data
Size
21 kB (20972 bytes)
Hash
a326c47c3038ee95e834af4137354081
328ed7688bb9083e97c264b52d3068a6cf320a53
7b39693e5b25e6747c407920eaf32ace22b70c5753dc45b33e9a2885d297cfb9

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/fonts/raleway/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCIPrcVIT9d4cw.woff HTTP/1.1
Host: claimwell.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://claimwell.com/
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/font-woff
last-modified: Sat, 23 Jul 2022 05:00:47 GMT
etag: "62db807f-51ec"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ogapwyqe2r
cache-control: public, max-age=31536000
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Sun, 13 Nov 2022 21:53:22 GMT
x-served-by: cache-bma1654-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1668376403.828293,VS0,VE1
vary: Authorization
x-fw-serve: TRUE
x-fw-static: YES
access-control-allow-origin: *
x-fw-type: VISIT
content-length: 20972
X-Firefox-Spdy: h2

claimwell.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-regular-400.woff2

151.101.130.159

200 OK

13 kB

URL HTTP/2
claimwell.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-regular-400.woff2
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type
Web Open Font Format (Version 2), TrueType, length 13276, version 331.-31261\012- data
Size
13 kB (13276 bytes)
Hash
f0f8230116992e521526097a28f54066
0447c6b10bbf73f97b23dcfd6e6a48510822cb6e
8afc6e5e842baab16010c2ce6fcf48ec4ded8e1579a37c1f1bc027e120d04951

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-regular-400.woff2 HTTP/1.1
Host: claimwell.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://claimwell.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/regular.min.css?ver=5.15.3
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/octet-stream
last-modified: Tue, 01 Nov 2022 16:22:33 GMT
etag: "636147c9-33dc"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ogapwyqe2r
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Sun, 13 Nov 2022 21:53:22 GMT
x-served-by: cache-bma1654-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1668376403.829139,VS0,VE1
vary: Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 13276
X-Firefox-Spdy: h2

claimwell.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2

151.101.130.159

200 OK

77 kB

URL HTTP/2
claimwell.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type
Web Open Font Format (Version 2), TrueType, length 76764, version 331.-31261\012- data
Size
77 kB (76764 bytes)
Hash
f7307680c7fe85959f3ecf122493ea7d
fce0da592a3e536d6d5df5b50cb513398d8c5161
43c072c16c9ee6d67acdfa6c6d6685ff1e74eb4237b7cc3c1348ab1c108b26af

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: claimwell.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://claimwell.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.3
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/octet-stream
last-modified: Tue, 01 Nov 2022 16:22:33 GMT
etag: "636147c9-12bdc"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ogapwyqe2r
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Sun, 13 Nov 2022 21:53:22 GMT
x-served-by: cache-bma1654-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1668376403.836789,VS0,VE1
vary: Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 76764
X-Firefox-Spdy: h2

claimwell.com/wp-content/fonts/raleway/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVuEorCIPrcVIT9d4cw.woff

151.101.130.159

200 OK

21 kB

URL HTTP/2
claimwell.com/wp-content/fonts/raleway/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVuEorCIPrcVIT9d4cw.woff
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type
Web Open Font Format, TrueType, length 20864, version 1.1\012- data
Size
21 kB (20864 bytes)
Hash
d872d08bbb5a11b339c5c14eda86f4de
858a15f9f63acd7c67741fe86f897477290306f1
d34f1dad21494ea58feed91aaef8cd744d0797f0fe60154d2c9856939f2be994

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/fonts/raleway/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVuEorCIPrcVIT9d4cw.woff HTTP/1.1
Host: claimwell.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://claimwell.com/
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/font-woff
last-modified: Sat, 23 Jul 2022 05:00:47 GMT
etag: "62db807f-5180"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ogapwyqe2r
cache-control: public, max-age=31536000
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Sun, 13 Nov 2022 21:53:22 GMT
x-served-by: cache-bma1654-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1668376403.834514,VS0,VE7
vary: Authorization
x-fw-serve: TRUE
x-fw-static: YES
access-control-allow-origin: *
x-fw-type: VISIT
content-length: 20864
X-Firefox-Spdy: h2

claimwell.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2

151.101.130.159

200 OK

78 kB

URL HTTP/2
claimwell.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type
Web Open Font Format (Version 2), TrueType, length 78196, version 331.-31261\012- data
Size
78 kB (78196 bytes)
Hash
e8a427e15cc502bef99cfd722b37ea98
a9922842a120a7f1eaced667480c5e185a106d69
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: claimwell.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://claimwell.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/octet-stream
last-modified: Tue, 01 Nov 2022 16:22:33 GMT
etag: "636147c9-13174"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ogapwyqe2r
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Sun, 13 Nov 2022 21:53:22 GMT
x-served-by: cache-bma1654-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1668376403.828531,VS0,VE16
vary: Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 78196
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
3723d23fdcd3f3d34132d56faae4428b
4bf9c6e15b8de24fc7387ce145382f9b3e9cb1c8
4bc047ec725bd4d99c9dd4fa11edc91702f722d16e53b5eef0920cb5dc7e7ca8

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 13 Nov 2022 21:53:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
3723d23fdcd3f3d34132d56faae4428b
4bf9c6e15b8de24fc7387ce145382f9b3e9cb1c8
4bc047ec725bd4d99c9dd4fa11edc91702f722d16e53b5eef0920cb5dc7e7ca8

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 13 Nov 2022 21:53:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
3723d23fdcd3f3d34132d56faae4428b
4bf9c6e15b8de24fc7387ce145382f9b3e9cb1c8
4bc047ec725bd4d99c9dd4fa11edc91702f722d16e53b5eef0920cb5dc7e7ca8

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 13 Nov 2022 21:53:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2

216.58.207.195

200 OK

46 kB

URL HTTP/2
fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 46524, version 1.0\012- data
Size
46 kB (46524 bytes)
Hash
c1fd378f54921c75e4ae1821e7b8fff6
2ce96e97783b2f154d07f4464ca6f8eb2469f2c1
405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826

HTTP Headers

GET /s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://claimwell.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 46524
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 07 Nov 2022 21:13:13 GMT
expires: Tue, 07 Nov 2023 21:13:13 GMT
cache-control: public, max-age=31536000
age: 520809
last-modified: Mon, 18 Jul 2022 19:58:01 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

216.58.207.195

200 OK

31 kB

URL HTTP/2
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Size
31 kB (30928 bytes)
Hash
ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

HTTP Headers

GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://claimwell.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 10 Nov 2022 16:40:18 GMT
expires: Fri, 10 Nov 2023 16:40:18 GMT
cache-control: public, max-age=31536000
age: 277984
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
3723d23fdcd3f3d34132d56faae4428b
4bf9c6e15b8de24fc7387ce145382f9b3e9cb1c8
4bc047ec725bd4d99c9dd4fa11edc91702f722d16e53b5eef0920cb5dc7e7ca8

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 13 Nov 2022 21:53:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

player.vimeo.com/video/589397769?color&autopause=0&loop=0&muted=0&title=0&portrait=0&byline=0

162.159.138.60

200 OK

6.1 kB

URL HTTP/1.1
player.vimeo.com/video/589397769?color&autopause=0&loop=0&muted=0&title=0&portrait=0&byline=0
IP
162.159.138.60:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (20328), with no line terminators
Size
6.1 kB (6130 bytes)
Hash
c9f34deaec7abaa9003509d4b6ba6114
93d8286020edaf7693180df8a6f4dc734349d1bc
41bff0dd1b5ad7ba5937ed933bc861b6fc9f3c1c670ee6d01c5c69c394192cd0

HTTP Headers

GET /video/589397769?color&autopause=0&loop=0&muted=0&title=0&portrait=0&byline=0 HTTP/1.1
Host: player.vimeo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://claimwell.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Sun, 13 Nov 2022 21:53:23 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel-player-staging.vimeows.com https://fresnel-event-staging.vimeows.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://*.ingest.sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://*.dna-delivery.com https://*.kollective.app/ https://mimir.cloud.vimeo.com https://*.wirewax.com https://*.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://devcaptions.cloud.vimeo.com/; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; font-src https://edge-assets.wirewax.com https://player.vimeo.com https://fonts.gstatic.com; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://videoapi-sprites.vimeocdn.com https://i.vimeocdn.com https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com https://f.vimeocdn.com; frame-src 'self' https://*
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
link: <https://i.vimeocdn.com>; rel=preconnect; crossorigin, <https://f.vimeocdn.com>; rel=preconnect; crossorigin, <https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin
p3p: CP="This is not a P3P policy! See https://vimeo.com/privacy"
expires: Sun, 13 Nov 2022 22:03:23 GMT
x-host: player-685d5c6dfc-h7bpw
via: 1.1 varnish, 1.1 varnish
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-varnish-cache: 0
x-vserver: playproxy-rollout-prod-varnish-2
x-backend-proxy: playproxy3
x-bapp-server: player-685d5c6dfc-h7bpw
Age: 0
X-Served-By: cache-bma1671-BMA
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1668376403.830746,VS0,VE264
Vary: Accept-Encoding
X-Player-Backend: p
CF-Cache-Status: DYNAMIC
Set-Cookie: __cf_bm=m8Jk_XwyZMk8V.qWzehM929k8gau.2xwUhL2fzlFVUs-1668376403-0-AWSraad11Ow+FRyEGrFLrHHfnd2EgM3fgm+pDM8fYmQjyOXMmrQ740xrIPD5Ef2b2c0/POCKyOwEr52qJNU5OEA=; path=/; expires=Sun, 13-Nov-22 22:23:23 GMT; domain=.vimeo.com; HttpOnly; Secure; SameSite=None
Server: cloudflare
CF-RAY: 769abd659b050afa-OSL
Content-Encoding: gzip

claimwell.com/wp-content/uploads/2020/10/cropped-fav-copy-192x192.png

151.101.130.159

200 OK

9.7 kB

URL HTTP/2
claimwell.com/wp-content/uploads/2020/10/cropped-fav-copy-192x192.png
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type
PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Size
9.7 kB (9704 bytes)
Hash
d3c44e20247335b2179a6171915428e8
f972cd225c17c070f8b1d989845e3fad5b59027e
d4fef434ff4efc0aeadeb237305f2beed46354d2eb76d3edcb30bde9cec0e314

HTTP Headers

GET /wp-content/uploads/2020/10/cropped-fav-copy-192x192.png HTTP/1.1
Host: claimwell.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://claimwell.com/
Connection: keep-alive
Cookie: _ga_1FHZ4B327M=GS1.1.1668376401.1.0.1668376401.0.0.0; _ga=GA1.1.1683895976.1668376402
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/png
last-modified: Mon, 22 Nov 2021 21:01:50 GMT
etag: W/"619c053e-25e6"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ogapwyqe2r
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Sun, 13 Nov 2022 21:53:23 GMT
x-served-by: cache-bma1654-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1668376403.187794,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 9704
X-Firefox-Spdy: h2

claimwell.com/wp-content/uploads/2020/10/cropped-fav-copy-32x32.png

151.101.130.159

200 OK

1.1 kB

URL HTTP/2
claimwell.com/wp-content/uploads/2020/10/cropped-fav-copy-32x32.png
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size
1.1 kB (1108 bytes)
Hash
c1c1b2b58335b19f77acca96d694e04a
5c8dc142b7c14d84d08327156571ac3ee6edfcb8
3e397180ce16774fc0a814fd3ddfadfd2875bdb0413cfdea17ae80980747687f

HTTP Headers

GET /wp-content/uploads/2020/10/cropped-fav-copy-32x32.png HTTP/1.1
Host: claimwell.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://claimwell.com/
Connection: keep-alive
Cookie: _ga_1FHZ4B327M=GS1.1.1668376401.1.0.1668376401.0.0.0; _ga=GA1.1.1683895976.1668376402
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/png
last-modified: Mon, 22 Nov 2021 21:01:48 GMT
etag: W/"619c053c-43a"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ogapwyqe2r
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Sun, 13 Nov 2022 21:53:23 GMT
x-served-by: cache-bma1654-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1668376403.187745,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 1108
X-Firefox-Spdy: h2

www.google-analytics.com/analytics.js

142.250.74.174

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1325)
Size
20 kB (20039 bytes)
Hash
47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://claimwell.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Sun, 13 Nov 2022 20:41:09 GMT
expires: Sun, 13 Nov 2022 22:41:09 GMT
cache-control: public, max-age=7200
age: 4334
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

f.vimeocdn.com/p/4.13.5/css/player.css

151.101.86.109

200 OK

21 kB

URL HTTP/2
f.vimeocdn.com/p/4.13.5/css/player.css
IP
151.101.86.109:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (65495)
Size
21 kB (20765 bytes)
Hash
a11050ea930072aae656110ff118f9e1
785248bd4ca0f74d57beaaa380dcc25d37ec3ea7
006a7da32d89a5dd2b7383c0d5c5704b3adb61ff0d94a4c951dbcfa7e1d7de8c

HTTP Headers

GET /p/4.13.5/css/player.css HTTP/1.1
Host: f.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 13 Nov 2022 21:53:23 GMT
age: 269422
x-served-by: cache-iad-kcgs7200125-IAD, cache-bma1624-BMA
x-cache: HIT, HIT
x-cache-hits: 54, 56112
x-timer: S1668376403.232066,VS0,VE0
vary: Accept-Encoding,x-http-method-override
cache-control: max-age=1209600
access-control-allow-origin: *
content-length: 20765
X-Firefox-Spdy: h2

www.gstatic.com/recaptcha/releases/jF-AgDWy8ih0GfLx4Semh9UK/recaptcha__en.js

142.250.74.163

200 OK

163 kB

URL HTTP/2
www.gstatic.com/recaptcha/releases/jF-AgDWy8ih0GfLx4Semh9UK/recaptcha__en.js
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (668)
Size
163 kB (162590 bytes)
Hash
70dc760a0efad09d703883a39f7683b2
2bc70f2a100ff27d27a89d563dfe279590c8336b
2bc59eab94309c59fba62afa40dfd841fb83760714e9ec7248ce3e10ae05fd19

HTTP Headers

GET /recaptcha/releases/jF-AgDWy8ih0GfLx4Semh9UK/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://claimwell.com
Connection: keep-alive
Referer: https://claimwell.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 162590
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 13 Nov 2022 09:37:41 GMT
expires: Mon, 13 Nov 2023 09:37:41 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 07 Nov 2022 23:32:29 GMT
content-type: text/javascript
age: 44142
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google-analytics.com/j/collect?v=1&_v=j98&aip=1&a=1196879566&t=pageview&_s=1&dl=https%3A%2F%2Fclaimwell.com%2F&ul=en-us&de=UTF-8&dt=Claimwell%20Homepage%20-%20Claimwell%20Technologies%20Inc.&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YCDACUABBAAAACAAI~&jid=280578442&gjid=1119738035&cid=1683895976.1668376402&tid=UA-207882829-1&_gid=824422944.1668376402&_r=1&gtm=2oub90&did=dZTNiMT&gdid=dZTNiMT&z=1821345513

142.250.74.174

200 OK

1 B

URL HTTP/2
www.google-analytics.com/j/collect?v=1&_v=j98&aip=1&a=1196879566&t=pageview&_s=1&dl=https%3A%2F%2Fclaimwell.com%2F&ul=en-us&de=UTF-8&dt=Claimwell%20Homepage%20-%20Claimwell%20Technologies%20Inc.&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YCDACUABBAAAACAAI~&jid=280578442&gjid=1119738035&cid=1683895976.1668376402&tid=UA-207882829-1&_gid=824422944.1668376402&_r=1&gtm=2oub90&did=dZTNiMT&gdid=dZTNiMT&z=1821345513
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

HTTP Headers

POST /j/collect?v=1&_v=j98&aip=1&a=1196879566&t=pageview&_s=1&dl=https%3A%2F%2Fclaimwell.com%2F&ul=en-us&de=UTF-8&dt=Claimwell%20Homepage%20-%20Claimwell%20Technologies%20Inc.&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YCDACUABBAAAACAAI~&jid=280578442&gjid=1119738035&cid=1683895976.1668376402&tid=UA-207882829-1&_gid=824422944.1668376402&_r=1&gtm=2oub90&did=dZTNiMT&gdid=dZTNiMT&z=1821345513 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://claimwell.com
Connection: keep-alive
Referer: https://claimwell.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: https://claimwell.com
date: Sun, 13 Nov 2022 21:53:23 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

f.vimeocdn.com/p/4.13.5/js/player.module.js

151.101.86.109

200 OK

115 kB

URL HTTP/2
f.vimeocdn.com/p/4.13.5/js/player.module.js
IP
151.101.86.109:0
ASN
#54113 FASTLY

File type
Unicode text, UTF-8 text, with very long lines (65445)
Size
115 kB (114733 bytes)
Hash
e57b36dc9ce32f4e1214ea3143670242
f37f92dc0a44270a2aa7af305b0f9f31653c770a
eba14fcc2c850bc00753e7a4c7a2a0a854e31513be1eb1db3af5ebbb3a4b9f46

HTTP Headers

GET /p/4.13.5/js/player.module.js HTTP/1.1
Host: f.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 13 Nov 2022 21:53:23 GMT
age: 269421
x-served-by: cache-iad-kcgs7200028-IAD, cache-bma1624-BMA
x-cache: HIT, HIT
x-cache-hits: 43, 41244
x-timer: S1668376403.261446,VS0,VE0
vary: Accept-Encoding,x-http-method-override
cache-control: max-age=1209600
access-control-allow-origin: *
content-length: 114733
X-Firefox-Spdy: h2

i.vimeocdn.com/video/1219014661-b59af950472ff0b4589785bb9aa42f144546b53c9f16bde5838d0dae294e03b5-d.jpg?mw=80&q=85

151.101.86.109

200 OK

1.6 kB

URL HTTP/2
i.vimeocdn.com/video/1219014661-b59af950472ff0b4589785bb9aa42f144546b53c9f16bde5838d0dae294e03b5-d.jpg?mw=80&q=85
IP
151.101.86.109:0
ASN
#54113 FASTLY

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 80x45, components 3\012- data
Size
1.6 kB (1638 bytes)
Hash
dd2e8d0bcec3ac56770f6d710ff9b0f9
ff8aa2c37f9141b48819e585ca2f6b2f1d8c3671
a934a0643457b544605ab7b7f371df5e87a0be328b424b2306c9a060e214c7a2

HTTP Headers

GET /video/1219014661-b59af950472ff0b4589785bb9aa42f144546b53c9f16bde5838d0dae294e03b5-d.jpg?mw=80&q=85 HTTP/1.1
Host: i.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
etag: dd2e8d0bcec3ac56770f6d710ff9b0f9
x-viewmaster-lossless-format: lossy
viewmaster-server: viewmaster-us-central1-17wp
cache-control: public, max-age=2592000
via: vvarnish, 1.1 varnish, 1.1 varnish
x-backend-server: varnish
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
access-control-max-age: 86400
accept-ranges: bytes
date: Sun, 13 Nov 2022 21:53:23 GMT
age: 575994
x-served-by: cache-dfw-kdfw8210053-DFW, cache-bma1624-BMA
x-cache: miss, HIT, MISS
x-cache-hits: 26, 0
x-timer: S1668376403.247069,VS0,VE120
content-length: 1638
X-Firefox-Spdy: h2

f.vimeocdn.com/p/4.13.5/js/vendor.module.js

151.101.86.109

200 OK

118 kB

URL HTTP/2
f.vimeocdn.com/p/4.13.5/js/vendor.module.js
IP
151.101.86.109:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (65457)
Size
118 kB (118007 bytes)
Hash
66bced457b2317fba8f2e87d5038d60f
faa24fe9ace29e87fa6c25de87b945567a09a373
a398b5002796714bec3f3d1e6602206b1c0697213a65fc73f5fc8ecfdd05fd92

HTTP Headers

GET /p/4.13.5/js/vendor.module.js HTTP/1.1
Host: f.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://f.vimeocdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 13 Nov 2022 21:53:23 GMT
age: 269421
x-served-by: cache-iad-kcgs7200034-IAD, cache-bma1654-BMA
x-cache: HIT, HIT
x-cache-hits: 45, 53970
x-timer: S1668376403.392486,VS0,VE0
vary: Accept-Encoding,x-http-method-override
cache-control: max-age=1209600
access-control-allow-origin: *
content-length: 118007
X-Firefox-Spdy: h2

import.themovation.com/stratus/wp-content/uploads/2019/03/Shape3.png

174.138.58.92

200 OK

13 kB

URL HTTP/1.1
import.themovation.com/stratus/wp-content/uploads/2019/03/Shape3.png
IP
174.138.58.92:0
ASN
#14061 DIGITALOCEAN-ASN

File type
PNG image data, 1662 x 582, 8-bit/color RGB, non-interlaced\012- data
Size
13 kB (13074 bytes)
Hash
a7ea4208cc8cced7ff1868df363a71bc
184bf2a31e994a655dbec8c32bc296e44707c0b0
3bdd2bc0689f4818d379dbf1f1c39ab6e63b06a935109349ba03f613465473a2

HTTP Headers

GET /stratus/wp-content/uploads/2019/03/Shape3.png HTTP/1.1
Host: import.themovation.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://claimwell.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Sun, 13 Nov 2022 21:53:23 GMT
Server: Apache/2.4.51
Last-Modified: Tue, 12 Mar 2019 18:02:24 GMT
Accept-Ranges: bytes
Content-Length: 13074
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png

f.vimeocdn.com/js_opt/modules/utils/vuid.min.js

151.101.86.109

200 OK

997 B

URL HTTP/2
f.vimeocdn.com/js_opt/modules/utils/vuid.min.js
IP
151.101.86.109:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (1839)
Size
997 B (997 bytes)
Hash
3d2ec727486c897591d751098283c68f
7b2b2e59063caf74de6bf2c96bffb68b748f257d
10c72391adec6fe62bb10a273adff205864ceafcc63c664bcc4eb7902481ba8b

HTTP Headers

GET /js_opt/modules/utils/vuid.min.js HTTP/1.1
Host: f.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
cache-control: public, max-age=2592000
timing-allow-origin: *
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 13 Nov 2022 21:53:23 GMT
age: 2176565
x-served-by: cache-iad-kiad7000106-IAD, cache-bma1624-BMA
x-cache: HIT, HIT
x-cache-hits: 139, 184180
x-timer: S1668376404.561639,VS0,VE0
vary: Accept-Encoding,x-http-method-override
content-length: 997
X-Firefox-Spdy: h2

i.vimeocdn.com/video/1219014661-b59af950472ff0b4589785bb9aa42f144546b53c9f16bde5838d0dae294e03b5-d?mw=500&mh=281

151.101.86.109

200 OK

12 kB

URL HTTP/2
i.vimeocdn.com/video/1219014661-b59af950472ff0b4589785bb9aa42f144546b53c9f16bde5838d0dae294e03b5-d?mw=500&mh=281
IP
151.101.86.109:0
ASN
#54113 FASTLY

File type
ISO Media, AVIF Image\012- data
Size
12 kB (11973 bytes)
Hash
7007955eb22828b5126be01fffd19ba4
25e67bf0782ac508ab96eda33f92ead55a8d16b5
5a1603bf43f004a9363669f296ad4b5a29b95c0b6c7e7300de39a53c54726eed

HTTP Headers

GET /video/1219014661-b59af950472ff0b4589785bb9aa42f144546b53c9f16bde5838d0dae294e03b5-d?mw=500&mh=281 HTTP/1.1
Host: i.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/avif
etag: 7007955eb22828b5126be01fffd19ba4
x-viewmaster-lossless-format: automatic
viewmaster-server: viewmaster-us-central1-x3mk
cache-control: public, max-age=2592000
via: vvarnish, 1.1 varnish, 1.1 varnish
x-backend-server: varnish
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
access-control-max-age: 86400
accept-ranges: bytes
date: Sun, 13 Nov 2022 21:53:23 GMT
age: 423019
x-served-by: cache-dfw-kdfw8210049-DFW, cache-bma1624-BMA
x-cache: miss, HIT, MISS
x-cache-hits: 4, 0
x-timer: S1668376404.574192,VS0,VE123
vary: Accept
content-length: 11973
X-Firefox-Spdy: h2

region1.google-analytics.com/g/collect?v=2&tid=G-1FHZ4B327M&gtm=2oeb90&_p=1196879566&gdid=dZTNiMT&cid=1683895976.1668376402&ul=en-us&sr=1280x1024&_s=1&sid=1668376401&sct=1&seg=0&dl=https%3A%2F%2Fclaimwell.com%2F&dt=Claimwell%20Homepage%20-%20Claimwell%20Technologies%20Inc.&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1

216.239.32.36

204 No Content

0 B

URL HTTP/2
region1.google-analytics.com/g/collect?v=2&tid=G-1FHZ4B327M&gtm=2oeb90&_p=1196879566&gdid=dZTNiMT&cid=1683895976.1668376402&ul=en-us&sr=1280x1024&_s=1&sid=1668376401&sct=1&seg=0&dl=https%3A%2F%2Fclaimwell.com%2F&dt=Claimwell%20Homepage%20-%20Claimwell%20Technologies%20Inc.&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP
216.239.32.36:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-1FHZ4B327M&gtm=2oeb90&_p=1196879566&gdid=dZTNiMT&cid=1683895976.1668376402&ul=en-us&sr=1280x1024&_s=1&sid=1668376401&sct=1&seg=0&dl=https%3A%2F%2Fclaimwell.com%2F&dt=Claimwell%20Homepage%20-%20Claimwell%20Technologies%20Inc.&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://claimwell.com
Connection: keep-alive
Referer: https://claimwell.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://claimwell.com
date: Sun, 13 Nov 2022 21:53:23 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1d4/QNGijQL5IyE

142.250.74.35

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4/QNGijQL5IyE
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
23a77d15bfbd798115a215f6c306fd1c
49c944db5d3e2cba3f945bf0688c35338cea5f90
084f7faacf892157f23b229692ef2df5c10326b35bb1dd1d378c96369411e25e

HTTP Headers

POST /s/gts1d4/QNGijQL5IyE HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 13 Nov 2022 21:53:24 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/s/gts1d4/QNGijQL5IyE

142.250.74.35

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4/QNGijQL5IyE
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
23a77d15bfbd798115a215f6c306fd1c
49c944db5d3e2cba3f945bf0688c35338cea5f90
084f7faacf892157f23b229692ef2df5c10326b35bb1dd1d378c96369411e25e

HTTP Headers

POST /s/gts1d4/QNGijQL5IyE HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 13 Nov 2022 21:53:24 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fresnel.vimeocdn.com/add/player-test-impression?beacon=1

34.120.202.204

200 OK

0 B

URL HTTP/2
fresnel.vimeocdn.com/add/player-test-impression?beacon=1
IP
34.120.202.204:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /add/player-test-impression?beacon=1 HTTP/1.1
Host: fresnel.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 116
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-origin: https://player.vimeo.com
date: Sun, 13 Nov 2022 21:53:24 GMT
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=0c48e262cd450d7f0f4b54409b8279ea32bd02fa1668376403

34.120.202.204

200 OK

0 B

URL HTTP/2
fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=0c48e262cd450d7f0f4b54409b8279ea32bd02fa1668376403
IP
34.120.202.204:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /add/player-stats?beacon=1&session-id=0c48e262cd450d7f0f4b54409b8279ea32bd02fa1668376403 HTTP/1.1
Host: fresnel.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1423
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-origin: https://player.vimeo.com
date: Sun, 13 Nov 2022 21:53:24 GMT
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1d4/QNGijQL5IyE

142.250.74.35

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4/QNGijQL5IyE
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
23a77d15bfbd798115a215f6c306fd1c
49c944db5d3e2cba3f945bf0688c35338cea5f90
084f7faacf892157f23b229692ef2df5c10326b35bb1dd1d378c96369411e25e

HTTP Headers

POST /s/gts1d4/QNGijQL5IyE HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 13 Nov 2022 21:53:24 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.googleapis.com/css?family=Raleway%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CMontserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.0.3

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Raleway%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CMontserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.0.3
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Raleway%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CMontserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.0.3 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://claimwell.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 13 Nov 2022 21:53:22 GMT
date: Sun, 13 Nov 2022 21:53:22 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

claimwell.com/wp-content/uploads/2020/12/Claimwell-Logo-Transparent-Large-1.png

151.101.130.159

200 OK

0 B

URL HTTP/2
claimwell.com/wp-content/uploads/2020/12/Claimwell-Logo-Transparent-Large-1.png
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-content/uploads/2020/12/Claimwell-Logo-Transparent-Large-1.png HTTP/1.1
Host: claimwell.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://claimwell.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/png
last-modified: Mon, 22 Nov 2021 21:02:00 GMT
etag: W/"619c0548-1bcee"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: ogapwyqe2r
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Sun, 13 Nov 2022 21:53:22 GMT
x-served-by: cache-bma1654-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1668376402.270618,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 104230
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (54)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations