Overview

URLmamedov.nl/
IP 67.227.213.69 (United States)
ASN#32244 LIQUIDWEB
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-11-25 23:18:04 UTC
StatusLoading report..
IDS alerts0
Blocklist alert14
urlquery alerts No alerts detected
Tags None

Domain Summary (11)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
ocsp.digicert.com (2) 86 No data No data 93.184.220.29
push.services.mozilla.com (1) 2140 No data No data 52.41.253.170
fonts.gstatic.com (2) 0 No data No data 216.58.207.195 Domain (gstatic.com) ranked at: 540
fonts.googleapis.com (2) 8877 No data No data 142.250.74.10
img-getpocket.cdn.mozilla.net (6) 1631 No data No data 34.120.237.76
r3.o.lencr.org (7) 344 No data No data 23.36.77.32
firefox.settings.services.mozilla.com (2) 867 No data No data 34.102.187.140
content-signature-2.cdn.mozilla.net (1) 1152 No data No data 34.160.144.191
contile.services.mozilla.com (1) 1114 No data No data 34.117.237.239
mamedov.nl (20) 0 No data No data 67.227.213.69 Unknown ranking
ocsp.pki.goog (7) 175 No data No data 142.250.74.3

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-11-25 2 mamedov.nl/ Phishing
2022-11-25 2 mamedov.nl/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ve (...) Phishing
2022-11-25 2 mamedov.nl/wp-content/uploads/elementor/css/post-8.css?ver=1656411262 Phishing
2022-11-25 2 mamedov.nl/wp-content/uploads/blocksy/css/global.css?ver=05024 Phishing
2022-11-25 2 mamedov.nl/wp-includes/css/classic-themes.min.css?ver=1 Phishing
2022-11-25 2 mamedov.nl/wp-content/uploads/elementor/css/post-35.css?ver=1656408966 Phishing
2022-11-25 2 mamedov.nl/ Phishing
2022-11-25 2 mamedov.nl/wp-content/themes/blocksy/static/bundle/page-title.min.css?ver=1.8.38 Phishing
2022-11-25 2 mamedov.nl/wp-content/themes/blocksy/static/bundle/main.min.css?ver=1.8.38 Phishing
2022-11-25 2 mamedov.nl/wp-includes/js/jquery/jquery.min.js?ver=3.6.1 Phishing
2022-11-25 2 mamedov.nl/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 Phishing
2022-11-25 2 mamedov.nl/wp-content/themes/blocksy/static/bundle/main.js?ver=1.8.38 Phishing
2022-11-25 2 mamedov.nl/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ve (...) Phishing
2022-11-25 2 mamedov.nl/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?v (...) Phishing

mnemonic secure dns
 No alerts detected

Quad9 DNS
 No alerts detected


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 2 reports on IP: 67.227.213.69
Date UQ / IDS / BL URL IP
2022-11-25 23:18:04 +0000 0 - 0 - 14 mamedov.nl/ 67.227.213.69
2022-11-25 22:03:56 +0000 0 - 0 - 15 mamedov.nl/ 67.227.213.69


Last 5 reports on ASN: LIQUIDWEB
Date UQ / IDS / BL URL IP
2023-02-07 08:21:40 +0000 0 - 5 - 0 www.survival.life/ 67.225.195.92
2023-02-07 07:24:35 +0000 0 - 0 - 1 v4.hp1001.com/html/4_6115.html 72.52.179.174
2023-02-07 07:21:36 +0000 0 - 0 - 2 hincllc.com/wp-admin/network/RE0652E/netcor/2 (...) 67.225.143.167
2023-02-07 05:58:08 +0000 0 - 0 - 2 granplastic.com.mx/ 67.227.206.106
2023-02-07 04:05:24 +0000 0 - 3 - 0 insure.integrityfirstins.biz/ 69.167.169.59


Last 2 reports on domain: mamedov.nl
Date UQ / IDS / BL URL IP
2022-11-25 23:18:04 +0000 0 - 0 - 14 mamedov.nl/ 67.227.213.69
2022-11-25 22:03:56 +0000 0 - 0 - 15 mamedov.nl/ 67.227.213.69


Last 1 reports with similar screenshot
Date UQ / IDS / BL URL IP
2022-11-25 22:03:56 +0000 0 - 0 - 15 mamedov.nl/ 67.227.213.69

JavaScript

Executed Scripts (11)

Executed Evals (0)

Executed Writes (0)


HTTP Transactions (51)


Request Response
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "12AF026999398F4976749E320667D43DA3F99B7A2E8254ACA7A410A964A106AA"
Last-Modified: Thu, 24 Nov 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4836
Expires: Sat, 26 Nov 2022 00:38:29 GMT
Date: Fri, 25 Nov 2022 23:17:53 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2695
Cache-Control: max-age=129496
Date: Fri, 25 Nov 2022 23:17:53 GMT
Etag: "63809972-1d7"
Expires: Sun, 27 Nov 2022 11:16:09 GMT
Last-Modified: Fri, 25 Nov 2022 10:31:14 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "141AC47ACC3800E5D35A82012FA4B044277ABAD3A95DC24415F66FB72C972AE6"
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8110
Expires: Sat, 26 Nov 2022 01:33:03 GMT
Date: Fri, 25 Nov 2022 23:17:53 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Alert, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 25 Nov 2022 22:19:10 GMT
cache-control: public,max-age=3600
age: 3523
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    4d7e4eed097b9c4e5d509419f1cfc85a
Sha1:   290bb3d428a7c6330e2e3d73a952b16f820896c8
Sha256: 0dc9ca0f57af15adcd416035e92794711434e3d53a1feff21d8481d6d500986c
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: XAcTDmZtXWn8nWqXAZTjPbgTvYSulrnb/5lCpFD2+AcB7gSwzsToZgFdiupSxfHqlTlO92zsVpY=
x-amz-request-id: S0ZG66PY7PEM2MTQ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 25 Nov 2022 22:40:58 GMT
age: 2215
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    9ebddc2b260d081ebbefee47c037cb28
Sha1:   492bad62a7ca6a74738921ef5ae6f0be5edebf39
Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Fri, 25 Nov 2022 23:17:53 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET / HTTP/1.1 
Host: mamedov.nl
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         67.227.213.69
HTTP/1.1 301 Moved Permanently
content-type: text/html; charset=UTF-8
                                        
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.32
x-redirect-by: WordPress
location: https://mamedov.nl/
content-length: 0
date: Fri, 25 Nov 2022 23:17:53 GMT
server: LiteSpeed


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Alert, Content-Type, ETag, Retry-After, Last-Modified, Content-Length, Cache-Control, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 25 Nov 2022 23:08:53 GMT
cache-control: public,max-age=3600
age: 541
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1990
Cache-Control: max-age=123727
Date: Fri, 25 Nov 2022 23:17:54 GMT
Etag: "638085ab-1d7"
Expires: Sun, 27 Nov 2022 09:40:01 GMT
Last-Modified: Fri, 25 Nov 2022 09:06:51 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: JSxRtC+zmhc96FS9r/O8Ig==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         52.41.253.170
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 0E15OfbG670uXC3wVEjPUPPNlv4=

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 25 Nov 2022 23:17:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 25 Nov 2022 23:17:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.6.6 HTTP/1.1 
Host: mamedov.nl
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mamedov.nl/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         67.227.213.69
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 23:17:54 GMT
last-modified: Tue, 28 Jun 2022 08:15:31 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 12889
date: Fri, 25 Nov 2022 23:17:54 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65497)
Size:   12889
Md5:    12472e4d8f981d7b0c966d72826a5cdb
Sha1:   967d69a04318dbfb3acfe78e638666bc7ed9cb02
Sha256: 57c324be266eb7661a52f330cf0737775f4b7567b169d8e98bd780ed9bc9b68a

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 25 Nov 2022 23:17:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1 
Host: mamedov.nl
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mamedov.nl/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         67.227.213.69
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 23:17:54 GMT
last-modified: Tue, 15 Nov 2022 22:19:31 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11616
date: Fri, 25 Nov 2022 23:17:54 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (47826)
Size:   11616
Md5:    c4d7cc056b49b00e05cc29cc59aa3d5a
Sha1:   48c426bec60099d2a8628df430ed682c72aab42a
Sha256: 8009c12f2674a8d38401f4b5faad1fef2cfcd18a8c927ed2561ae9d7de9b57b5
                                        
                                            GET /wp-content/uploads/elementor/css/post-8.css?ver=1656411262 HTTP/1.1 
Host: mamedov.nl
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mamedov.nl/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         67.227.213.69
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 23:17:54 GMT
last-modified: Tue, 28 Jun 2022 10:14:22 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 460
date: Fri, 25 Nov 2022 23:17:54 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1889), with no line terminators
Size:   460
Md5:    75d8eca0f0ee58a487d680b98432767a
Sha1:   adb2fccf37a2f7586dba12b936096389d8eae9f8
Sha256: a9786d03c109b9c50484ba5efb951d8b5e916278573350cbf060e5c5bf04090a

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/uploads/blocksy/css/global.css?ver=05024 HTTP/1.1 
Host: mamedov.nl
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mamedov.nl/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         67.227.213.69
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 23:17:54 GMT
last-modified: Tue, 28 Jun 2022 08:30:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1774
date: Fri, 25 Nov 2022 23:17:54 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (9751), with no line terminators
Size:   1774
Md5:    478cb7ff0bac5c506ab24d0301f9ca6c
Sha1:   b0e5251ad82422f2f40615bdb84db0d94621610d
Sha256: b6752cb6fb7899368842b11ffbc89537f2a58215001074f751762b59c16b84b4

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1 
Host: mamedov.nl
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mamedov.nl/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         67.227.213.69
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 23:17:54 GMT
last-modified: Wed, 02 Nov 2022 10:51:58 GMT
accept-ranges: bytes
content-length: 217
date: Fri, 25 Nov 2022 23:17:54 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   217
Md5:    95e891f28e44a9b314c09545d86be2b7
Sha1:   f9b13a8bd47273b086a0a07df15f314e0af0bc3e
Sha256: 5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/uploads/elementor/css/post-35.css?ver=1656408966 HTTP/1.1 
Host: mamedov.nl
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mamedov.nl/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         67.227.213.69
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 23:17:54 GMT
last-modified: Tue, 28 Jun 2022 09:36:06 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 342
date: Fri, 25 Nov 2022 23:17:54 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1491), with no line terminators
Size:   342
Md5:    c734ed713bd1861a2a39696bec31bbe0
Sha1:   75777117b49aa4c1c4101c9163c0f816b3b88d9d
Sha256: 3e6128cbe758c92ef7ed8f41262f3cdce245970a384e4c88ce0789abeee0918a

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET / HTTP/1.1 
Host: mamedov.nl
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         67.227.213.69
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
x-powered-by: PHP/7.4.32
link: <https://mamedov.nl/wp-json/>; rel="https://api.w.org/", <https://mamedov.nl/wp-json/wp/v2/pages/8>; rel="alternate"; type="application/json", <https://mamedov.nl/>; rel=shortlink
content-encoding: br
vary: Accept-Encoding
date: Fri, 25 Nov 2022 23:17:54 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (14171)
Size:   12316
Md5:    38fffd0411de259afd26879bf83db9ac
Sha1:   1b2a9693e17d810b2d9a8ad7928ae29faae9316f
Sha256: e6ecd72033b48b8f2bddec08a1ddc5cb1c78cb8fa9c96bbc3114673ce5b044aa

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/blocksy/static/bundle/page-title.min.css?ver=1.8.38 HTTP/1.1 
Host: mamedov.nl
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mamedov.nl/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         67.227.213.69
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 23:17:54 GMT
last-modified: Mon, 27 Jun 2022 21:25:36 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 517
date: Fri, 25 Nov 2022 23:17:54 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   517
Md5:    e201422df851d9cfd91e1aa385655767
Sha1:   1834a3df7abba893b27d7add96b5dcf2c362e020
Sha256: 0a3bcce7abd0350bcd030a3025badf3aac642614234d053873450661d37e934d

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/blocksy/static/bundle/main.min.css?ver=1.8.38 HTTP/1.1 
Host: mamedov.nl
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mamedov.nl/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         67.227.213.69
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 23:17:54 GMT
last-modified: Mon, 27 Jun 2022 21:25:37 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 17420
date: Fri, 25 Nov 2022 23:17:54 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (895)
Size:   17420
Md5:    eabb70f2b144b48d475a98dccc9127ac
Sha1:   c9ee1f22ac8379951abaa806536872188b5a775b
Sha256: 7460d5bc87742dc67b6e8b89cec48ee304539e36b80587bb0b7c16837fa43cfa

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/blocksy/static/bundle/elementor-frontend.min.css?ver=1.8.38 HTTP/1.1 
Host: mamedov.nl
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mamedov.nl/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         67.227.213.69
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 23:17:54 GMT
last-modified: Mon, 27 Jun 2022 21:25:36 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 450
date: Fri, 25 Nov 2022 23:17:54 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   450
Md5:    b18e63aa2d498236bf00ae6858a2a72a
Sha1:   c00213be83cbae255833cbae743dfd6a374b9b58
Sha256: d7a67968e69946d2f72f427abf889d9f0f550345b9db8be7b421227bb0a61662
                                        
                                            GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1 
Host: mamedov.nl
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mamedov.nl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         67.227.213.69
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 23:17:55 GMT
last-modified: Wed, 02 Nov 2022 10:51:59 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 30324
date: Fri, 25 Nov 2022 23:17:55 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65447)
Size:   30324
Md5:    3a1740685bd5c0bbd5f2b812e1eb7fb4
Sha1:   488e07695da787fed18361c50292aef35abb5e81
Sha256: 4a07aed2d8cf88afdec0b56b365b951c76d387db3459166b5a0d25e2e6cc95ef

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1 
Host: mamedov.nl
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mamedov.nl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         67.227.213.69
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 23:17:55 GMT
last-modified: Wed, 18 Nov 2020 19:36:06 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3995
date: Fri, 25 Nov 2022 23:17:55 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (11126)
Size:   3995
Md5:    7e058b51f939eacfa31cdface14dded5
Sha1:   9d732e5afdeb42edef9e1b9631b7e95e054787cc
Sha256: 4ece5b00423755d8f4121ce382c8ea4dc44c241f28f150abe19caa85d0b0acc1

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2 HTTP/1.1 
Host: mamedov.nl
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mamedov.nl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         67.227.213.69
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 23:17:55 GMT
last-modified: Tue, 28 Jun 2022 08:15:29 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2867
date: Fri, 25 Nov 2022 23:17:55 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (12198), with no line terminators
Size:   2867
Md5:    869caa171b68cbec9fee5abbfb944ee8
Sha1:   f237e485e41f88b77384cfdb880f9d5a8f46eac8
Sha256: 25c2896e2790fb0e52f6b6ba1ce97bd87eb40463b4bb65ba16ad434c1d7a36dc
                                        
                                            GET /wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.6.6 HTTP/1.1 
Host: mamedov.nl
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mamedov.nl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         67.227.213.69
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 23:17:55 GMT
last-modified: Tue, 28 Jun 2022 08:15:32 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 10642
date: Fri, 25 Nov 2022 23:17:55 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (37702)
Size:   10642
Md5:    7d9f6cc269abf27b9805042fb8bc70b5
Sha1:   0370b61e4162fe00bc07603437a49ab0a3f31005
Sha256: dc1b7dfbf1113a7e6744b1708f03fea7a2f93a213dceb655e9bca756f4cca80a
                                        
                                            GET /wp-content/themes/blocksy/static/bundle/main.js?ver=1.8.38 HTTP/1.1 
Host: mamedov.nl
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mamedov.nl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         67.227.213.69
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 23:17:55 GMT
last-modified: Mon, 27 Jun 2022 21:25:37 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 8627
date: Fri, 25 Nov 2022 23:17:55 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32872)
Size:   8627
Md5:    0b7bba1a7930ca8fb2e886ae6b3f94e0
Sha1:   d6ad4b9fd7f6290e1dce4f33eab20744220b343a
Sha256: 130a01bbd1036fc53ceb20c72d12278427e6b78c7bac3f5a52fef04721646db7

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.6.6 HTTP/1.1 
Host: mamedov.nl
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mamedov.nl/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         67.227.213.69
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 23:17:55 GMT
last-modified: Tue, 28 Jun 2022 08:15:30 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2442
date: Fri, 25 Nov 2022 23:17:55 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (10019)
Size:   2442
Md5:    d2db71c82a8f672aea59a3e050cd8cd7
Sha1:   af626566f94b3164e4310288cfb142431e8349a6
Sha256: bcd2c9c2ba22a48a8fabf9fbe5e947deb6404367e4be24f48326e302aead1180
                                        
                                            GET /wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.6.6 HTTP/1.1 
Host: mamedov.nl
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mamedov.nl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         67.227.213.69
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 23:17:55 GMT
last-modified: Tue, 28 Jun 2022 08:15:31 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2049
date: Fri, 25 Nov 2022 23:17:55 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (4921)
Size:   2049
Md5:    b538fb6a4bf7d3d56ad166122bd43fe0
Sha1:   eb6ca876c092a622f77a8313bdb7e3092bc52b7b
Sha256: f8dd526f64d260d589c9d55f7c0901c3c0578762331b62da4506dff2446590fa

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.2 HTTP/1.1 
Host: mamedov.nl
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mamedov.nl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         67.227.213.69
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 23:17:55 GMT
last-modified: Wed, 02 Nov 2022 10:51:59 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6800
date: Fri, 25 Nov 2022 23:17:55 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (8189)
Size:   6800
Md5:    3d0ff0f6731d9cef860af9a5a0e3ce62
Sha1:   13aed444304d782039e261475c8b4450b83e743e
Sha256: e8d05db77732c71843ced6f386ea82eb32243ac36e7ca3e071cb7f53e2ffbce5
                                        
                                            GET /wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.6.6 HTTP/1.1 
Host: mamedov.nl
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mamedov.nl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         67.227.213.69
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 23:17:55 GMT
last-modified: Tue, 28 Jun 2022 08:15:31 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4448
date: Fri, 25 Nov 2022 23:17:55 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (14238)
Size:   4448
Md5:    5c8e9f1dadbcbdfe99de791286ceba5e
Sha1:   058ed312cdf0051fc50e139a7f67ce8814857c15
Sha256: abc0d9837c5ff928006e039c47938cb700b739832634a458a2d12ed24446e251

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 25 Nov 2022 23:17:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 25 Nov 2022 23:17:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 25 Nov 2022 23:17:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/nunito/v25/XRXV3I6Li01BKofINeaB.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mamedov.nl
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 35904
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 21 Nov 2022 21:11:06 GMT
expires: Tue, 21 Nov 2023 21:11:06 GMT
cache-control: public, max-age=31536000
age: 353209
last-modified: Mon, 18 Jul 2022 19:34:47 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 35904, version 1.0\012- data
Size:   35904
Md5:    c26b97e7f5bb7a34d190703522d75e16
Sha1:   69d9e5aea0544dbaf9b78c1b65139c03eceece8f
Sha256: 96217f1d27fb909f92b4a6b35a0d3d6775f2f0b4d136d27aee88547d3ed87357
                                        
                                            GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mamedov.nl
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 05:42:51 GMT
expires: Fri, 24 Nov 2023 05:42:51 GMT
cache-control: public, max-age=31536000
age: 149704
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Size:   44856
Md5:    565ce506190ad3af920b40baf1794cec
Sha1:   ad3cba5d06100e09449a864d3b5e58403b478b3d
Sha256: 8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 25 Nov 2022 23:17:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12092
Expires: Sat, 26 Nov 2022 02:39:28 GMT
Date: Fri, 25 Nov 2022 23:17:56 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12092
Expires: Sat, 26 Nov 2022 02:39:28 GMT
Date: Fri, 25 Nov 2022 23:17:56 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12092
Expires: Sat, 26 Nov 2022 02:39:28 GMT
Date: Fri, 25 Nov 2022 23:17:56 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12092
Expires: Sat, 26 Nov 2022 02:39:28 GMT
Date: Fri, 25 Nov 2022 23:17:56 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12092
Expires: Sat, 26 Nov 2022 02:39:28 GMT
Date: Fri, 25 Nov 2022 23:17:56 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb7c216e6-fb54-4285-8656-a1e15990a37a.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8078
x-amzn-requestid: e199b062-09f2-46b8-a8ee-6d7b782f7359
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLVC7GT2oAMF5XA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63813545-485ea8fd3e785be748834efd;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:36:05 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: yJdSAEHw1AFVsBFBSX5G6rqED3Kpi_P69vtTrVVE1vFDtl3XMsyJ4g==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 22:31:51 GMT
age: 2765
etag: "bd3027af47f20f4bb9ac36cd9e4493e28e6b041c"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8078
Md5:    70fae9ac56bb7676177d4252757f0180
Sha1:   bd3027af47f20f4bb9ac36cd9e4493e28e6b041c
Sha256: 1378749f1b28b6c56b8e76418fc5dd59cf608a4e64c1e1067b4f19df10233afc
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc791f23-9e0d-4ffd-991b-9c697774e053.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 14128
x-amzn-requestid: ac7d027c-55fe-479d-a5ca-baa09eabebea
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLUgEEXSIAMFzmA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63813466-061f1c9c36d007347d0c1302;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:32:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: VBKkrmELCAhKQjBs5fb1udGUtrFAXF2_ifrzd8lTnmDTkdhO6d7clw==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 22:07:00 GMT
etag: "ab196fcf5ef72cd13d1f8f370039258b963834ba"
age: 4256
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   14128
Md5:    e0174b63e0e8e8184799bedd77c7ca5f
Sha1:   ab196fcf5ef72cd13d1f8f370039258b963834ba
Sha256: ffb99678ae74f059a66aaf5097b1c4b659519012f137b40a644ded7a3c524623
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4309
x-amzn-requestid: a22b4d7e-e208-4bda-81c2-d13e6463380e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: blE0hGNioAMF_Tg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6371e81c-1b13846866f56a0e47675e56;Sampled=0
x-amzn-remapped-date: Mon, 14 Nov 2022 07:02:52 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 0sYKpJWi2Tv9Atz3PYXm5j7kmncAOxjcLcK4hgAkJ5b4pNMDmjdB6g==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 04:38:44 GMT
age: 67152
etag: "126771b86638108050cf57c0d12faa27f80f0edb"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4309
Md5:    841a4b110022a99ddea6f7bf66df0fa1
Sha1:   126771b86638108050cf57c0d12faa27f80f0edb
Sha256: 240fbffc1f9104433297d3ff7afba2d0b58d7f1b13d9a9260a1bad25216665db
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f5318cc-4728-4160-afd1-9d20b79b7de9.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9914
x-amzn-requestid: 4db4ed29-20b4-4ca7-8835-2463d0989d5b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLVVFHQYIAMFc4Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638135b9-613da006118724124e345b29;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:38:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: qKxrYxVsJWOXAbrn6IpwLycF3rknFLkQeDyKOLq5WyflvTLeUjg_Lg==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 22:18:42 GMT
age: 3554
etag: "47fac81a2dd809df5c42ca1362f71d553572d2b1"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9914
Md5:    3b1c6878914466cfece680fa7cb73502
Sha1:   47fac81a2dd809df5c42ca1362f71d553572d2b1
Sha256: 6458883dfa2bdfd483e92e5f847a229508ef00ce1dbd11f49eec369d0bd3160a
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fab1c6bf9-39a7-42ca-a718-a572401add09.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6382
x-amzn-requestid: e1e4c180-7f90-4d4b-a5f4-094e5f542a18
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLacUFC4oAMFayA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63813de8-09efee9d0604d16c61e3d452;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 22:12:56 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: SR2His1pCOwZHi7bBtnG8QeCtZQsCMeJxs-UCpd79SK_77eM5fWeog==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 22:17:47 GMT
age: 3609
etag: "3e9004d90ed72f3034eae5cddd476eb50ac63ea6"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6382
Md5:    b72976b3f013ace345c85b0bdfea5f76
Sha1:   3e9004d90ed72f3034eae5cddd476eb50ac63ea6
Sha256: 068a487b9ae3d7461ef16e04cee8802a7b76a2bce19bf66df48b2b1cdb0c772c
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4ac95573-22e8-41b4-a5f2-d8adbaff2829.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 2944
x-amzn-requestid: 8f1b2573-39ab-442e-8c6e-97538a28aba0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLWXXEjJIAMFu1Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63813762-52f27ff536b0c3b84bdfba8e;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:45:06 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 9hy8v_azPZzuVRv1VN61DoNWbfA83JPs4JcZfRyLo3j6HCtWv_gkNw==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 22:03:27 GMT
age: 4469
etag: "139f48ea60880efc6d2977f4d3141809f22adfef"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   2944
Md5:    5c135ab961de12d926b94f9abae8adbe
Sha1:   139f48ea60880efc6d2977f4d3141809f22adfef
Sha256: 1578a994e7c4eef451f1c744116caa95e1aa995c4817a13832f1ac3487cea95d
                                        
                                            GET /css?family=Open+Sans%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CNunito%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.1.1 HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mamedov.nl/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 25 Nov 2022 23:17:54 GMT
date: Fri, 25 Nov 2022 23:17:54 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /css2?family=Nunito:wght@600&display=swap HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mamedov.nl/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 25 Nov 2022 23:17:54 GMT
date: Fri, 25 Nov 2022 23:17:54 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---