Overview

URL jammennaps.com/land?c=SF6sR9SSZ7-RjR0U8KagBAxhJ9U=&cnv_id=147f3575415c9df7ffa3e8df0e847693&placement=8c5b7cbaa2f6df4ad406189441ae89e0&campaign=647725
IP104.21.46.108
ASNCLOUDFLARENET
Location
Report completed2022-09-18 15:12:40 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter  No alerts detected
mnemonic secure dns  No alerts detected
Quad9 DNS
Scan Date Severity Indicator Comment
2022-09-18 2 fatededers.com Sinkholed
2022-09-18 2 fatededers.com Sinkholed
2022-09-18 2 fatededers.com Sinkholed
2022-09-18 2 fatededers.com Sinkholed
2022-09-18 2 fatededers.com Sinkholed
2022-09-18 2 fatededers.com Sinkholed


Files

No files detected



Passive DNS (16)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS jammennaps.com (6) 0 2022-09-07 13:01:15 UTC 2022-09-18 14:08:10 UTC 172.67.138.56 Unknown ranking
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-18 06:05:25 UTC 143.204.55.25
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-18 04:48:15 UTC 34.117.237.239
mnemonic passive DNS ocsp.pki.goog (7) 175 2017-06-14 07:23:31 UTC 2022-09-18 04:51:37 UTC 142.250.74.3
mnemonic passive DNS fonts.googleapis.com (2) 8877 2014-07-21 13:19:55 UTC 2022-09-18 12:17:51 UTC 142.250.74.10
mnemonic passive DNS ocsp.digicert.com (1) 86 2012-05-21 07:02:23 UTC 2022-09-18 11:46:24 UTC 93.184.220.29
mnemonic passive DNS tartator.com (4) 0 2022-05-09 13:49:00 UTC 2022-09-18 11:35:48 UTC 178.162.196.156 Unknown ranking
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-18 06:05:26 UTC 35.165.143.157
mnemonic passive DNS r3.o.lencr.org (5) 344 2020-12-02 08:52:13 UTC 2022-09-18 05:00:37 UTC 23.36.77.32
mnemonic passive DNS cdnjs.cloudflare.com (3) 235 2020-10-20 10:17:36 UTC 2022-09-18 11:52:05 UTC 104.17.25.14
mnemonic passive DNS zerossl.ocsp.sectigo.com (2) 4049 2020-05-09 19:05:29 UTC 2022-09-18 06:43:16 UTC 104.18.32.68
mnemonic passive DNS translate.google.com (1) 1156 2012-05-30 01:30:32 UTC 2022-09-18 07:05:12 UTC 142.250.74.46
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-05-27 20:08:30 UTC 2022-09-18 12:39:06 UTC 143.204.55.35
mnemonic passive DNS fatededers.com (6) 0 2022-07-05 09:19:50 UTC 2022-09-14 00:53:00 UTC 54.164.227.218 Unknown ranking
mnemonic passive DNS fonts.gstatic.com (1) 0 2014-08-29 13:43:22 UTC 2022-09-18 04:47:09 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-09-18 04:20:51 UTC 34.120.237.76


Recent reports on same IP/ASN/Domain/Screenshot

Last 2 reports on IP: 104.21.46.108

Date UQ / IDS / BL URL IP
2022-10-26 21:12:00 +0000
0 - 0 - 1 izjec2.jammennaps.com/land?c=DHU7EXg3rvaMPk2k (...) 104.21.46.108
2022-09-18 15:12:40 +0000
0 - 0 - 6 jammennaps.com/land?c=SF6sR9SSZ7-RjR0U8KagBAx (...) 104.21.46.108

Last 5 reports on ASN: CLOUDFLARENET

Date UQ / IDS / BL URL IP
2022-11-29 00:43:30 +0000
0 - 0 - 2 flinisprewinclamkid.tk/bpegstar/mel/index.php 104.21.17.85
2022-11-29 00:42:27 +0000
0 - 0 - 1 cdn.discordapp.com/attachments/91751922024855 (...) 162.159.133.233
2022-11-29 00:41:56 +0000
1 - 0 - 1 steamconnmuity.com/profiles/76561197960289972 104.21.25.117
2022-11-29 00:42:02 +0000
0 - 0 - 0 rxbkkdj.in/o75mzu 172.67.186.150
2022-11-29 00:38:28 +0000
0 - 0 - 17 vk.sv/ISfxSu 172.67.171.70

Last 2 reports on domain: jammennaps.com

Date UQ / IDS / BL URL IP
2022-10-26 21:12:00 +0000
0 - 0 - 1 izjec2.jammennaps.com/land?c=DHU7EXg3rvaMPk2k (...) 104.21.46.108
2022-09-18 15:12:40 +0000
0 - 0 - 6 jammennaps.com/land?c=SF6sR9SSZ7-RjR0U8KagBAx (...) 104.21.46.108

Last 5 reports with similar screenshot

Date UQ / IDS / BL URL IP
2022-10-26 21:12:00 +0000
0 - 0 - 1 izjec2.jammennaps.com/land?c=DHU7EXg3rvaMPk2k (...) 104.21.46.108
2022-09-21 04:40:00 +0000
0 - 0 - 6 myrosticary.com/land?c=LApDwnDcbJHPwouPhdyzv9 (...) 104.21.55.177
2022-09-20 23:20:14 +0000
0 - 0 - 8 guroshied.com/land?c=1hx012d_1v9TdH_aaEe_7Gwe (...) 172.67.221.233
2022-09-07 22:50:55 +0000
0 - 0 - 8 guroshied.com/land?c=1hx012d_1v9TdH_aaEe_7Gwe (...) 172.67.221.233
2022-09-02 07:56:08 +0000
0 - 0 - 8 updates-center.com/land?c=-rhG3YR1wiS5Sq8XyyK (...) 104.21.34.136


JavaScript

Executed Scripts (7)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (49)


Request Response
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.35
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 18 Sep 2022 15:12:13 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ticO64JowCKh-uI4PaLjvFIePKJPacJ5EwRZz0zsA2n7qrKSWumTuA==
Age: 15


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    99b7d23c1748d0526782b9ff9ea45f09
Sha1:   eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
Sha256: 48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "2C25A6717245BE3746F1412AF9DD1C351E12DBB93E8E08C3DDCDACF35E419514"
Last-Modified: Sun, 18 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2731
Expires: Sun, 18 Sep 2022 15:58:00 GMT
Date: Sun, 18 Sep 2022 15:12:29 GMT
Connection: keep-alive

                                        
                                            GET /land?c=SF6sR9SSZ7-RjR0U8KagBAxhJ9U=&cnv_id=147f3575415c9df7ffa3e8df0e847693&placement=8c5b7cbaa2f6df4ad406189441ae89e0&campaign=647725 HTTP/1.1 
Host: jammennaps.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         172.67.138.56
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Date: Sun, 18 Sep 2022 15:12:29 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OKpS59Cwrw%2BfUX9MLjimghpBR%2BHn4B2P9nrIKIeoRwGiL7MmpbcquBfWXrCD8TX%2B%2Fwtp1R6XzvQHa%2BxRruSFMEM8FVrzZIDme1MZ4cCkLgS%2BIgDsTGiwFyhg%2FJzuiLck0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74cb052429f8fabc-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (20260), with CRLF line terminators
Size:   15962
Md5:    23329cdb66f69e2cb602f5926fa7f969
Sha1:   62b83cbb179890e96011b4d0d9bd93dcb69dce6c
Sha256: 333439f293233d698f8b3cf0326a9edc4024415ea3b065767812b151d82a6b64
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.25
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sun, 18 Sep 2022 03:30:43 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: -Zt_iA9KG_-7s487h0rXGcyupvhGKv8aiJVtySLUG6N5oa5c6uZcwQ==
age: 42106
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    742edb4038f38bc533514982f3d2e861
Sha1:   cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
Sha256: b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Sun, 18 Sep 2022 15:12:29 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /ajax/libs/jquery-cookie/1.4.1/jquery.cookie.min.js HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jammennaps.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.17.25.14
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Sun, 18 Sep 2022 15:12:29 GMT
content-length: 591
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec1-514"
last-modified: Mon, 04 May 2020 16:11:45 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1330930
expires: Fri, 08 Sep 2023 15:12:29 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pmrYg9BwjRKI%2B3sGN84MNBBWikICQkrQE%2FacDD3neU2NCiddUbFTyFGuljFXZB2oeIiiuufumOmQ7xps5Gh%2BqQkKns66XTgqAxAMes%2BNxty8Ls9Zk24djkLGNRyFKjnLdDWnYxrn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74cb0526ca861c12-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1266)
Size:   591
Md5:    414869f16aa77a65b4928a018f7f1abb
Sha1:   cea521f7a2958a50239526ed6b068f0937527653
Sha256: afee364ce513c6517247b81cce5eb5eadb1dbbb35e439eb3fa97bbc15fac2cd3
                                        
                                            GET /ajax/libs/jquery-modal/0.9.1/jquery.modal.min.js HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jammennaps.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.17.25.14
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Sun, 18 Sep 2022 15:12:29 GMT
content-length: 1399
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec2-1359"
last-modified: Mon, 04 May 2020 16:11:46 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1457752
expires: Fri, 08 Sep 2023 15:12:29 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y3ShjToqqhgDSdOqtnzsAUNFzcvjCVlk8PDxezbVQNfNkic4Z0sqstUYMhexVzDPB9Ksm%2FJvyFr9XOg3hEMibBQiDLUQOn%2BBsV8VtS0yINAqAhPR12fOZIp6fpjW2i50PUcjjbU2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74cb0526da8f1c12-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document, ASCII text, with very long lines (4862)
Size:   1399
Md5:    a08c3702f999b6cbd18c635f8e88421f
Sha1:   2938a9a742af0e1e7de5b58ad293c61d2838014b
Sha256: 3b512cbaa646370f0897e5e1e7cbab220a2382de70f24e994e88ef4f5121a39c
                                        
                                            GET /ajax/libs/jquery-modal/0.9.1/jquery.modal.min.css HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jammennaps.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.17.25.14
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
date: Sun, 18 Sep 2022 15:12:29 GMT
content-length: 1541
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec2-c81"
last-modified: Mon, 04 May 2020 16:11:46 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 8955319
expires: Fri, 08 Sep 2023 15:12:29 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0SM1NVdTLz7go4HNil6qe3vonWPSdeaxcPHonDZZChljaKECb679dFPPs%2Fdx2kZPOLTbt0mFaUV%2FTDT2kt8i8yk2NEulh67SzOMiXvpvK71jOCDT7pAjG1Wm494QzLie7gWZRlZR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74cb0526ea9b1c12-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (3201), with no line terminators
Size:   1541
Md5:    8e09ceb5490863a66cd2e83ca3d7e524
Sha1:   35e3d074516ec70c508d748f7ae01827bc0c28ba
Sha256: cccbb374fd4cb6dcbac9df64456b49cb11530e7bafdac6c6c7e67ff2ed350db9
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 18 Sep 2022 15:12:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 18 Sep 2022 15:12:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /custjs_new.js HTTP/1.1 
Host: jammennaps.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jammennaps.com/land?c=SF6sR9SSZ7-RjR0U8KagBAxhJ9U=&cnv_id=147f3575415c9df7ffa3e8df0e847693&placement=8c5b7cbaa2f6df4ad406189441ae89e0&campaign=647725

                                         
                                         172.67.138.56
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Sun, 18 Sep 2022 15:12:29 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 22 Apr 2022 10:45:19 GMT
ETag: W/"6262873f-157a"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yXxoVLFDkT%2BuNbWz5Njz%2FqHdg9%2BP2CdGKHrQO0yy%2FTiSkpZa4twHcHcOljXOfga5WeK0lZQm%2Fq4su4yR6sAOnhBbHfPlPzUNVFRqWsdQ4tvTJuQ%2B%2FeVhm4iUpbhTbK906A%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74cb05268d23b517-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  ASCII text, with very long lines (695)
Size:   1590
Md5:    d8e176179eb941e357e851bfd5cf5bcb
Sha1:   e298d110d19ac03b47dd2fc0cdea0b54aa6de1c8
Sha256: ebf9cfbffad5f7f5a2b261313b4f1d13f22fb4aa91da303c8bcb86133522e1f3
                                        
                                            GET /images/41/style.min.css HTTP/1.1 
Host: jammennaps.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jammennaps.com/land?c=SF6sR9SSZ7-RjR0U8KagBAxhJ9U=&cnv_id=147f3575415c9df7ffa3e8df0e847693&placement=8c5b7cbaa2f6df4ad406189441ae89e0&campaign=647725

                                         
                                         172.67.138.56
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Sun, 18 Sep 2022 15:12:29 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 12 Aug 2022 12:17:10 GMT
ETag: W/"62f644c6-5cb"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pT%2FR3SSzjatOM2BtxkjtCt3mRP2JVWCePZnyxLkTXWtAm0Fu1UD5IicB8FI4h0vRIin5Du%2FX8RfyShpZC8PsAL5IKQSRyKJaVeSDYMfd2MFYmi%2BTsnYuW%2FoquCpH9QGPfw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74cb05268be9fabc-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  ASCII text, with very long lines (1482)
Size:   654
Md5:    24be203544b872801f526b5245ba85c2
Sha1:   5acb9586576101c8522dbf7d0ceadf9acac3607f
Sha256: 63f10bf6899b20de65be1626550c81091870fcd0672205f3d53aa8b23fbad8b5
                                        
                                            POST / HTTP/1.1 
Host: zerossl.ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 18 Sep 2022 15:12:29 GMT
Content-Length: 727
Connection: keep-alive
Last-Modified: Fri, 16 Sep 2022 09:30:28 GMT
Expires: Fri, 23 Sep 2022 09:30:27 GMT
Etag: "80c51326b3e79edceeb5a9a0568b1b0bb574500f"
Cache-Control: max-age=410877,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74cb052738540b55-OSL

                                        
                                            GET /images/41/main.min.js HTTP/1.1 
Host: jammennaps.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jammennaps.com/land?c=SF6sR9SSZ7-RjR0U8KagBAxhJ9U=&cnv_id=147f3575415c9df7ffa3e8df0e847693&placement=8c5b7cbaa2f6df4ad406189441ae89e0&campaign=647725

                                         
                                         172.67.138.56
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Sun, 18 Sep 2022 15:12:29 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 12 Aug 2022 12:17:10 GMT
ETag: W/"62f644c6-590"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6GkOTTzrijhkS02anwYgTDNh4d4RYABHuJGZ6gcpLF0Am2zMoBT7pcSF3vc%2FRgRGCFFoZw%2F99PpLXcnEehHpwVoBjrG2bjcsPD6S1RuHbyjKoCfnKo1WTgJSyc8yLklVaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74cb0526c91db4f4-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   525
Md5:    114512749f87d3f2e5fc84101a695848
Sha1:   d030c4f11023cc517f74221d336a844b9665beb4
Sha256: cb4acd0ae352c75972e5aba531ad8644691cc96d2a911905d0b954b3fbf409db
                                        
                                            GET /translate_a/element.js?cb=TranslateInit HTTP/1.1 
Host: translate.google.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jammennaps.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.46
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
                                        
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 18 Sep 2022 15:12:29 GMT
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: CONSENT=PENDING+711; expires=Tue, 17-Sep-2024 15:12:29 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   27171
Md5:    e5bf66aec013e871da5c9059eff879aa
Sha1:   9f531dc4dad80cf9d32a2fc500a9c3d72c5407c5
Sha256: 89beb0892e093e2494cf3ce219682d5640db5c9eda05b72af4627cbb341458cb
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 18 Sep 2022 15:12:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /extjs.js HTTP/1.1 
Host: jammennaps.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jammennaps.com/land?c=SF6sR9SSZ7-RjR0U8KagBAxhJ9U=&cnv_id=147f3575415c9df7ffa3e8df0e847693&placement=8c5b7cbaa2f6df4ad406189441ae89e0&campaign=647725

                                         
                                         172.67.138.56
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Sun, 18 Sep 2022 15:12:29 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 02 Sep 2020 15:57:50 GMT
ETag: W/"5f4fc0fe-16464"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=orozTXTh%2BX56j7G8j1P8HUlpBB2oybPyNIgKzP4L%2FnEoV2NRWMoohZzkbs5mlStNqMG5KibeiaiF66yLW9wnAIQ%2BLwXKN2aOQT70KZKE7SCq6A68pJ6xU2DrRgQ3P%2F5eZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74cb05269a920af6-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  ASCII text, with very long lines (32058)
Size:   31773
Md5:    11a98db15f8eabc5eea2782e7514019d
Sha1:   53ca23e5ffee821b765d9db3f9bc9f036547a532
Sha256: 69b47b6ee0175fe05398905d566382f5fee9a642bb6f6ef2ded95594db7e136a
                                        
                                            GET /sdk.js?sid=ab089330-d9eb-4ef3-b2c7-b5e428ce39b8&lid=41 HTTP/1.1 
Host: tartator.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jammennaps.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         178.162.196.156
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Server: nginx/1.14.1
Date: Sun, 18 Sep 2022 15:12:29 GMT
Content-Length: 46271
Connection: keep-alive
Cache-Control: no-store, max-age=0
Accept-Ch: Sec-CH-UA-Platform-Version
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Cache-Status: MISS


--- Additional Info ---
Magic:  ASCII text, with very long lines (46271), with no line terminators
Size:   46271
Md5:    eebc6f65593abaca01046479c3335ddb
Sha1:   bdb72e5dda8212e47011feb00167734439765f3d
Sha256: 4096891bb8827b9333d3372b352bb74ea2c59d50d39917506b68ef1b44d4adf2
                                        
                                            GET /images/41/bg.jpg HTTP/1.1 
Host: jammennaps.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jammennaps.com/land?c=SF6sR9SSZ7-RjR0U8KagBAxhJ9U=&cnv_id=147f3575415c9df7ffa3e8df0e847693&placement=8c5b7cbaa2f6df4ad406189441ae89e0&campaign=647725

                                         
                                         172.67.138.56
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Sun, 18 Sep 2022 15:12:29 GMT
Content-Length: 11724
Connection: keep-alive
Last-Modified: Fri, 12 Aug 2022 12:17:10 GMT
ETag: "62f644c6-2dcc"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9BPtL4FIV8BSIuU6i2crOHSdfj0Mtulxm7Cp8%2FdYB%2BFBBIolbkH2lPbJgEmD476VjgLIG7LIp0k%2FoIZpiR1R%2FcCUj5om6RbgWIuk2nwz4%2BoU9ZwIVeuDZLV%2Fp1QxE92Niw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74cb05280c260af6-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 371x236, components 3\012- data
Size:   11724
Md5:    e343d94f4a4261f1c7a4ad70b3224c45
Sha1:   5b389fa7d43b7f853f5ebc69de548b91d415018c
Sha256: 18e7d9e381beb2aed1efe3a7fafed0d6df4e47533f83b9a074fe3812bfa12454
                                        
                                            POST /hit HTTP/1.1 
Host: tartator.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: multipart/form-data; boundary=---------------------------12960965131795029423595089307
Content-Length: 714
Origin: http://jammennaps.com
Connection: keep-alive
Referer: http://jammennaps.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         178.162.196.156
HTTP/1.1 200 OK
Content-Type: text/plain; charset=utf-8
                                        
Server: nginx/1.14.1
Date: Sun, 18 Sep 2022 15:12:29 GMT
Content-Length: 2
Connection: keep-alive
Cache-Control: no-store, max-age=0
Accept-Ch: Sec-CH-UA-Platform-Version
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Set-Cookie: av_sw_hit=1; expires=Mon, 19 Sep 2022 15:12:29 GMT; secure; SameSite=None


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   2
Md5:    e0aa021e21dddbd6d8cecec71e9cf564
Sha1:   9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
Sha256: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
                                        
                                            GET /css?family=Roboto:100,100italic,300,300italic,regular,italic,500,500italic,700,700italic,900,900italic HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jammennaps.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 18 Sep 2022 15:12:29 GMT
date: Sun, 18 Sep 2022 15:12:29 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   1136
Md5:    56388a2609128f2e897f3a5460d1661e
Sha1:   7158191a79b7d2aee4739d0089aee7bd1e0b6d12
Sha256: 8dc285c9fab7685e666fbdc987d976998b6f8cb6e46c3d7441f246a079dfca76
                                        
                                            POST /api/report HTTP/1.1 
Host: tartator.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: multipart/form-data; boundary=---------------------------324704981625933934481365378650
Content-Length: 503
Origin: http://jammennaps.com
Connection: keep-alive
Referer: http://jammennaps.com/
Cookie: av_sw_hit=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         178.162.196.156
HTTP/1.1 200 OK
Content-Type: text/plain; charset=utf-8
                                        
Server: nginx/1.14.1
Date: Sun, 18 Sep 2022 15:12:29 GMT
Content-Length: 2
Connection: keep-alive
Cache-Control: no-store, max-age=0
Accept-Ch: Sec-CH-UA-Platform-Version
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   2
Md5:    e0aa021e21dddbd6d8cecec71e9cf564
Sha1:   9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
Sha256: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
                                        
                                            POST / HTTP/1.1 
Host: zerossl.ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 18 Sep 2022 15:12:29 GMT
Content-Length: 727
Connection: keep-alive
Last-Modified: Fri, 16 Sep 2022 09:30:28 GMT
Expires: Fri, 23 Sep 2022 09:30:27 GMT
Etag: "80c51326b3e79edceeb5a9a0568b1b0bb574500f"
Cache-Control: max-age=410877,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74cb0528eada0b55-OSL

                                        
                                            GET /redirect/e?t=4&sid=ab089330-d9eb-4ef3-b2c7-b5e428ce39b8&click_id=147f3575415c9df7ffa3e8df0e847693&placement=8c5b7cbaa2f6df4ad406189441ae89e0&d=1&sub1=&sub2=&sub3=&sub4=&sub5= HTTP/1.1 
Host: tartator.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jammennaps.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         178.162.196.156
HTTP/1.1 301 Moved Permanently
                                        
Server: nginx/1.14.1
Date: Sun, 18 Sep 2022 15:12:29 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, max-age=0
Accept-Ch: Sec-CH-UA-Platform-Version
Location: https://fatededers.com/click.php?key=ak4q531cp5jyj7q6l1td&click_id=147f3575415c9df7ffa3e8df0e847693&type=TBD&pt=8c5b7cbaa2f6df4ad406189441ae89e0&cid_ext=
X-Cache-Status: MISS

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.35
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sun, 18 Sep 2022 15:03:22 GMT
Cache-Control: max-age=3600
Expires: Sun, 18 Sep 2022 15:03:50 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 75TU60o_mKVsA_AizWtlrSYejThWGPFN-OVkaBardKvA0baw3_coVA==
Age: 547


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4457
Cache-Control: 'max-age=158059'
Date: Sun, 18 Sep 2022 15:12:29 GMT
Last-Modified: Sun, 18 Sep 2022 13:58:12 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "7ABADB0E2F4F64473246E9BFB24D0985866FBEC82DB232124D22AD5E7F8CF8EC"
Last-Modified: Sun, 18 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21553
Expires: Sun, 18 Sep 2022 21:11:43 GMT
Date: Sun, 18 Sep 2022 15:12:30 GMT
Connection: keep-alive

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: BI+qNiF4H9ZUXm0NX+WJ/w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         35.165.143.157
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: x3dIHWw0hFwRrpWj3toaPbiwoAs=

                                        
                                            GET /click.php?key=ak4q531cp5jyj7q6l1td&click_id=147f3575415c9df7ffa3e8df0e847693&type=TBD&pt=8c5b7cbaa2f6df4ad406189441ae89e0&cid_ext= HTTP/1.1 
Host: fatededers.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://jammennaps.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         54.164.227.218
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx/1.20.2
Date: Sun, 18 Sep 2022 15:12:30 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: uclick=e8e2bgj2; expires=Mon, 19-Sep-2022 15:12:30 GMT; Max-Age=86400; path=/; secure; SameSite=none uclickhash=e8e2bgj2-e8e2bgj2-twi4-16xs-gmqq-c8fv-c8ik-e2e842; expires=Mon, 19-Sep-2022 15:12:30 GMT; Max-Age=86400; path=/; secure; SameSite=none
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   534
Md5:    3c18b756af4dde4fffcb638f49b47a34
Sha1:   c2a68bab2a2af9b2bee21e6c580167de5c9b9883
Sha256: 26c94120a3ee3d44a9ba91ad8ee321b2cd0409a1e93b7d8f17192e3a06490bc6

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 18 Sep 2022 15:12:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /landers/artygazzzz_bk_ru_len_2_[sergk]_us/css/style.min.css HTTP/1.1 
Host: fatededers.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fatededers.com/click.php?key=ak4q531cp5jyj7q6l1td&click_id=147f3575415c9df7ffa3e8df0e847693&type=TBD&pt=8c5b7cbaa2f6df4ad406189441ae89e0&cid_ext=
Cookie: uclick=e8e2bgj2; uclickhash=e8e2bgj2-e8e2bgj2-twi4-16xs-gmqq-c8fv-c8ik-e2e842
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         54.164.227.218
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx/1.20.2
Date: Sun, 18 Sep 2022 15:12:30 GMT
Content-Length: 2285
Last-Modified: Thu, 10 Feb 2022 17:16:58 GMT
Connection: keep-alive
ETag: "6205488a-8ed"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with very long lines (2284)
Size:   2285
Md5:    cd828a3775fdacaf456ebed7d0778730
Sha1:   442dc08eed3e4d67f6d9259049f5834cf02f6f6c
Sha256: fdfa92545f7fecc27d31ed21f3b1a30ef9718a503466ffc39ea6517467d2f133

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 18 Sep 2022 15:12:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 18 Sep 2022 15:12:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://fatededers.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 13 Sep 2022 08:31:01 GMT
expires: Wed, 13 Sep 2023 08:31:01 GMT
cache-control: public, max-age=31536000
age: 456089
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Size:   44856
Md5:    565ce506190ad3af920b40baf1794cec
Sha1:   ad3cba5d06100e09449a864d3b5e58403b478b3d
Sha256: 8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
                                        
                                            GET /landers/artygazzzz_bk_ru_len_2_[sergk]_us/js/main.min.js HTTP/1.1 
Host: fatededers.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fatededers.com/click.php?key=ak4q531cp5jyj7q6l1td&click_id=147f3575415c9df7ffa3e8df0e847693&type=TBD&pt=8c5b7cbaa2f6df4ad406189441ae89e0&cid_ext=
Cookie: uclick=e8e2bgj2; uclickhash=e8e2bgj2-e8e2bgj2-twi4-16xs-gmqq-c8fv-c8ik-e2e842
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         54.164.227.218
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.20.2
Date: Sun, 18 Sep 2022 15:12:30 GMT
Content-Length: 0
Last-Modified: Thu, 10 Feb 2022 17:16:58 GMT
Connection: keep-alive
ETag: "6205488a-0"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 18 Sep 2022 15:12:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /landers/artygazzzz_bk_ru_len_2_[sergk]_us/images/image.png HTTP/1.1 
Host: fatededers.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fatededers.com/click.php?key=ak4q531cp5jyj7q6l1td&click_id=147f3575415c9df7ffa3e8df0e847693&type=TBD&pt=8c5b7cbaa2f6df4ad406189441ae89e0&cid_ext=
Cookie: uclick=e8e2bgj2; uclickhash=e8e2bgj2-e8e2bgj2-twi4-16xs-gmqq-c8fv-c8ik-e2e842
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         54.164.227.218
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx/1.20.2
Date: Sun, 18 Sep 2022 15:12:30 GMT
Content-Length: 64015
Last-Modified: Thu, 10 Feb 2022 17:16:58 GMT
Connection: keep-alive
ETag: "6205488a-fa0f"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced\012- data
Size:   64015
Md5:    9f0c9a2e604545c2caebcd9d75f2fbe4
Sha1:   46a479455f9a8db336777cc0dcd99a825deaf952
Sha256: 908b94b9569636a318067e5f34187eafaa30d4b31df7f7e6838e86d993007cc2

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: fatededers.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fatededers.com/click.php?key=ak4q531cp5jyj7q6l1td&click_id=147f3575415c9df7ffa3e8df0e847693&type=TBD&pt=8c5b7cbaa2f6df4ad406189441ae89e0&cid_ext=
Cookie: uclick=e8e2bgj2; uclickhash=e8e2bgj2-e8e2bgj2-twi4-16xs-gmqq-c8fv-c8ik-e2e842
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         54.164.227.218
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Server: nginx/1.20.2
Date: Sun, 18 Sep 2022 15:12:30 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   114
Md5:    c872da7f0a50e2f749f7f67f548a214e
Sha1:   da9c7f5900a38def04bc0c5b6723ca82f48efa57
Sha256: ba92b5ba25874214592410d33ab6c9225814a010ed538aa33982812d589e86a9

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /landers/artygazzzz_bk_ru_len_2_[sergk]_us/images/bg.png HTTP/1.1 
Host: fatededers.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fatededers.com/landers/artygazzzz_bk_ru_len_2_[sergk]_us/css/style.min.css
Cookie: uclick=e8e2bgj2; uclickhash=e8e2bgj2-e8e2bgj2-twi4-16xs-gmqq-c8fv-c8ik-e2e842
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         54.164.227.218
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx/1.20.2
Date: Sun, 18 Sep 2022 15:12:30 GMT
Content-Length: 259534
Last-Modified: Thu, 10 Feb 2022 17:16:58 GMT
Connection: keep-alive
ETag: "6205488a-3f5ce"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 934 x 537, 8-bit/color RGB, non-interlaced\012- data
Size:   259534
Md5:    c75ec192b763d45b9a72fde5ea838e37
Sha1:   7042ef5e29a6033998e1ddd2d428932c0ddd814c
Sha256: fbbdd52dc2b86be54d0e8104c3c21dc962c22cd0caa599d1cbfec8e88e230fff

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E64C0C03925BDFAA2520D90339C90D1F8D98C432441ADB771DFE1E818220F06F"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5001
Expires: Sun, 18 Sep 2022 16:35:52 GMT
Date: Sun, 18 Sep 2022 15:12:31 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E64C0C03925BDFAA2520D90339C90D1F8D98C432441ADB771DFE1E818220F06F"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5001
Expires: Sun, 18 Sep 2022 16:35:52 GMT
Date: Sun, 18 Sep 2022 15:12:31 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E64C0C03925BDFAA2520D90339C90D1F8D98C432441ADB771DFE1E818220F06F"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5001
Expires: Sun, 18 Sep 2022 16:35:52 GMT
Date: Sun, 18 Sep 2022 15:12:31 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c670b93-3941-4322-a938-e74eba949ad6.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11919
x-amzn-requestid: 2f547c1f-2f5d-4707-8f6c-fe9dfff51383
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YbfS4FI9oAMFScw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632145ab-3c967f2653d06c1c079f88c1;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 03:08:27 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Q6pjncaouCXUu0Pz7v6xF_8ClxxVypUSeggW23Z-UTsPamKCTgwjmA==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Sat, 17 Sep 2022 22:00:17 GMT
age: 61934
etag: "786c333cf08456aea446a55c547520572e1c2df9"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11919
Md5:    f003d8b6e12692fb16dddd6827deead8
Sha1:   786c333cf08456aea446a55c547520572e1c2df9
Sha256: d79ea50cfc0f237b3de8f1826cbae1de0b1dbc632a5a06b08d9640abedded935
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0743b1dc-9d34-4282-a031-42c70fa409f3.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5133
x-amzn-requestid: 01f39c0a-c86f-4057-a505-20200819203c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YioKkFrFoAMFhMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632420a9-5821f44144b61475180ec961;Sampled=0
x-amzn-remapped-date: Fri, 16 Sep 2022 07:07:21 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 3tByM8rVW_WxdiBUCfXzxZWjMvH2PB2VQ290D-DLITqly6QQQKBNSw==
via: 1.1 d042f60a962591f741406f28a8170c5a.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 07:13:29 GMT
age: 28742
etag: "b2aaf019e083443a6404c262206ee2e981d3165c"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5133
Md5:    56ade9172e883c777dd974ca879bceba
Sha1:   b2aaf019e083443a6404c262206ee2e981d3165c
Sha256: c8407ad191143d2d947464b357d8426efb334cb165c4fa5ca01573d8f7ca7b76
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0418a582-b5aa-4754-a162-d731a3e53f86.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5448
x-amzn-requestid: 3b63d209-af92-4d64-866a-d8f677aa62a9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yn659H9DIAMFQag=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63263ea5-30e7f8a32603ba70671addec;Sampled=0
x-amzn-remapped-date: Sat, 17 Sep 2022 21:39:49 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: CqzHFWav9sDzwBhF58p314oyYPwfcbmlplVt2oF9QxSBIi5ktgpS7w==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 ead78c395f4bede3ec6cd7ea180e3d3a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 17 Sep 2022 21:49:54 GMT
age: 62557
etag: "ac0d1af96508d026f9a1252d358660bd5671f9bd"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5448
Md5:    c9a9211e94d6aa2429e9663ef317707e
Sha1:   ac0d1af96508d026f9a1252d358660bd5671f9bd
Sha256: 36663b67119ae58b665e43d86b73045472cf23d73bf2c981754f479989690791
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd1d192c6-d447-4ad9-b142-a9258211f67d.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5827
x-amzn-requestid: 9f179e66-3c6f-4e53-94f2-989bf32a6b90
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yl7gyHvboAMFSzA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632572d1-799e74a63288269b79170d58;Sampled=0
x-amzn-remapped-date: Sat, 17 Sep 2022 07:10:09 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 9firpBGLDHkjq_CJX01tbyPPS9OXPsTfzC0dLioWt1Axg7Vw5LQ0xg==
via: 1.1 497370ec058751eb0d9251f66d50af5e.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 07:15:02 GMT
age: 28649
etag: "4a5b84c77bd53f4c94e1af4a702f6f85b46b51b0"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5827
Md5:    29f4a52fb629dce4ef8038d4df7ea58a
Sha1:   4a5b84c77bd53f4c94e1af4a702f6f85b46b51b0
Sha256: 32cee35b22110b83738f49f49edb6efcedb54fe793d5ccc900004e16e3fefda3
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2512deb9-0912-4851-b376-b8bcb67ed3ef.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10554
x-amzn-requestid: 07497447-33e7-4f60-a3ff-974f581c5704
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yn5tlG_7IAMFaIA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63263cbd-1964dc6548cb5f7c09f65b78;Sampled=0
x-amzn-remapped-date: Sat, 17 Sep 2022 21:31:41 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 4c7A4n-fW5-zEG1OjjUo8zWdY80KTpzwJdfKuDT0OjW5NpkZxxWB-A==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Sat, 17 Sep 2022 21:49:35 GMT
age: 62576
etag: "0b00e1a594dc88c8fb05044a69cc0ba1eafc4946"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10554
Md5:    7334a6bdb209350f41e4640960c9ce2a
Sha1:   0b00e1a594dc88c8fb05044a69cc0ba1eafc4946
Sha256: bf946afeb52d95f27e2a271486accf87a0c169e5e78f6d57cace80564e2ed668
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99a57f83-dfc8-4b82-ba40-2b21aa8c0f64.webp HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6869
x-amzn-requestid: 8d5cf972-bd9a-42b8-ba33-5dd05191e9f6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yn6u1GspIAMF9vw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63263e5e-12430c8c7122a3594aba8949;Sampled=0
x-amzn-remapped-date: Sat, 17 Sep 2022 21:38:38 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: leqr7rYJyeBFlYuFM2D-wGJfb7_w-5HbW2Y1aHwjTzZ9_4MTFybNaA==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Sat, 17 Sep 2022 22:08:03 GMT
age: 61468
etag: "451c1f67948e45909e636828e3d2a3099de922f0"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6869
Md5:    51d067e534c477ce996b3e806f6a132e
Sha1:   451c1f67948e45909e636828e3d2a3099de922f0
Sha256: e13318949733eb7992695c61570cc8b2961d881a8343c677a77cd035e787bbaf
                                        
                                            GET /css?family=Open+Sans:regular,500,600,700 HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fatededers.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 18 Sep 2022 15:12:30 GMT
date: Sun, 18 Sep 2022 15:12:30 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---