Report - anotepad.com/notes/qaixq2hs

Report Overview

Submitted URL
anotepad.com/notes/qaixq2hs
IP
207.244.104.157
ASN
#30633 LEASEWEB-USA-WDC
Submitted
2022-09-20 12:28:42
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
8

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
unseenreport.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	846 B	192.243.61.225
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	44.236.232.139
pl16023739.revenuenetworkcpm.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	397 B	18 kB	192.243.59.12
stats.g.doubleclick.net	96	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	583 B	707 B	142.251.1.155
www.google.no	25607	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	496 B	694 B	142.250.74.3
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	66 kB	34.120.237.76
v1.addthisedge.com	1721	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	406 B	463 B	23.38.200.123
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	143.204.55.25
e1.o.lencr.org	6159	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	2.9 kB	23.36.77.32
www.google.com	7	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	497 B	694 B	142.250.74.164
driverpartially.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	384 B	14 kB	192.243.59.20
grumblecrytopless.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	5.4 kB	8.1 kB	192.243.59.13
creepingbrings.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	345 B	958 B	172.64.105.16
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	397 B	746 B	142.250.74.10
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.2 kB	12 kB	23.36.77.32
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	2.4 kB	93.184.220.29
cdn.anotepad.com	724042	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.4 kB	35 kB	143.204.55.18
www.google-analytics.com	40	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	357 B	21 kB	142.250.74.174
addresseepaper.com	18169	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	345 B	970 B	172.64.132.22
anotepad.com	192286	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	7.2 kB	207.244.104.157
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.3 kB	7.0 kB	142.250.74.3
a.pub.network	6324	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	362 B	2.0 kB	104.26.0.139
simplewebanalysis.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	967 B	35.158.153.212
z.moatads.com	374	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	375 B	1.4 kB	23.38.201.146
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	143.204.55.115
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
cdnjs.cloudflare.com	235	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.6 kB	118 kB	104.17.25.14
www.googletagmanager.com	75	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	366 B	45 kB	142.250.74.72
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	58 kB	142.250.74.163
s7.addthis.com	1504	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	860 B	144 kB	23.38.200.123
ocsp.sca1b.amazontrust.com	1015	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	4.7 kB	143.204.42.156
m.addthis.com	1448	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	717 B	360 B	23.38.200.123
cdn.sb4you1.com	22321	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.2 kB	9.7 kB	172.64.200.2
cdn.cloudimagesb.com	23099	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	389 B	12 kB	45.133.44.10
cdn.barscreative1.com	25648	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	431 B	1.1 kB	45.133.44.4

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-09-20	medium	driverpartially.com/b3/7d/2f/b37d2f9324506eb3d8dc9b0489d7878c.js	Phishing
2022-09-20	medium	cdn.barscreative1.com/sb/au/b6/cf/48/b6cf48ca3e8ab4bdbcfaa2279b0fb2bc/1613726822.html	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-09-20	medium	unseenreport.com	Sinkholed
2022-09-20	medium	unseenreport.com	Sinkholed

JavaScript (21)

	URL	Size	First Seen	Last Seen
	cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js	97 kB	2023-03-07	2024-04-25
Pretty URL cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-04-25 02:53:38 Times Seen118687 Hash 4f252523d4af0b478c810c2547a63e19 5a9dcfbef655a2668e78baebeaa8dc6f41d8dabb 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404 Loading...

	www.googletagmanager.com/gtm.js?id=GTM-NQC99C3	115 kB	2023-03-07	2023-03-07
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-NQC99C3 IP 142.250.74.72 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 21:42:07 Last Seen2023-03-07 21:42:07 Times Seen1 Hash c961860ba845b3b162c148fe922737f7 95a3f47d5b790e1a405521a04d1789c5f1f562cc f92075644ce7df89c24f96ab40810cd3a7a81ff055aafc6f5443dd82d83a6b60 Loading...

	cdn.anotepad.com/bundles/site-js?v=4JJ_WrZ4oNYh261zftqULRw8l8nIXYjyZV-KxGfEAxE1	19 kB	2023-03-07	2023-03-07
Pretty URL cdn.anotepad.com/bundles/site-js?v=4JJ_WrZ4oNYh261zftqULRw8l8nIXYjyZV-KxGfEAxE1 IP 143.204.55.18 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 21:42:07 Last Seen2023-03-07 23:51:57 Times Seen1 Hash 1412e3592a9fde6d7f419cb94c1e55bc 24d4ae92a25b030c23c103eef3909bd29e6c038e 31a0670506a649405f6027937f2b64043f74622b6216d1130fd87538fde72419 Loading...

	anotepad.com/notes/qaixq2hs	166 B	2023-03-07	2023-03-07
Pretty URL anotepad.com/notes/qaixq2hs IP 207.244.104.157 ASN #30633 LEASEWEB-USA-WDC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 21:42:07 Last Seen2023-03-07 21:42:07 Times Seen1 Hash c51a02b82d566e1cb6d2b0707f7b121d 8a82ab7a5b4ad01e3102743c5ebd3f2caac3e2cf fd67ae7c5df2befe93ef961120f757db51c4c34d7c2a500f9267c096a5572a74 Loading...

	s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html#rand=0.5841097078890768&iit=1663676914425&tmr=load%3D1663676913294%26core%3D1663676913312%26main%3D1663676914421%26ifr%3D1663676914427&cb=0&cdn=0&md=0&kw=&ab=-&dh=anotepad.com&dr=&du=https%3A%2F%2Fanotepad.com%2Fnotes%2Fqaixq2hs&href=https%3A%2F%2Fanotepad.com%2Fnotes%2Fqaixq2hs&dt=Advantages%20of%20the%20Storage%20System%20-%20Online%20Notepad&dbg=0&cap=tc%3D0%26ab%3D0&inst=1&jsl=1&prod=undefined&lng=en&ogt=&pc=men&pub=ra-56846750fb16a611&ssl=1&sid=6329b1f17279911d&srf=0.01&ver=300&xck=0&xtr=0&og=&csi=undefined&rev=v8.28.8-wp&ct=0&xld=1&xd=1	72 kB	2023-03-07	2023-05-06
Pretty URL s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html#rand=0.5841097078890768&iit=1663676914425&tmr=load%3D1663676913294%26core%3D1663676913312%26main%3D1663676914421%26ifr%3D1663676914427&cb=0&cdn=0&md=0&kw=&ab=-&dh=anotepad.com&dr=&du=https%3A%2F%2Fanotepad.com%2Fnotes%2Fqaixq2hs&href=https%3A%2F%2Fanotepad.com%2Fnotes%2Fqaixq2hs&dt=Advantages%20of%20the%20Storage%20System%20-%20Online%20Notepad&dbg=0&cap=tc%3D0%26ab%3D0&inst=1&jsl=1&prod=undefined&lng=en&ogt=&pc=men&pub=ra-56846750fb16a611&ssl=1&sid=6329b1f17279911d&srf=0.01&ver=300&xck=0&xtr=0&og=&csi=undefined&rev=v8.28.8-wp&ct=0&xld=1&xd=1 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:57 Last Seen2023-05-06 01:05:13 Times Seen3063 Hash 7d5b5e32745c7b2e10b41554f0dc4142 2fe0a408b06fb8a44f7c1b54ad4f1b70204584ab 7eae26867a4cf6c29d2fbc4cbf3a222058ba71a9ceb7ff0d6d96c3cfb462cc81 Loading...

	cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.4.1/js/bootstrap.min.js	40 kB	2023-03-07	2024-04-25
Pretty URL cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.4.1/js/bootstrap.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-04-25 04:42:11 Times Seen12200 Hash 2f34b630ffe30ba2ff2b91e3f3c322a1 b16fd8226bd6bfb08e568f1b1d0a21d60247cefb 9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe Loading...

	anotepad.com/notes/qaixq2hs	83 B	2023-03-07	2023-11-25
Pretty URL anotepad.com/notes/qaixq2hs IP 207.244.104.157 ASN #30633 LEASEWEB-USA-WDC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:33:42 Last Seen2023-11-25 02:48:30 Times Seen27 Hash 5b9ba8c7336bc03b70ee825d67293d70 14ce9f2b7ef27b4595ce6d501388cef99ba66867 71625044733d0cbc032c032fa1f5a1ce246dd700a717165fde28dc7cf23f892a Loading...

	unknown	0 B	2023-03-07	2024-04-25
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-25 08:55:55 Times Seen37058908 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	anotepad.com/notes/qaixq2hs	337 B	2023-03-07	2023-11-25
Pretty URL anotepad.com/notes/qaixq2hs IP 207.244.104.157 ASN #30633 LEASEWEB-USA-WDC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:33:42 Last Seen2023-11-25 02:48:30 Times Seen27 Hash 7ed8d094acd4ca41435478d71d181ff3 a8c5a39c74ed6f55d3d160f6fab48ae8ed8d06d6 5daf8f0671a577e7b3e7ed96c134a1cdfd026fa344d72a58722b402d03366068 Loading...

	anotepad.com/notes/qaixq2hs	706 B	2023-03-07	2023-11-25
Pretty URL anotepad.com/notes/qaixq2hs IP 207.244.104.157 ASN #30633 LEASEWEB-USA-WDC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:33:42 Last Seen2023-11-25 02:48:30 Times Seen27 Hash 5d7aff84c39145baf56b3b1623a9996f 95424fdc21c6e3fe19a059d35fb23868b809a46e 0f2ddc50af3d0990a3d4596b8f99d8d1ceb3d1a3f35cecc3b39c387c56fea05d Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-07	2024-04-18
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.174 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-04-18 21:14:10 Times Seen840 Hash d40531c5e99a6f84e42535859476fe35 a901817d77b2fe5259c298c91bc65c54d7f8a1a9 a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210 Loading...

	m.addthis.com/live/red_lojson/300lo.json?si=6329b1f17279911d&bkl=0&bl=1&pdt=943&sid=6329b1f17279911d&pub=ra-56846750fb16a611&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=anotepad.com&fp=notes%2Fqaixq2hs&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=0&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1663676914432&jsl=1&uvs=6329b1f1446912ab000&skipb=1&callback=addthis.cbs.jsonp__18509602519732070	89 B	2023-03-07	2023-03-07
Pretty URL m.addthis.com/live/red_lojson/300lo.json?si=6329b1f17279911d&bkl=0&bl=1&pdt=943&sid=6329b1f17279911d&pub=ra-56846750fb16a611&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=anotepad.com&fp=notes%2Fqaixq2hs&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=0&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1663676914432&jsl=1&uvs=6329b1f1446912ab000&skipb=1&callback=addthis.cbs.jsonp__18509602519732070 IP 23.38.200.123 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 21:42:07 Last Seen2023-03-07 21:42:07 Times Seen1 Hash cb3fe27562c8b1c83999e7a153b5a76a 4744227fd9c433df06825c0cc0aa9be91e8f7f8a 5d20ffac9fb36a55555ea07995fd54ec6b12e7ff1354cc2d8bc4478d7ff71460 Loading...

	http:blank	659 B	2023-03-07	2023-03-17
Pretty URL http:blank IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 21:42:07 Last Seen2023-03-17 11:40:14 Times Seen1 Hash 75fc8e1b2ede9448b2e6ecdf2e824bc7 2d61bc3c87171fc848fe1a87c51afd3c6e97100c 82079cb7930624716fcb67c1a72e879a06d62f6076a4b45aff70d16996d8e43e Loading...

	cdnjs.cloudflare.com/ajax/libs/jqueryui/1.12.1/jquery-ui.min.js	254 kB	2023-03-07	2024-04-25
Pretty URL cdnjs.cloudflare.com/ajax/libs/jqueryui/1.12.1/jquery-ui.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:19:34 Last Seen2024-04-25 08:16:35 Times Seen6557 Hash c15b1008dec3c8967ea657a7bb4baaec 78489e580adaef931e6e5b131dab556c397e4a1a 28ce75d953678c4942df47a11707a15e3c756021cf89090e3e6aa7ad6b6971c3 Loading...

	www.googletagmanager.com/gtag/js?id=G-6PG3MM86KX&l=dataLayer&cx=c	215 kB	2023-03-07	2023-03-07
Pretty URL www.googletagmanager.com/gtag/js?id=G-6PG3MM86KX&l=dataLayer&cx=c IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 21:42:07 Last Seen2023-03-07 21:42:07 Times Seen1 Hash 3d5e589b045ffb276cc0ce3629e9b860 6ff3b3465cf75760c94aff0b7e0b3f049592ebf5 23f7f40472e15220d1aada76c672c32d5a24216c501174d634b99cd3fd4e168a Loading...

	pl16023739.revenuenetworkcpm.com/a1/38/54/a1385457843ed7b58df9deca74af31e9.js	54 kB	2023-03-07	2023-03-07
Pretty URL pl16023739.revenuenetworkcpm.com/a1/38/54/a1385457843ed7b58df9deca74af31e9.js IP 192.243.59.12 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 21:42:07 Last Seen2023-03-07 21:42:07 Times Seen1 Hash 3aabacd3646574751cc43af96a9485a1 9edcb3d79a0d2ed7b4f80d0d0a97096413a3f935 2712513c731ffba4e04584eab12b077ea081407c136a304d8b60ce6103fbb782 Loading...

	z.moatads.com/addthismoatframe568911941483/moatframe.js	1.7 kB	2023-03-07	2023-11-01
Pretty URL z.moatads.com/addthismoatframe568911941483/moatframe.js IP 23.38.201.146 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:57 Last Seen2023-11-01 14:42:28 Times Seen4278 Hash dd1a19cb8d13e4571d2b293c0a0d2ccf 18070dd5c894930a8aef7117bf8d49bd4922a723 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd Loading...

	driverpartially.com/b3/7d/2f/b37d2f9324506eb3d8dc9b0489d7878c.js	37 kB	2023-03-07	2023-03-07
Pretty URL driverpartially.com/b3/7d/2f/b37d2f9324506eb3d8dc9b0489d7878c.js IP 192.243.59.20 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 21:42:07 Last Seen2023-03-07 21:42:07 Times Seen1 Hash afd19671e509454073f0c2e157fe5339 94184a8ef8637fd63cde2fa730f19c8384066e8a b002d39b48c2f0509e6424b9430f93525ae59bbf7c1faa2f74edeb050fb61691 Loading...

	v1.addthisedge.com/live/boost/ra-56846750fb16a611/_ate.track.config_resp	166 B	2023-03-07	2023-05-05
Pretty URL v1.addthisedge.com/live/boost/ra-56846750fb16a611/_ate.track.config_resp IP 23.38.200.123 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:33:22 Last Seen2023-05-05 09:27:43 Times Seen156 Hash ce1e291468dd80d09650c7b039de0f29 940e37be1fa48f3664d60f4585e5b738eff25f06 4cf8b4da854cac70fb514c2d255e93904353bda1fcc7229de2f59d5971d83028 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 449bf5704205ea90d9021bf85b4300cd	11 B	2023-03-07	2024-04-14
Pretty Observations First Seen2023-03-07 01:02:58 Last Seen2024-04-14 19:52:56 Times Seen3353 Hash 449bf5704205ea90d9021bf85b4300cd a8401782462f9e0afe2435dea38cb79ac66d83af 8ee784d797ce97ed9716bb42682346deb0c7ae8ff75d7ad8ae60508907054c16 Loading...

	#2 Eval - 062687690045026856f53e20000732e7	8 B	2023-03-07	2024-04-14
Pretty Observations First Seen2023-03-07 01:02:58 Last Seen2024-04-14 19:52:56 Times Seen3365 Hash 062687690045026856f53e20000732e7 907a784295139ac62a25fed0fe9636c8a3a5b3af 3c4b9b06fe520e9d07b2150eebd412a59c91d789706d99a2b2dc9bf217604d1f Loading...

HTTP Transactions (96)

URL IP Response Size

firefox.settings.services.mozilla.com/v1/

143.204.55.115

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.115:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
91dd975a7b17b2922dd23c0e49314e40
57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 20 Sep 2022 12:01:52 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: E53REy4B8EkOoakem_LB_vF-CCd4CleoacoqzwZQC0aSmfbAdS-3dw==
Age: 1599

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
861cfa99de956423d917ed0ddbea4b9c
ad65dbc394b48b04a45c205f56af296c8d008db4
5c706b2718b1698995f4feb91223779aef4bf6dc967c31f9ef9a93873197d5f9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5C706B2718B1698995F4FEB91223779AEF4BF6DC967C31F9EF9A93873197D5F9"
Last-Modified: Sun, 18 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8408
Expires: Tue, 20 Sep 2022 14:48:39 GMT
Date: Tue, 20 Sep 2022 12:28:31 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain

143.204.55.25

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP
143.204.55.25:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 20 Sep 2022 04:35:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 8f443xY-x7ylvf0OX7BooODEtGrF0K2uG-kkTZk7nIxOfeuHCdemyg==
age: 28398
X-Firefox-Spdy: h2

anotepad.com/notes/qaixq2hs

207.244.104.157

301 Moved Permanently

158 B

URL HTTP/1.1
anotepad.com/notes/qaixq2hs
IP
207.244.104.157:0
ASN
#30633 LEASEWEB-USA-WDC

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text
Size
158 B (158 bytes)
Hash
c056e42f7d24f00e25f7747a20d9b1de
28dacf85dc772717772984c77f6f43aefa87dd3f
0973b6a053c2b6a48aba22ac5cbda34da7dd87a0db5b225dfd99110fe241ec9b

HTTP Headers

GET /notes/qaixq2hs HTTP/1.1
Host: anotepad.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
Location: https://anotepad.com/notes/qaixq2hs
Server: Microsoft-IIS/8.5
X-Frame-Options: SAMEORIGIN
Date: Tue, 20 Sep 2022 12:28:32 GMT
Content-Length: 158

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 12:28:31 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.115

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.115:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Tue, 20 Sep 2022 12:03:22 GMT
Cache-Control: max-age=3600
Expires: Tue, 20 Sep 2022 12:55:15 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: iqQawW9qUnFGCAT46ApzKcPj24ZvAQOstndkAcGsHALX2GYTkfp3IA==
Age: 1510

anotepad.com/notes/qaixq2hs

207.244.104.157

200 OK

6.0 kB

URL HTTP/1.1
anotepad.com/notes/qaixq2hs
IP
207.244.104.157:0
ASN
#30633 LEASEWEB-USA-WDC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2895), with CRLF, LF line terminators
Size
6.0 kB (5997 bytes)
Hash
1b336eb508546194aea54898a0f58a3d
a4abd60680426c8d16aeabac9c5038f708171547
ff38ec1561081150fd1cb86703d0ccd577a1d4cf24bcca6fe9cb8bd783c0e8f9

HTTP Headers

GET /notes/qaixq2hs HTTP/1.1
Host: anotepad.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Frame-Options: SAMEORIGIN
Date: Tue, 20 Sep 2022 12:28:32 GMT
Content-Length: 5997

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
edf07cd621f733b0eb50c632387ebf4f
61a082d26501c2c8d481b1676d0de2e585269613
e5c4324e4c55824b86f48bf0b9a1d317a82e7d3c19bdea7a91d78ce98d68a980

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6540
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 12:28:32 GMT
Last-Modified: Tue, 20 Sep 2022 10:39:32 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471

cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.4.1/css/bootstrap.min.css

104.17.25.14

200 OK

16 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.4.1/css/bootstrap.min.css
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65369)
Size
16 kB (16120 bytes)
Hash
d3a47d1d66fc94ed3f89d9e77cd1a122
92b01371dd02a4157abb9cfdfb6c63b9c7a4eee9
3b1897163caeb1738a1bc8d6ec7db9b903b3fc21d91b586714e19fedd46a3d5d

HTTP Headers

GET /ajax/libs/twitter-bootstrap/3.4.1/css/bootstrap.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anotepad.com
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 20 Sep 2022 12:28:32 GMT
content-type: text/css; charset=utf-8
content-length: 16120
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb04010-1da71"
last-modified: Mon, 04 May 2020 16:17:20 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1018138
expires: Sun, 10 Sep 2023 12:28:32 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HlVihF%2FFk14T%2B05%2F9iyKk3hnjQz5Q9yBnXh6m3d%2BWa0KIZaYoIgFh7tvVgySiIOxiqh2N9gRguLAvKwSMTfTQUZBvc4us9hW7AtFnjz39VybLUy9Y%2BuZiA4FuQbnUpG2jmWsv0W1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74da8fbf0b990af6-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.4.1/js/bootstrap.min.js

104.17.25.14

200 OK

9.7 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.4.1/js/bootstrap.min.js
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (39553)
Size
9.7 kB (9687 bytes)
Hash
6a83a42b86273faf5b5636e7ca26e596
a4fa1db5a05a11de643326e1041f4540f1ca8bc5
e08073d20d6668bc5a0a676b2c51ad8fb5f4293de4f85e71d14dda246f69c12e

HTTP Headers

GET /ajax/libs/twitter-bootstrap/3.4.1/js/bootstrap.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anotepad.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 20 Sep 2022 12:28:32 GMT
content-type: application/javascript; charset=utf-8
content-length: 9687
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb04010-9b00"
last-modified: Mon, 04 May 2020 16:17:20 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 66638
expires: Sun, 10 Sep 2023 12:28:32 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w5jxpRt%2BMO3IyRDdcnCYnkBaHNvRr4j28B8gvKLSD5%2F6Za3YNWvv6CwIbqRYAho8NKthlgcc00jqslQyN%2F6lsrA3CIv13xHq%2BH9KGuxpZcgp0Ywb7giw1Y082hADp8aD9cFKOgKb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74da8fbf0b9c0af6-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js

104.17.25.14

200 OK

30 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (32077)
Size
30 kB (30360 bytes)
Hash
5e4764d3c94d1a1db8c3d0890278b6d1
e5171f2f46e16d32df5f634ba21e47256fa9689c
5077e8927721a6a3ae5d78b456b7041230d627774a0a319beebacc88290b8328

HTTP Headers

GET /ajax/libs/jquery/1.12.4/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anotepad.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 20 Sep 2022 12:28:32 GMT
content-type: application/javascript; charset=utf-8
content-length: 30360
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-17b8b"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1021066
expires: Sun, 10 Sep 2023 12:28:32 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xJtRcdJlCjfIOED4iK2IZM6Gd2KwHcSQyQzutOzOC%2FQox5DKDM5qtU8scv5YJya4cUrFCE%2BgLj9jhT5TGeyoKud38DTjRlPEIEe5SimSthfGiyji30tL87EPHzKZg8y98KE7I0pW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74da8fbf2baf0af6-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/jqueryui/1.12.1/jquery-ui.min.js

104.17.25.14

200 OK

57 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/jqueryui/1.12.1/jquery-ui.min.js
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (32074)
Size
57 kB (57137 bytes)
Hash
8486da289409cd85cf8b6fd169c721c4
72d46568b1412639c71f218761c4e637773c4bfc
552f8314a7e6f840ab958f4a71ee38b747deb74634ea9797806f38c95b48c3ef

HTTP Headers

GET /ajax/libs/jqueryui/1.12.1/jquery-ui.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anotepad.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 20 Sep 2022 12:28:32 GMT
content-type: application/javascript; charset=utf-8
content-length: 57137
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-3dee5"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 9117361
expires: Sun, 10 Sep 2023 12:28:32 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4jaO%2FlPTxYposHGtFAOu7fJRMw8MRZrDtZtJ6to2MmuNAc4denMuC8v14EEhW5eu9eG1zZd8yVPuSAhxBtmie7wtg%2BH5E4XrYJ7kQtZYG8FBSxuaMtcXA3tMfDmMXDVivgGMsdQT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74da8fbf2bac0af6-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
454dea3b87434b94e88a13111cdbfc2e
2bcfa35e79482b8e37cbc9cf1ded738c5e0dd255
d007c1b8be2c4bb6b728f12ea19268a1134f82fb75bf3bc86dae7a3b9d78fb78

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5614
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 12:28:32 GMT
Last-Modified: Tue, 20 Sep 2022 10:54:59 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 280

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
26fcf8aea27805b4a6a29e3e2a4ba19b
f920fd6c5a79a4adb2f456edcee678757ff1602c
7aa63d03f514e4f51190e85f167f747563f980e0e6fdee6cce9393321dff1038

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 12:28:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

push.services.mozilla.com/

44.236.232.139

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
44.236.232.139:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: O1utY7W7PgUBu4myk2C2zQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: /EtTCsyyxaEQMcSI7zhx+yQG9wA=

www.googletagmanager.com/gtm.js?id=GTM-NQC99C3

142.250.74.72

200 OK

44 kB

URL HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-NQC99C3
IP
142.250.74.72:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1720)
Size
44 kB (44458 bytes)
Hash
83450e14ffdde5ae33fc2b5596cd979a
0c90c526ba768e8b8df3f4882001b6b52cea521d
303f5b6901e148cee9c95721960f776ec733083ea2ebbf7f229516cf46df7a66

HTTP Headers

GET /gtm.js?id=GTM-NQC99C3 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anotepad.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 20 Sep 2022 12:28:32 GMT
expires: Tue, 20 Sep 2022 12:28:32 GMT
cache-control: private, max-age=900
last-modified: Tue, 20 Sep 2022 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44458
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.sca1b.amazontrust.com/

143.204.42.156

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.156:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
b669f418a60c890e8a53f1f91d4addea
8b40f6280d60b31a2988ee059c9e2454485869dd
b6374c27c6f7c947944c0d38e30b05361a2c4878cfbf68d2747b7da99de3fcb5

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 20 Sep 2022 12:28:32 GMT
Last-Modified: Tue, 20 Sep 2022 11:21:33 GMT
Server: ECS (bsa/EB14)
X-Cache: Miss from cloudfront
Via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: mwfPpbBvR8eCYeDv-ZheDTDUsfpJsXQLXl6hjt0fW16-VCxMIrnBvA==
Age: 4019

cdn.anotepad.com/images/badge_playstore.png

143.204.55.18

200 OK

3.7 kB

URL HTTP/2
cdn.anotepad.com/images/badge_playstore.png
IP
143.204.55.18:0
ASN
#16509 AMAZON-02

File type
PNG image data, 270 x 80, 8-bit colormap, non-interlaced\012- data
Size
3.7 kB (3709 bytes)
Hash
d4ce4d823f6777f6c4997ad89d50d8fc
3c61260e346bb30109d29009fb90b0625cb1be60
f45f42097ab97da2bd3034f5f7331e2283a38f7147638825cd71912fe8dcbbb6

HTTP Headers

GET /images/badge_playstore.png HTTP/1.1
Host: cdn.anotepad.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anotepad.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 3709
last-modified: Sun, 12 Jan 2020 18:32:03 GMT
accept-ranges: bytes
server: Microsoft-IIS/8.5
x-frame-options: SAMEORIGIN
cache-control: max-age=604800
date: Sun, 18 Sep 2022 18:15:37 GMT
etag: "bf8eda9576c9d51:0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 1Y_0XEwnI8u87WS1PmdIn2pSyA7k7fn-3if8cE_WY6uvUQGtfAJywA==
age: 151974
X-Firefox-Spdy: h2

cdn.anotepad.com/images/badge_applestore.png

143.204.55.18

200 OK

3.1 kB

URL HTTP/2
cdn.anotepad.com/images/badge_applestore.png
IP
143.204.55.18:0
ASN
#16509 AMAZON-02

File type
PNG image data, 239 x 80, 8-bit colormap, non-interlaced\012- data
Size
3.1 kB (3050 bytes)
Hash
4e97ce0a8ea4025ed15e9c19079ca4b6
948efc3776eb186349cf0cec535a82833c56cd6f
7f9164a13476744c911fea7dbab9a2924750f69f82ec1d51d2a09e64638952c0

HTTP Headers

GET /images/badge_applestore.png HTTP/1.1
Host: cdn.anotepad.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anotepad.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 3050
last-modified: Sun, 12 Jan 2020 18:32:03 GMT
accept-ranges: bytes
server: Microsoft-IIS/8.5
x-frame-options: SAMEORIGIN
date: Tue, 20 Sep 2022 05:27:36 GMT
cache-control: max-age=604800
etag: "82bdb9576c9d51:0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: wLaRXYf3A7I8VjGg-y1UHq_6ayMd6aZXd5Cd6ytFG_X__ukWFsSZuQ==
age: 30328
X-Firefox-Spdy: h2

ocsp.sca1b.amazontrust.com/

143.204.42.156

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.156:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
b669f418a60c890e8a53f1f91d4addea
8b40f6280d60b31a2988ee059c9e2454485869dd
b6374c27c6f7c947944c0d38e30b05361a2c4878cfbf68d2747b7da99de3fcb5

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 20 Sep 2022 12:28:32 GMT
Last-Modified: Tue, 20 Sep 2022 11:21:33 GMT
Server: ECS (bsa/EB15)
X-Cache: Miss from cloudfront
Via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: CwFBBX5raqGo5vLIiKfRwK1iiuo_hfo46A8768dOFWXbXn6buHPUdA==
Age: 4019

ocsp.sca1b.amazontrust.com/

143.204.42.156

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.156:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
b669f418a60c890e8a53f1f91d4addea
8b40f6280d60b31a2988ee059c9e2454485869dd
b6374c27c6f7c947944c0d38e30b05361a2c4878cfbf68d2747b7da99de3fcb5

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 20 Sep 2022 12:28:32 GMT
Last-Modified: Tue, 20 Sep 2022 11:20:06 GMT
Server: ECS (bsa/EB24)
X-Cache: Miss from cloudfront
Via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: BfIe8X6ZjqYgoWfXNlZKPLjIPSZKXE5YCleXrCLzQrqc-ubq0DArjQ==
Age: 4107

ocsp.sca1b.amazontrust.com/

143.204.42.156

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.156:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
b669f418a60c890e8a53f1f91d4addea
8b40f6280d60b31a2988ee059c9e2454485869dd
b6374c27c6f7c947944c0d38e30b05361a2c4878cfbf68d2747b7da99de3fcb5

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 20 Sep 2022 12:28:32 GMT
Last-Modified: Tue, 20 Sep 2022 10:56:06 GMT
Server: ECS (dcb/7EEB)
X-Cache: Miss from cloudfront
Via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: GMRhP4YXeHnrFaWVqy0eTyzQLD8ylO314tHz2i9z-hi3ASLIFFghAA==
Age: 5546

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
26fcf8aea27805b4a6a29e3e2a4ba19b
f920fd6c5a79a4adb2f456edcee678757ff1602c
7aa63d03f514e4f51190e85f167f747563f980e0e6fdee6cce9393321dff1038

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 12:28:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e34f594c2e3b9b6a81e4ae9fef80f363
b7f65f5fb0df328d3c863af6c9351923205645f2
bcedda132b602d90a62a5fbe07e7c37f69cce319fb4b84e1bed40b1200e9898b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 12:28:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

cdn.anotepad.com/Images/icons/icon_language_light.png

143.204.55.18

200 OK

2.8 kB

URL HTTP/2
cdn.anotepad.com/Images/icons/icon_language_light.png
IP
143.204.55.18:0
ASN
#16509 AMAZON-02

File type
PNG image data, 96 x 96, 8-bit/color RGBA, non-interlaced\012- data
Size
2.8 kB (2752 bytes)
Hash
41246beeea403683c91ce0c8f754bd8c
d89c21eb936491b8ba00b09fd9351813643961cd
84d8eb6af559cc3d679dcbbdc021f2bcd43b699edaf99c7443b0e30c1e65e205

HTTP Headers

GET /Images/icons/icon_language_light.png HTTP/1.1
Host: cdn.anotepad.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.anotepad.com/bundles/site-css?v=A7BcNioZ7gHnb7Yxnif3W0WdBTQKnRFddLcogYeCxew1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 2752
last-modified: Thu, 16 Dec 2021 08:59:54 GMT
accept-ranges: bytes
server: Microsoft-IIS/8.5
x-frame-options: SAMEORIGIN
cache-control: max-age=604800
date: Tue, 20 Sep 2022 01:53:17 GMT
etag: "061b44a5bf2d71:0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: o0mleS4z7V1KYx3Y5_ABY_VFxKcvRKOz1WArYr1NpwHU_O53WkiqIw==
age: 38116
X-Firefox-Spdy: h2

cdn.anotepad.com/Images/icon_sprites.png?v1

143.204.55.18

200 OK

15 kB

URL HTTP/2
cdn.anotepad.com/Images/icon_sprites.png?v1
IP
143.204.55.18:0
ASN
#16509 AMAZON-02

File type
PNG image data, 1824 x 48, 8-bit/color RGBA, non-interlaced\012- data
Size
15 kB (14982 bytes)
Hash
f32de01b6b72a3232f70853b25b9ca75
f97632426ea1e1c9b8031cd67e4c903d3cf94661
f01231a50ecc9c14b80f5f743ed5aeeec39f27867fb70b9b8e79f836f4af078f

HTTP Headers

GET /Images/icon_sprites.png?v1 HTTP/1.1
Host: cdn.anotepad.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.anotepad.com/bundles/site-css?v=A7BcNioZ7gHnb7Yxnif3W0WdBTQKnRFddLcogYeCxew1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 14982
last-modified: Sat, 13 Nov 2021 20:56:42 GMT
accept-ranges: bytes
server: Microsoft-IIS/8.5
x-frame-options: SAMEORIGIN
cache-control: max-age=604800
date: Thu, 15 Sep 2022 03:33:48 GMT
etag: "47835cf6d0d8d71:0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: JVQcjcHJbG7KQeR2RLL0yxIQn48quEiBxdog-mxjx8O72cACQKrEvA==
age: 464088
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e34f594c2e3b9b6a81e4ae9fef80f363
b7f65f5fb0df328d3c863af6c9351923205645f2
bcedda132b602d90a62a5fbe07e7c37f69cce319fb4b84e1bed40b1200e9898b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 12:28:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
4f5180e6651455bc8443945fb5b6860c
01457b8648200c9d274b2790b95274b1dc855aaf
39301cccc2805993f794301cb01a70a954e7c8a8e5d6779acc4888f77d7282c0

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 12:28:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2

142.250.74.163

200 OK

23 kB

URL HTTP/2
fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 23040, version 1.0\012- data
Size
23 kB (23040 bytes)
Hash
de69cf9e514df447d1b0bb16f49d2457
2ac78601179c3a63ba3f3f3081556b12ddcaf655
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

HTTP Headers

GET /s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://anotepad.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23040
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 13 Sep 2022 17:10:21 GMT
expires: Wed, 13 Sep 2023 17:10:21 GMT
cache-control: public, max-age=31536000
age: 587891
last-modified: Tue, 26 Apr 2022 15:56:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
4f5180e6651455bc8443945fb5b6860c
01457b8648200c9d274b2790b95274b1dc855aaf
39301cccc2805993f794301cb01a70a954e7c8a8e5d6779acc4888f77d7282c0

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 12:28:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

anotepad.com/note/loadcomment

207.244.104.157

200 OK

360 B

URL HTTP/1.1
anotepad.com/note/loadcomment
IP
207.244.104.157:0
ASN
#30633 LEASEWEB-USA-WDC

File type
ASCII text, with CRLF line terminators
Size
360 B (360 bytes)
Hash
69e62c5f90ce8a3578aae9ea26cb5221
d53f0f16cc1878e6065ef412c63df58e39d47b3a
f185010745652a05abd30200b26d0203cd9b2604646f7f585f9977fcdd214402

HTTP Headers

POST /note/loadcomment HTTP/1.1
Host: anotepad.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 19
Origin: https://anotepad.com
Connection: keep-alive
Referer: https://anotepad.com/notes/qaixq2hs
Cookie: _ga_6PG3MM86KX=GS1.1.1663676912.1.0.1663676912.0.0.0; _ga=GA1.1.1837355166.1663676913
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Frame-Options: SAMEORIGIN
Date: Tue, 20 Sep 2022 12:28:33 GMT
Content-Length: 360

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
922cf4ad8c18953ba1ce936c7d69fb6c
a7ff29682c9be9e02f08e6ed6809fa85635fdfc8
15a3b7e169f061e8e09c18f7c8fa40e3cd1d735844514d6b47e484a551e9dc83

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "15A3B7E169F061E8E09C18F7C8FA40E3CD1D735844514D6B47E484A551E9DC83"
Last-Modified: Mon, 19 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2253
Expires: Tue, 20 Sep 2022 13:06:06 GMT
Date: Tue, 20 Sep 2022 12:28:33 GMT
Connection: keep-alive

cdn.anotepad.com/favicon-16x16.png

143.204.55.18

200 OK

827 B

URL HTTP/2
cdn.anotepad.com/favicon-16x16.png
IP
143.204.55.18:0
ASN
#16509 AMAZON-02

File type
PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Size
827 B (827 bytes)
Hash
0469e563461e628f5c7ac9fba30e3134
ce38ece54cf70a32de17b05f2d29f17d95ff5891
25f14abbbf54617b6dc3438702bc5453a81bc841acf24600c40d06b5cdcc3629

HTTP Headers

GET /favicon-16x16.png HTTP/1.1
Host: cdn.anotepad.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anotepad.com/
Cookie: _ga_6PG3MM86KX=GS1.1.1663676912.1.0.1663676912.0.0.0; _ga=GA1.1.1837355166.1663676913
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 827
last-modified: Sat, 13 Feb 2021 22:46:18 GMT
accept-ranges: bytes
etag: "693427b5a2d71:0"
server: Microsoft-IIS/8.5
x-frame-options: SAMEORIGIN
date: Tue, 20 Sep 2022 02:32:21 GMT
x-cache: Hit from cloudfront
via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 3UTYkRngKFs75nNo7gRBlKIfebmP-_uv0yDwhuoAKaNSiwpVqTknOw==
age: 35773
X-Firefox-Spdy: h2

s7.addthis.com/js/300/addthis_widget.js

23.38.200.123

200 OK

116 kB

URL HTTP/2
s7.addthis.com/js/300/addthis_widget.js
IP
23.38.200.123:0
ASN
#16625 AKAMAI-AS

File type
ASCII text, with very long lines (54602)
Size
116 kB (116360 bytes)
Hash
b87cd33d44e99d7bb4fa59f97915a154
429b6461bab5189d6987d39713c3405223c461b8
9ad12a8b1ed82ccdfc74eebce578bd8f146b04ba08476f8a9a237e346f1772b2

HTTP Headers

GET /js/300/addthis_widget.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anotepad.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/javascript
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-5834c"
cache-control: public, max-age=600
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 116360
date: Tue, 20 Sep 2022 12:28:33 GMT
vary: Accept-Encoding
x-distribution: 99
x-host: s7.addthis.com
X-Firefox-Spdy: h2

www.google-analytics.com/analytics.js

142.250.74.174

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1325)
Size
20 kB (20006 bytes)
Hash
56f5d7f608e25d64207135f045f988cb
901eb59372ae330ae85e1384da93479b21ae1082
1910daea79e5a9d04829a91e432dfa56f45a80a3e14a8cf667fec73af9fd3d29

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anotepad.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20006
date: Tue, 20 Sep 2022 10:41:12 GMT
expires: Tue, 20 Sep 2022 12:41:12 GMT
cache-control: public, max-age=7200
age: 6441
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

pl16023739.revenuenetworkcpm.com/a1/38/54/a1385457843ed7b58df9deca74af31e9.js

192.243.59.12

200 OK

17 kB

URL HTTP/1.1
pl16023739.revenuenetworkcpm.com/a1/38/54/a1385457843ed7b58df9deca74af31e9.js
IP
192.243.59.12:0
ASN
#39572 DataWeb Global Group B.V.

File type
ASCII text, with very long lines (53726), with no line terminators
Size
17 kB (17161 bytes)
Hash
ceaee3f35d86c8b3828d936ff35d4564
91867b173dd9ce6fcdf8aeee04a54b371a2e4f7a
242379ac2b1314c871f083462ee25aea2a6a96fc1e4035fe4b3bda82cf263cf4

HTTP Headers

GET /a1/38/54/a1385457843ed7b58df9deca74af31e9.js HTTP/1.1
Host: pl16023739.revenuenetworkcpm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anotepad.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Tue, 20 Sep 2022 12:28:33 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: abffd98fcfbc07ec1ca924891ec01d0f
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

z.moatads.com/addthismoatframe568911941483/moatframe.js

23.38.201.146

200 OK

948 B

URL HTTP/2
z.moatads.com/addthismoatframe568911941483/moatframe.js
IP
23.38.201.146:0
ASN
#16625 AKAMAI-AS

File type
ASCII text, with very long lines (523)
Size
948 B (948 bytes)
Hash
f14b4e1f799b14f798a195f43cf58376
b6fd3b3d407fb4c0a00fb8a31862235e2a6e0a86
92ed3e9fda5fa4d738ff4d9023846b56633617363dda6a750cacb4fba53241ac

HTTP Headers

GET /addthismoatframe568911941483/moatframe.js HTTP/1.1
Host: z.moatads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anotepad.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: e0HboiVQpjIDEK8WTxqU5+8G8wOtu9bNCFY72alTHLP0/Yb+qoiTOxu6fad89ebRofzHxENxOOg=
x-amz-request-id: 61EC92F13BB22DD4
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
etag: "f14b4e1f799b14f798a195f43cf58376"
content-encoding: gzip
accept-ranges: bytes
content-type: application/x-javascript
content-length: 948
server: AmazonS3
vary: Accept-Encoding
cache-control: max-age=48107
date: Tue, 20 Sep 2022 12:28:33 GMT
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.77.32

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
737cc6f4b8c7d91c15f348a27d8322ec
5b99cbda2ec6f3ff0b8b9115bd8ba096db9ce4f1
685c08333c217cd90d1742bc7d1ab85801ed350e4f5189e575dac285156128eb

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "685C08333C217CD90D1742BC7D1AB85801ED350E4F5189E575DAC285156128EB"
Last-Modified: Mon, 19 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18726
Expires: Tue, 20 Sep 2022 17:40:39 GMT
Date: Tue, 20 Sep 2022 12:28:33 GMT
Connection: keep-alive

cdn.anotepad.com/bundles/site-css?v=A7BcNioZ7gHnb7Yxnif3W0WdBTQKnRFddLcogYeCxew1

143.204.55.18

200 OK

4.1 kB

URL HTTP/2
cdn.anotepad.com/bundles/site-css?v=A7BcNioZ7gHnb7Yxnif3W0WdBTQKnRFddLcogYeCxew1
IP
143.204.55.18:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (22685), with no line terminators
Size
4.1 kB (4096 bytes)
Hash
013880857c79e40b2d50ce6eb14640f5
bd4b88bb233c62210a9e6c48a2ec6e4778a2bb9d
6f14b5a40479288d88ba947f38cf2326747df8842680941bf3e4e76e08cd6890

HTTP Headers

GET /bundles/site-css?v=A7BcNioZ7gHnb7Yxnif3W0WdBTQKnRFddLcogYeCxew1 HTTP/1.1
Host: cdn.anotepad.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anotepad.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
cache-control: public
expires: Thu, 14 Sep 2023 06:10:50 GMT
last-modified: Wed, 14 Sep 2022 06:10:50 GMT
server: Microsoft-IIS/8.5
x-frame-options: SAMEORIGIN
date: Wed, 14 Sep 2022 06:10:49 GMT
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: UqkJcF9nup38V-LZK8NCeEjfINy1BR6_7prBLKG9Ex98LXK_0AvgnQ==
age: 541065
X-Firefox-Spdy: h2

a.pub.network/core/pubfig/cls.css

104.26.0.139

200 OK

868 B

URL HTTP/2
a.pub.network/core/pubfig/cls.css
IP
104.26.0.139:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
868 B (868 bytes)
Hash
5e5e78864c7f702af64d939bdf7cc21e
03a6569ce86394eb431794fc361cea399c3ca8cb
38d17eef83f316bcd4e98287348ea56a95837f2909037a72154b88a595accd80

HTTP Headers

GET /core/pubfig/cls.css HTTP/1.1
Host: a.pub.network
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anotepad.com
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 20 Sep 2022 12:28:32 GMT
content-type: text/css
x-guploader-uploadid: ADPycdsfb1X_bdqbacxhvm2M-KKFPDAJ8Ikhnp0awjHu8l_xMfSyd8CupT3fAlJC3Hs6wcahdoyyHLmokshBBugXqCnOyG1Xm-5K
x-goog-generation: 1620765108454625
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1752
x-goog-hash: crc32c=kjwd8A==, md5=KtQsmezne0blpCqFIHo3UA==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: *
expires: Tue, 20 Sep 2022 13:21:08 GMT
cache-control: public, max-age=3600
last-modified: Tue, 11 May 2021 20:31:48 GMT
etag: W/"2ad42c99ece77b46e5a42a85207a3750"
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=67jiwEV%2F5lCMOer1vczEt6OKscT2MKRto8aTRtDfwoXF04U4Bx01qEfU57hVXeuTL%2B%2BBuM1sh1XcwyrjqOPlKI2pwfpljt1G7hmCaQpISO0ihcruXLDjlq7PcjwUX7E%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74da8fbf8f5ffabc-OSL
content-encoding: br
X-Firefox-Spdy: h2

stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-8870545-1&cid=1837355166.1663676913&jid=1546400292&gjid=974338255&_gid=184347904.1663676913&_u=YADAAEAAAAAAAC~&z=1330086389

142.251.1.155

200 OK

4 B

URL HTTP/2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-8870545-1&cid=1837355166.1663676913&jid=1546400292&gjid=974338255&_gid=184347904.1663676913&_u=YADAAEAAAAAAAC~&z=1330086389
IP
142.251.1.155:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
4 B (4 bytes)
Hash
48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a

HTTP Headers

POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-8870545-1&cid=1837355166.1663676913&jid=1546400292&gjid=974338255&_gid=184347904.1663676913&_u=YADAAEAAAAAAAC~&z=1330086389 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://anotepad.com
Connection: keep-alive
Referer: https://anotepad.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: https://anotepad.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 20 Sep 2022 12:28:33 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.77.32

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
737cc6f4b8c7d91c15f348a27d8322ec
5b99cbda2ec6f3ff0b8b9115bd8ba096db9ce4f1
685c08333c217cd90d1742bc7d1ab85801ed350e4f5189e575dac285156128eb

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "685C08333C217CD90D1742BC7D1AB85801ED350E4F5189E575DAC285156128EB"
Last-Modified: Mon, 19 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18726
Expires: Tue, 20 Sep 2022 17:40:39 GMT
Date: Tue, 20 Sep 2022 12:28:33 GMT
Connection: keep-alive

cdn.anotepad.com/images/anotepad.svg

143.204.55.18

200 OK

1.3 kB

URL HTTP/2
cdn.anotepad.com/images/anotepad.svg
IP
143.204.55.18:0
ASN
#16509 AMAZON-02

File type
data
Size
1.3 kB (1315 bytes)
Hash
ee7e67e9bb2e9c9744b57d0185abee68
48f862617a6d80126659746ec9870acea47003ad
943c564e401377f13964cc4b44dfd896a2fc895fc03c415acc380309a90d10ff

HTTP Headers

GET /images/anotepad.svg HTTP/1.1
Host: cdn.anotepad.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anotepad.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Sat, 13 Feb 2021 21:52:25 GMT
server: Microsoft-IIS/8.5
x-frame-options: SAMEORIGIN
content-encoding: gzip
cache-control: max-age=604800
date: Wed, 14 Sep 2022 01:42:27 GMT
etag: W/"8fdbe283522d71:0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 3ka-Ugu5nbySBwxwuNtq1RZCvNtwHGc_g4EvMI2ikA6769QIIaerfw==
age: 557167
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
fa65e4428adb73fd14d3e23085784699
00f883ce942c6c1be5e8e39d8ebe126de77dbadf
8eb4b4b2d5dc9f17570f22fc0afdf63d1fc80cc0aa37ad77cc81d52dda2bc281

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 12:28:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
c53364cae0510b97de38fb4b3396ff56
d6088b7fe775ebc077d116271fbe7fce898c06f0
2df909d86d97fbb9a27dd94ca9335ea29eae8f9325fccc8d0ef00a4f7cd7cdc6

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 12:28:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f6d10754a35583416b9c93946ca777ef
6300aae417ae8339c3307c47085b9a9038a3695f
c7666b0c00f878cde486c1d5990a88a763a50ab1e959268ac0abe1be0320fd73

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C7666B0C00F878CDE486C1D5990A88A763A50AB1E959268AC0ABE1BE0320FD73"
Last-Modified: Mon, 19 Sep 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16455
Expires: Tue, 20 Sep 2022 17:02:48 GMT
Date: Tue, 20 Sep 2022 12:28:33 GMT
Connection: keep-alive

www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-8870545-1&cid=1837355166.1663676913&jid=1546400292&_u=YADAAEAAAAAAAC~&z=217938114

142.250.74.3

200 OK

42 B

URL HTTP/2
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-8870545-1&cid=1837355166.1663676913&jid=1546400292&_u=YADAAEAAAAAAAC~&z=217938114
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-8870545-1&cid=1837355166.1663676913&jid=1546400292&_u=YADAAEAAAAAAAC~&z=217938114 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anotepad.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 20 Sep 2022 12:28:33 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
fe5ffc0bb967bf39c053d24cdfae521a
87bc50876b1600714e2c29608bf4af00fbfbd23e
ceaf52d90eaf692a8da9f6c353d09011e26d8e2b971ec4c17fcbcab8676c70c3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CEAF52D90EAF692A8DA9F6C353D09011E26D8E2B971EC4C17FCBCAB8676C70C3"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13357
Expires: Tue, 20 Sep 2022 16:11:10 GMT
Date: Tue, 20 Sep 2022 12:28:33 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
fe5ffc0bb967bf39c053d24cdfae521a
87bc50876b1600714e2c29608bf4af00fbfbd23e
ceaf52d90eaf692a8da9f6c353d09011e26d8e2b971ec4c17fcbcab8676c70c3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CEAF52D90EAF692A8DA9F6C353D09011E26D8E2B971EC4C17FCBCAB8676C70C3"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13357
Expires: Tue, 20 Sep 2022 16:11:10 GMT
Date: Tue, 20 Sep 2022 12:28:33 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
fe5ffc0bb967bf39c053d24cdfae521a
87bc50876b1600714e2c29608bf4af00fbfbd23e
ceaf52d90eaf692a8da9f6c353d09011e26d8e2b971ec4c17fcbcab8676c70c3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CEAF52D90EAF692A8DA9F6C353D09011E26D8E2B971EC4C17FCBCAB8676C70C3"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13357
Expires: Tue, 20 Sep 2022 16:11:10 GMT
Date: Tue, 20 Sep 2022 12:28:33 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
fe5ffc0bb967bf39c053d24cdfae521a
87bc50876b1600714e2c29608bf4af00fbfbd23e
ceaf52d90eaf692a8da9f6c353d09011e26d8e2b971ec4c17fcbcab8676c70c3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CEAF52D90EAF692A8DA9F6C353D09011E26D8E2B971EC4C17FCBCAB8676C70C3"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13357
Expires: Tue, 20 Sep 2022 16:11:10 GMT
Date: Tue, 20 Sep 2022 12:28:33 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
fe5ffc0bb967bf39c053d24cdfae521a
87bc50876b1600714e2c29608bf4af00fbfbd23e
ceaf52d90eaf692a8da9f6c353d09011e26d8e2b971ec4c17fcbcab8676c70c3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CEAF52D90EAF692A8DA9F6C353D09011E26D8E2B971EC4C17FCBCAB8676C70C3"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13357
Expires: Tue, 20 Sep 2022 16:11:10 GMT
Date: Tue, 20 Sep 2022 12:28:33 GMT
Connection: keep-alive

www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-8870545-1&cid=1837355166.1663676913&jid=1546400292&_u=YADAAEAAAAAAAC~&z=217938114

142.250.74.164

200 OK

42 B

URL HTTP/2
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-8870545-1&cid=1837355166.1663676913&jid=1546400292&_u=YADAAEAAAAAAAC~&z=217938114
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-8870545-1&cid=1837355166.1663676913&jid=1546400292&_u=YADAAEAAAAAAAC~&z=217938114 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anotepad.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 20 Sep 2022 12:28:33 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4c2e0de8-088f-449b-a3cb-bbb83e3883a6.jpeg

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4c2e0de8-088f-449b-a3cb-bbb83e3883a6.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11832 bytes)
Hash
2ed7323b395e757f7766ea0045efdaca
8b91bc3069a3217bc719c27959d578b353b5d9dc
8daf8cb1464daa5f72bc4f1049adb4aba00b2c2dec11cb3ade3454ec2ebbfb63

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4c2e0de8-088f-449b-a3cb-bbb83e3883a6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11832
x-amzn-requestid: 75065a71-5f2d-4987-915b-9bddc772c76a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YugI_EsLIAMFdmQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6328e09f-1248d25405209da3353d4a4a;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 21:35:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: gLh2EBTPdXvFtZuYKH1NVZebvnz4Rhs-f_rZPtfJpIWNemEk0upeOQ==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 22:09:43 GMT
etag: "8b91bc3069a3217bc719c27959d578b353b5d9dc"
content-type: image/jpeg
age: 51530
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b9b6fcc-4a98-463a-8c9c-a60812d5b535.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.9 kB (9865 bytes)
Hash
1a7d863845e96c5927e812f325c08c16
b8484fb5443344b03e52dd56b1d6c5682eb6221a
fcb382029332a44deaf212298b618074a752d674d0c735a1b8b861ab4bb6ff0f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b9b6fcc-4a98-463a-8c9c-a60812d5b535.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9865
x-amzn-requestid: 7eeeff5b-cb13-4060-96a6-bf5a4be57331
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YugokGQVoAMFXmA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6328e169-4211dbbe1a22d0255a45aff0;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 21:38:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 2kU9PLuzusMR04mNUdwbU6-120ESVhYJtNaIixERO68Vo9jEfP3JWg==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 22:04:47 GMT
age: 51826
etag: "b8484fb5443344b03e52dd56b1d6c5682eb6221a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a91bc33-86f4-4bda-af70-da083ceb7c72.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10894 bytes)
Hash
d3e70b2859ca89b353682d03f6b46b93
ebd83f29edd95217dfa4f4c7a94eddf34dd58b14
43ad8f8b0a664bbec39e0410c1201498a2d2e36e5bd7d5ece8d65b15230ec50b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a91bc33-86f4-4bda-af70-da083ceb7c72.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10894
x-amzn-requestid: f7aad96e-af80-4db7-8bc1-d1e09a9b37e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YeJQGHhOIAMFYuw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6322559a-538534e91448af217c59ab3d;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 22:28:42 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: P7aZQzmAvqn2rcHJUQjHo0Dcg8dsrqseey5mNOabfq1b857M4SUMDQ==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 10:06:02 GMT
age: 8551
etag: "ebd83f29edd95217dfa4f4c7a94eddf34dd58b14"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F799803b1-7e6e-42da-84f6-3e45140e6ae6.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.4 kB (7358 bytes)
Hash
49ffb7cd4c40b37f5b61c1fd86ee36ec
4188174bf6e595335f784d2bf9c90db57294b2fc
5af29dbb676f5a38288e73e9ca4feada901ccfb06385110ca0a46a4970532d32

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F799803b1-7e6e-42da-84f6-3e45140e6ae6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7358
x-amzn-requestid: 88cc5413-2f66-4dc6-b20d-57dd16e77e89
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YugqUHZIoAMFd3Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6328e175-7357c2251f4434bc4686f9ed;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 21:39:01 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: qL0OjiglHkC5171Q2CTvjoOnpkRsGs9I949IDf-PEYOg5S_hiPUpyA==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 22:09:43 GMT
etag: "4188174bf6e595335f784d2bf9c90db57294b2fc"
content-type: image/jpeg
age: 51530
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1d1af9c9-23b5-42e1-b7c6-655c21db6627.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.9 kB (9873 bytes)
Hash
7ca0c1a7f205ad07f1cce80b26448873
0e14f5062e40ce94346494ff947bfcf74b5e88c1
ebc960279032671136749823c126ec807334d9eaf2b019abcc63b41bcdbf4a7f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1d1af9c9-23b5-42e1-b7c6-655c21db6627.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9873
x-amzn-requestid: 7171299f-e6e3-40ef-a292-33779346e1ee
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YugI-FDIIAMF-xg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6328e09f-31f9413434a6b00e77e7709b;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 21:35:27 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: evL3aL1ULo6B2a8Rp6iILKCX7F14O9HMSbEqkEY3XHFhmMptE8FaVw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 22:09:44 GMT
age: 51529
etag: "0e14f5062e40ce94346494ff947bfcf74b5e88c1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc72c9eb8-103b-4d09-b405-97d1a7ae99a8.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.5 kB (9543 bytes)
Hash
30fbdfee7ec4513a5ff3dfcb7282f816
a852edb64a7220532aa619ab2a440c3a7e11b97a
4adee59f97bea412c6a0a786d0a27e431a497198b9047a75841b0a530803bdfe

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc72c9eb8-103b-4d09-b405-97d1a7ae99a8.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9543
x-amzn-requestid: 17be04c9-54f0-4988-82dd-f13911a2a629
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YugINHN1IAMF8iA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6328e09a-35496b4c21c23dec75257964;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 21:35:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: -VBFetQNkmIiWeJtW5IOheaPLdDHM9iKhiGPzVcA3_KQk7Qha5VrXg==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 22:14:25 GMT
age: 51248
etag: "a852edb64a7220532aa619ab2a440c3a7e11b97a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
fa65e4428adb73fd14d3e23085784699
00f883ce942c6c1be5e8e39d8ebe126de77dbadf
8eb4b4b2d5dc9f17570f22fc0afdf63d1fc80cc0aa37ad77cc81d52dda2bc281

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 12:28:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
81fa7001b4b94f54d2ab4f3237ecaabb
e21bb07f34d9bed91f5caac3f9a83e9600a5652c
0ecbe6e0c5198d792a0eeb4197c88ec1d3a9f8b215efae7a6bb87776f7673b6a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 12:28:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

driverpartially.com/b3/7d/2f/b37d2f9324506eb3d8dc9b0489d7878c.js

192.243.59.20

200 OK

13 kB

URL HTTP/1.1
driverpartially.com/b3/7d/2f/b37d2f9324506eb3d8dc9b0489d7878c.js
IP
192.243.59.20:0
ASN
#39572 DataWeb Global Group B.V.

File type
ASCII text, with very long lines (37125), with no line terminators
Size
13 kB (13405 bytes)
Hash
d425f39ba003b39e2c06e23d93b175f8
df90736a1aac2211075aab7dc4ba35599e2b1a9a
cb14f3b7a027c13151a0545a0c501c0a566e73bf45521bf5a3930a5538fe6934

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /b3/7d/2f/b37d2f9324506eb3d8dc9b0489d7878c.js HTTP/1.1
Host: driverpartially.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anotepad.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Tue, 20 Sep 2022 12:28:34 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e5c2ee39cb6517fcc71d3083632ed16b
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
de21453350e94caa1eaa938409519de2
b9819d2fe8761aac1b00b7b6a05f7d5c6358d2d9
9455b40dbff8c871da45e8d9ea3c142c77e200b0ee8698dcfdf246bc4b0383a8

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6434
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 12:28:34 GMT
Last-Modified: Tue, 20 Sep 2022 10:41:20 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 279

ocsp.sca1b.amazontrust.com/

143.204.42.156

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.156:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
6df30310ab4bd12fd1d6de14fc431cc4
e91defc2ab45d425901a3b800be0870c6a71daf9
6c0fdf8a295320d533a82a1c5019cece54752992aee4fcdfb9957d6f4a736d5c

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 20 Sep 2022 12:28:34 GMT
Last-Modified: Tue, 20 Sep 2022 11:57:01 GMT
Server: ECS (nyb/1D08)
X-Cache: Miss from cloudfront
Via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: U2GKdwUH_o9SyjvifnMlbU8pZmZ9vpqv1H2mvOmqyZBqCNv_9Oh36g==
Age: 1893

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
de21453350e94caa1eaa938409519de2
b9819d2fe8761aac1b00b7b6a05f7d5c6358d2d9
9455b40dbff8c871da45e8d9ea3c142c77e200b0ee8698dcfdf246bc4b0383a8

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6434
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 12:28:34 GMT
Last-Modified: Tue, 20 Sep 2022 10:41:20 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 279

simplewebanalysis.com/stats

35.158.153.212

200 OK

40 B

URL HTTP/2
simplewebanalysis.com/stats
IP
35.158.153.212:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
d807704cd54b20db975f3970f9f16035
a6333c0e3f213b189a6d7316a44112f6aafbf785
baaea9e843e09860cbb3912f1cd78a33c9424eabee52a232d40c4ee8166d8a38

HTTP Headers

GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anotepad.com
Connection: keep-alive
Referer: https://anotepad.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 20 Sep 2022 12:28:34 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://anotepad.com
access-control-allow-credentials: true
set-cookie: uid_id2=a4522509-c2d9-4359-9046-f1d640b678aa:1:1; expires=Fri, 17 Sep 2032 12:28:34 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

23.38.200.123

200 OK

26 kB

URL HTTP/2
s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
IP
23.38.200.123:0
ASN
#16625 AKAMAI-AS

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (63757)
Size
26 kB (26421 bytes)
Hash
707317ccaabe08d32d1bd781754e6871
bb82dcd3e044c960e0861c2ce878f5504e628f78
d0a164ece41c61aec26517fb645646f5ba91f72ea5448eff1ee6c393b7c53051

HTTP Headers

GET /static/sh.f48a1a04fe8dbf021b4cda1d.html HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anotepad.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx/1.15.8
content-type: text/html
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-11adc"
timing-allow-origin: *
cache-control: public, max-age=86313600
p3p: CP="NON ADM OUR DEV IND COM STA"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 26421
date: Tue, 20 Sep 2022 12:28:34 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2

simplewebanalysis.com/stats

35.158.153.212

200 OK

40 B

URL HTTP/2
simplewebanalysis.com/stats
IP
35.158.153.212:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
d807704cd54b20db975f3970f9f16035
a6333c0e3f213b189a6d7316a44112f6aafbf785
baaea9e843e09860cbb3912f1cd78a33c9424eabee52a232d40c4ee8166d8a38

HTTP Headers

GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anotepad.com
Connection: keep-alive
Referer: https://anotepad.com/
Cookie: uid_id2=a4522509-c2d9-4359-9046-f1d640b678aa:1:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 20 Sep 2022 12:28:34 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://anotepad.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2

simplewebanalysis.com/stats

35.158.153.212

200 OK

40 B

URL HTTP/2
simplewebanalysis.com/stats
IP
35.158.153.212:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
d807704cd54b20db975f3970f9f16035
a6333c0e3f213b189a6d7316a44112f6aafbf785
baaea9e843e09860cbb3912f1cd78a33c9424eabee52a232d40c4ee8166d8a38

HTTP Headers

GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anotepad.com
Connection: keep-alive
Referer: https://anotepad.com/
Cookie: uid_id2=a4522509-c2d9-4359-9046-f1d640b678aa:1:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 20 Sep 2022 12:28:34 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://anotepad.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2

m.addthis.com/live/red_lojson/300lo.json?si=6329b1f17279911d&bkl=0&bl=1&pdt=943&sid=6329b1f17279911d&pub=ra-56846750fb16a611&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=anotepad.com&fp=notes%2Fqaixq2hs&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=0&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1663676914432&jsl=1&uvs=6329b1f1446912ab000&skipb=1&callback=addthis.cbs.jsonp__18509602519732070

23.38.200.123

200 OK

89 B

URL HTTP/2
m.addthis.com/live/red_lojson/300lo.json?si=6329b1f17279911d&bkl=0&bl=1&pdt=943&sid=6329b1f17279911d&pub=ra-56846750fb16a611&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=anotepad.com&fp=notes%2Fqaixq2hs&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=0&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1663676914432&jsl=1&uvs=6329b1f1446912ab000&skipb=1&callback=addthis.cbs.jsonp__18509602519732070
IP
23.38.200.123:0
ASN
#16625 AKAMAI-AS

File type
ASCII text, with no line terminators
Size
89 B (89 bytes)
Hash
cb3fe27562c8b1c83999e7a153b5a76a
4744227fd9c433df06825c0cc0aa9be91e8f7f8a
5d20ffac9fb36a55555ea07995fd54ec6b12e7ff1354cc2d8bc4478d7ff71460

HTTP Headers

GET /live/red_lojson/300lo.json?si=6329b1f17279911d&bkl=0&bl=1&pdt=943&sid=6329b1f17279911d&pub=ra-56846750fb16a611&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=anotepad.com&fp=notes%2Fqaixq2hs&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=0&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1663676914432&jsl=1&uvs=6329b1f1446912ab000&skipb=1&callback=addthis.cbs.jsonp__18509602519732070 HTTP/1.1
Host: m.addthis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anotepad.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
content-length: 89
cache-control: max-age=0, no-cache, no-store, no-transform
pragma: no-cache
content-disposition: attachment; filename=1.txt
date: Tue, 20 Sep 2022 12:28:34 GMT
X-Firefox-Spdy: h2

v1.addthisedge.com/live/boost/ra-56846750fb16a611/_ate.track.config_resp

23.38.200.123

200 OK

154 B

URL HTTP/2
v1.addthisedge.com/live/boost/ra-56846750fb16a611/_ate.track.config_resp
IP
23.38.200.123:0
ASN
#16625 AKAMAI-AS

File type
ASCII text, with no line terminators
Size
154 B (154 bytes)
Hash
1798455c51e19a1de93e52339a502e8d
a0457d200050e575fe5fce342ef18826773a19a2
3f695eaf6f5245ffc8385edd6ed3d174509a3faedc9b9e14e4bffb1f0a881fb0

HTTP Headers

GET /live/boost/ra-56846750fb16a611/_ate.track.config_resp HTTP/1.1
Host: v1.addthisedge.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anotepad.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
etag: 659743217
content-disposition: attachment; filename=1.txt
content-encoding: gzip
content-length: 154
cache-control: public, max-age=60, s-maxage=86400
date: Tue, 20 Sep 2022 12:28:34 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3560fd0459a75cf29346caa46f7e84a1
f4ddcaf667912056478156ea67a9c16cfdacc0b0
f2f4b9cb192aba52569b22fa34a39420113c1ae958b17b6b59652182ffa10eed

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F2F4B9CB192ABA52569B22FA34A39420113C1AE958B17B6B59652182FFA10EED"
Last-Modified: Sun, 18 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1629
Expires: Tue, 20 Sep 2022 12:55:44 GMT
Date: Tue, 20 Sep 2022 12:28:35 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3560fd0459a75cf29346caa46f7e84a1
f4ddcaf667912056478156ea67a9c16cfdacc0b0
f2f4b9cb192aba52569b22fa34a39420113c1ae958b17b6b59652182ffa10eed

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F2F4B9CB192ABA52569B22FA34A39420113C1AE958B17B6B59652182FFA10EED"
Last-Modified: Sun, 18 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1629
Expires: Tue, 20 Sep 2022 12:55:44 GMT
Date: Tue, 20 Sep 2022 12:28:35 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
0b33c37d8278a7978305e81d40f0b720
bf93c7b9790150d483f02136a7720cc029bea4bb
d6eeac717014b10223e7a13cd15a184d11302a42a8398eb5c57f0eee77ca7346

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D6EEAC717014B10223E7A13CD15A184D11302A42A8398EB5C57F0EEE77CA7346"
Last-Modified: Mon, 19 Sep 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1089
Expires: Tue, 20 Sep 2022 12:46:44 GMT
Date: Tue, 20 Sep 2022 12:28:35 GMT
Connection: keep-alive

unseenreport.com/pxf.gif?uuid=a4522509-c2d9-4359-9046-f1d640b678aa&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=a1385457843ed7b58df9deca74af31e9&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=12

192.243.61.225

200 OK

1 B

URL HTTP/1.1
unseenreport.com/pxf.gif?uuid=a4522509-c2d9-4359-9046-f1d640b678aa&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=a1385457843ed7b58df9deca74af31e9&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=12
IP
192.243.61.225:0
ASN
#39572 DataWeb Global Group B.V.

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=a4522509-c2d9-4359-9046-f1d640b678aa&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=a1385457843ed7b58df9deca74af31e9&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=12 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anotepad.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Tue, 20 Sep 2022 12:28:35 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ab341810beccae081f978e95de0a74bf
Strict-Transport-Security: max-age=0; includeSubdomains

unseenreport.com/pxf.gif?uuid=a4522509-c2d9-4359-9046-f1d640b678aa&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=b37d2f9324506eb3d8dc9b0489d7878c&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=12

192.243.61.225

200 OK

1 B

URL HTTP/1.1
unseenreport.com/pxf.gif?uuid=a4522509-c2d9-4359-9046-f1d640b678aa&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=b37d2f9324506eb3d8dc9b0489d7878c&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=12
IP
192.243.61.225:0
ASN
#39572 DataWeb Global Group B.V.

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=a4522509-c2d9-4359-9046-f1d640b678aa&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=b37d2f9324506eb3d8dc9b0489d7878c&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=12 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anotepad.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Tue, 20 Sep 2022 12:28:35 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e065782b7f2d1561cc415bb23f2804e5
Strict-Transport-Security: max-age=0; includeSubdomains

grumblecrytopless.com/sbar.json?key=b37d2f9324506eb3d8dc9b0489d7878c&uuid=a4522509-c2d9-4359-9046-f1d640b678aa%3A1%3A1

192.243.59.13

200 OK

4.2 kB

URL HTTP/1.1
grumblecrytopless.com/sbar.json?key=b37d2f9324506eb3d8dc9b0489d7878c&uuid=a4522509-c2d9-4359-9046-f1d640b678aa%3A1%3A1
IP
192.243.59.13:0
ASN
#39572 DataWeb Global Group B.V.

File type
JSON data\012- , Unicode text, UTF-8 text, with very long lines (6117), with no line terminators
Size
4.2 kB (4152 bytes)
Hash
2e65c664814c8cf7309a73ec5777d18f
d72f23f58a07f8117ef56435a614a04c5fe61809
9eec6ba30c12b68c5dafeca34e5a8fac8a511dbe0f532a6f67bd3fc214063b95

HTTP Headers

GET /sbar.json?key=b37d2f9324506eb3d8dc9b0489d7878c&uuid=a4522509-c2d9-4359-9046-f1d640b678aa%3A1%3A1 HTTP/1.1
Host: grumblecrytopless.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anotepad.com
Connection: keep-alive
Referer: https://anotepad.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Tue, 20 Sep 2022 12:28:35 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://anotepad.com
Access-Control-Allow-Origin: https://anotepad.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=15950569; expires=Wed, 21 Sep 2022 12:28:35 GMT; secure; SameSite=None
uid_id2=a4522509-c2d9-4359-9046-f1d640b678aa:1:1; expires=Tue, 27 Sep 2022 12:28:35 GMT; secure; SameSite=None
pdhtkv=true; expires=Wed, 21 Sep 2022 12:28:35 GMT; secure; SameSite=None
uncs=1; expires=Wed, 21 Sep 2022 12:28:35 GMT; secure; SameSite=None
pdhtkv29=true; expires=Wed, 21 Sep 2022 12:28:35 GMT; secure; SameSite=None
uncs29=1; expires=Wed, 21 Sep 2022 12:28:35 GMT; secure; SameSite=None
slecb37d2f9324506eb3d8dc9b0489d7878c=[3551991]; expires=Tue, 20 Sep 2022 12:28:40 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 10ca6cb0899318693cf1ee62cc1d9d2b
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4e1105390425f83fdb65ce7eb6b827b3
011ad268920717a499b7db9981139547d1d533a9
d838baec01ed3cd9b92c8e8f140504e61ddb531f77b7bec11784853085303637

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D838BAEC01ED3CD9B92C8E8F140504E61DDB531F77B7BEC11784853085303637"
Last-Modified: Tue, 20 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9623
Expires: Tue, 20 Sep 2022 15:08:58 GMT
Date: Tue, 20 Sep 2022 12:28:35 GMT
Connection: keep-alive

grumblecrytopless.com/ren.gif?sid=H4sIAAAAAAAC%2F1SSwWskxRfHq3cDv594WgmCoDIHDy6YSXdPT%2Fe0ewjGmCUYd5ddRW9SXVUzqU1NV1PVPT2ZU3BB9uBhBP%2BAzneSDWpc3JMnF5msCJtTxlMOBvboUQJ6lZkNRh8U71V9X8GnvvU%2B3ylOiYuCnqx8oAdSKbrYrLu1Nz%2FxvGu1dZkW%2FVq%2FFX4aBtdqpvd2HNbdq7Xrgm3qRd%2F1XNdzvdqqNKKt%2B4tTETI7iL167NYDv%2B41A%2FTNf%2Fe2cGCpA947JS9B8sncE2ceko2Rdr9fEXYz19lb73ULRXNt0OP7H6WbqS5TdC%2FKtnHQTvfPu6Ht8epj6HRvhgvd%2B6cxkRPi%2FPIYSbp%2FDomktzvjTBREioS%2FiLI3hlBjSDoG0%2Fcg%2BTEBGMeNm0i7D25oU9Kt5yqdqhMy9%2BcZZDkhc7%2FNI%2B0%2BXFayX7ujVZFLnVr02xVkfwzZGSMrDpEPLkGWh2D5Z5CcIO1WkPzkDRo0fb%2FpxgvM5%2FFC0GjGC7EbhAttj4eBm4RRi9KZMVKOIdtjKDEEtQ6K6ZIOiraDInPQ5Sc15nle5HJG3VbMWINHIgm569Go7VHPDVso2JR9iDwbgqkhmNlGZraxKYcwxU%2BwGxUsd2Bzgh6vUAqC0hKUlKCUBGVOUPaqPa6sb6sHXNki8c6zf54b1UjnnR26p%2FOOSMlOdkquzAw7S37HpjipJY2I%2B%2B244QdNNxRJg7c4ixM3aMU8akUtBisrSHtp9syBnJCX%2F3%2BATE7I3P%2B%2BQkIPYdUhmLwEWrwGWo4i3wXdGAUtF4P0gKY6Fxnldaa74LpCls8h33J21Cl5ZcYR%2Bn9BsKOlp8%2BuP5wfPAMzFTJT4a58QtBR90e3dUl2b%2BvSkkc3s1x25YBOP%2FVOTnNx%2BZv3xVapDV9bscOv32FTYVoefChsvk5TLtOOJd8uS86FWdWGCfLjmv1YJLcKu7FcmLTI1m%2B9u7rWzYywVup0DCqP7RdgckJeoHo2ra%2Fe%2FQHSjGGKCt3iiJwHpD4Ey7Zhswt6qy%2FDqIueJHNQFtXI%2BMnFoZIT4p89hRJHS9%2F9gZ%2BvqCFoUsGKf128qHfsfXTM66D5vdmg9kyFnqpA1RC2uDzKM3O09GtjFkiUM0qUcXYTZdSXz%2B218qQWNRouDeOmF0VUREngt9qhxyn1g9APQ9pAbifs6qOzvwEAAP%2F%2FAQAA%2F%2F9m72klfAQAAA%3D%3D

192.243.59.13

200 OK

7 B

URL HTTP/1.1
grumblecrytopless.com/ren.gif?sid=H4sIAAAAAAAC%2F1SSwWskxRfHq3cDv594WgmCoDIHDy6YSXdPT%2Fe0ewjGmCUYd5ddRW9SXVUzqU1NV1PVPT2ZU3BB9uBhBP%2BAzneSDWpc3JMnF5msCJtTxlMOBvboUQJ6lZkNRh8U71V9X8GnvvU%2B3ylOiYuCnqx8oAdSKbrYrLu1Nz%2FxvGu1dZkW%2FVq%2FFX4aBtdqpvd2HNbdq7Xrgm3qRd%2F1XNdzvdqqNKKt%2B4tTETI7iL167NYDv%2B41A%2FTNf%2Fe2cGCpA947JS9B8sncE2ceko2Rdr9fEXYz19lb73ULRXNt0OP7H6WbqS5TdC%2FKtnHQTvfPu6Ht8epj6HRvhgvd%2B6cxkRPi%2FPIYSbp%2FDomktzvjTBREioS%2FiLI3hlBjSDoG0%2Fcg%2BTEBGMeNm0i7D25oU9Kt5yqdqhMy9%2BcZZDkhc7%2FNI%2B0%2BXFayX7ujVZFLnVr02xVkfwzZGSMrDpEPLkGWh2D5Z5CcIO1WkPzkDRo0fb%2FpxgvM5%2FFC0GjGC7EbhAttj4eBm4RRi9KZMVKOIdtjKDEEtQ6K6ZIOiraDInPQ5Sc15nle5HJG3VbMWINHIgm569Go7VHPDVso2JR9iDwbgqkhmNlGZraxKYcwxU%2BwGxUsd2Bzgh6vUAqC0hKUlKCUBGVOUPaqPa6sb6sHXNki8c6zf54b1UjnnR26p%2FOOSMlOdkquzAw7S37HpjipJY2I%2B%2B244QdNNxRJg7c4ixM3aMU8akUtBisrSHtp9syBnJCX%2F3%2BATE7I3P%2B%2BQkIPYdUhmLwEWrwGWo4i3wXdGAUtF4P0gKY6Fxnldaa74LpCls8h33J21Cl5ZcYR%2Bn9BsKOlp8%2BuP5wfPAMzFTJT4a58QtBR90e3dUl2b%2BvSkkc3s1x25YBOP%2FVOTnNx%2BZv3xVapDV9bscOv32FTYVoefChsvk5TLtOOJd8uS86FWdWGCfLjmv1YJLcKu7FcmLTI1m%2B9u7rWzYywVup0DCqP7RdgckJeoHo2ra%2Fe%2FQHSjGGKCt3iiJwHpD4Ey7Zhswt6qy%2FDqIueJHNQFtXI%2BMnFoZIT4p89hRJHS9%2F9gZ%2BvqCFoUsGKf128qHfsfXTM66D5vdmg9kyFnqpA1RC2uDzKM3O09GtjFkiUM0qUcXYTZdSXz%2B218qQWNRouDeOmF0VUREngt9qhxyn1g9APQ9pAbifs6qOzvwEAAP%2F%2FAQAA%2F%2F9m72klfAQAAA%3D%3D
IP
192.243.59.13:0
ASN
#39572 DataWeb Global Group B.V.

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

HTTP Headers

GET /ren.gif?sid=H4sIAAAAAAAC%2F1SSwWskxRfHq3cDv594WgmCoDIHDy6YSXdPT%2Fe0ewjGmCUYd5ddRW9SXVUzqU1NV1PVPT2ZU3BB9uBhBP%2BAzneSDWpc3JMnF5msCJtTxlMOBvboUQJ6lZkNRh8U71V9X8GnvvU%2B3ylOiYuCnqx8oAdSKbrYrLu1Nz%2FxvGu1dZkW%2FVq%2FFX4aBtdqpvd2HNbdq7Xrgm3qRd%2F1XNdzvdqqNKKt%2B4tTETI7iL167NYDv%2B41A%2FTNf%2Fe2cGCpA947JS9B8sncE2ceko2Rdr9fEXYz19lb73ULRXNt0OP7H6WbqS5TdC%2FKtnHQTvfPu6Ht8epj6HRvhgvd%2B6cxkRPi%2FPIYSbp%2FDomktzvjTBREioS%2FiLI3hlBjSDoG0%2Fcg%2BTEBGMeNm0i7D25oU9Kt5yqdqhMy9%2BcZZDkhc7%2FNI%2B0%2BXFayX7ujVZFLnVr02xVkfwzZGSMrDpEPLkGWh2D5Z5CcIO1WkPzkDRo0fb%2FpxgvM5%2FFC0GjGC7EbhAttj4eBm4RRi9KZMVKOIdtjKDEEtQ6K6ZIOiraDInPQ5Sc15nle5HJG3VbMWINHIgm569Go7VHPDVso2JR9iDwbgqkhmNlGZraxKYcwxU%2BwGxUsd2Bzgh6vUAqC0hKUlKCUBGVOUPaqPa6sb6sHXNki8c6zf54b1UjnnR26p%2FOOSMlOdkquzAw7S37HpjipJY2I%2B%2B244QdNNxRJg7c4ixM3aMU8akUtBisrSHtp9syBnJCX%2F3%2BATE7I3P%2B%2BQkIPYdUhmLwEWrwGWo4i3wXdGAUtF4P0gKY6Fxnldaa74LpCls8h33J21Cl5ZcYR%2Bn9BsKOlp8%2BuP5wfPAMzFTJT4a58QtBR90e3dUl2b%2BvSkkc3s1x25YBOP%2FVOTnNx%2BZv3xVapDV9bscOv32FTYVoefChsvk5TLtOOJd8uS86FWdWGCfLjmv1YJLcKu7FcmLTI1m%2B9u7rWzYywVup0DCqP7RdgckJeoHo2ra%2Fe%2FQHSjGGKCt3iiJwHpD4Ey7Zhswt6qy%2FDqIueJHNQFtXI%2BMnFoZIT4p89hRJHS9%2F9gZ%2BvqCFoUsGKf128qHfsfXTM66D5vdmg9kyFnqpA1RC2uDzKM3O09GtjFkiUM0qUcXYTZdSXz%2B218qQWNRouDeOmF0VUREngt9qhxyn1g9APQ9pAbifs6qOzvwEAAP%2F%2FAQAA%2F%2F9m72klfAQAAA%3D%3D HTTP/1.1
Host: grumblecrytopless.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anotepad.com/
Cookie: u_pl=15950569; uid_id2=a4522509-c2d9-4359-9046-f1d640b678aa:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecb37d2f9324506eb3d8dc9b0489d7878c=[3551991]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Tue, 20 Sep 2022 12:28:35 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 2a9f979c3c8f5ea15e97abf3b63a7cb3
Strict-Transport-Security: max-age=0; includeSubdomains

e1.o.lencr.org/

23.36.77.32

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
a72130ae7c499a48ceed4d717ba04279
686cf6c69ee0bc3b20f334e1f40162b0a348ece2
18117375cc72fba620f3e53df7f99a61ab02c4adf834566eb46d63be66f1ca54

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "18117375CC72FBA620F3E53DF7F99A61AB02C4ADF834566EB46D63BE66F1CA54"
Last-Modified: Mon, 19 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7308
Expires: Tue, 20 Sep 2022 14:30:23 GMT
Date: Tue, 20 Sep 2022 12:28:35 GMT
Connection: keep-alive

e1.o.lencr.org/

23.36.77.32

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
a72130ae7c499a48ceed4d717ba04279
686cf6c69ee0bc3b20f334e1f40162b0a348ece2
18117375cc72fba620f3e53df7f99a61ab02c4adf834566eb46d63be66f1ca54

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "18117375CC72FBA620F3E53DF7F99A61AB02C4ADF834566EB46D63BE66F1CA54"
Last-Modified: Mon, 19 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7308
Expires: Tue, 20 Sep 2022 14:30:23 GMT
Date: Tue, 20 Sep 2022 12:28:35 GMT
Connection: keep-alive

grumblecrytopless.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2Fb6%2Fcf%2F48%2Fb6cf48ca3e8ab4bdbcfaa2279b0fb2bc%2F1613726822.html&l=1274&fd=187

192.243.59.13

200 OK

0 B

URL HTTP/1.1
grumblecrytopless.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2Fb6%2Fcf%2F48%2Fb6cf48ca3e8ab4bdbcfaa2279b0fb2bc%2F1613726822.html&l=1274&fd=187
IP
192.243.59.13:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2Fb6%2Fcf%2F48%2Fb6cf48ca3e8ab4bdbcfaa2279b0fb2bc%2F1613726822.html&l=1274&fd=187 HTTP/1.1
Host: grumblecrytopless.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anotepad.com/
Cookie: u_pl=15950569; uid_id2=a4522509-c2d9-4359-9046-f1d640b678aa:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecb37d2f9324506eb3d8dc9b0489d7878c=[3551991]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Tue, 20 Sep 2022 12:28:35 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

cdn.sb4you1.com/sb/ssp/utility/social-media/facebook/img/close.svg

172.64.200.2

200 OK

930 B

URL HTTP/2
cdn.sb4you1.com/sb/ssp/utility/social-media/facebook/img/close.svg
IP
172.64.200.2:0
ASN
#13335 CLOUDFLARENET

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
930 B (930 bytes)
Hash
b52cd36802689df4b494eb105d335c36
5dc306bfef201392c1a9bbcf34bd1a8cff037618
a84b306f72f1076fbab9c8314de0b5e9f653a90151650b3fdf70cf343ae7b1a7

HTTP Headers

GET /sb/ssp/utility/social-media/facebook/img/close.svg HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 20 Sep 2022 12:28:35 GMT
content-type: image/svg+xml
last-modified: Thu, 11 Feb 2021 15:13:59 GMT
etag: W/"602549b7-52a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 4155862
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v%2FUj5n%2BnkggJzUFiky8q%2FIFxPiBKFrHPO8R%2B7%2FcGWhqL8PcVWnxo7GPa92n6gAYPqrGLbrnPpNfPCrnTJsWJ0DVTP8tRrLBS8OeKfXmlcjI6vgAL7L%2F0SFAGMq7vRo7IWAc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74da8fd49de575b1-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e9645643e1a43d77b51841592522035e
f68948762b7c3e69fab5f71bf690f77b6cd76155
aa340c2215536bc9f307bd8c245f43b792f19dd5ee4b528621054ea8bcac9ca3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AA340C2215536BC9F307BD8C245F43B792F19DD5EE4B528621054EA8BCAC9CA3"
Last-Modified: Sun, 18 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19243
Expires: Tue, 20 Sep 2022 17:49:19 GMT
Date: Tue, 20 Sep 2022 12:28:36 GMT
Connection: keep-alive

cdn.sb4you1.com/sb/ssp/utility/social-media/facebook/css/style.css

172.64.200.2

200 OK

1.5 kB

URL HTTP/2
cdn.sb4you1.com/sb/ssp/utility/social-media/facebook/css/style.css
IP
172.64.200.2:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
1.5 kB (1482 bytes)
Hash
908dce303e802b45f99455bfa3c26ef2
2f064693d34a6eac3903455fc3de8477c4554e40
60eed66130c70fbeb214c6ab5a7f747cfaaad001a5f10d33d3da7d57f70d6f98

HTTP Headers

GET /sb/ssp/utility/social-media/facebook/css/style.css HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anotepad.com
Connection: keep-alive
Referer: https://anotepad.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 20 Sep 2022 12:28:35 GMT
content-type: text/css
last-modified: Fri, 27 Aug 2021 12:19:14 GMT
etag: W/"6128d842-18be"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 10285
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mJ40yUWdEVMkPI4NSGMXI3RvagykCTRduLEa0hbazuxVjaIwC564gufGVXGb2gOLq50ETZpXLg%2FwAZq%2BURoVXPvvKZinyKxp0C6ZoS5%2BW1eQ8ZhKYmZnxodFwbxT2HM1dMA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74da8fd46d9875b1-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.cloudimagesb.com/si/5d/16/8b/5d168b4c2466b189729f9f9e72ff9e4a/1658144882.jpg

45.133.44.10

200 OK

11 kB

URL HTTP/2
cdn.cloudimagesb.com/si/5d/16/8b/5d168b4c2466b189729f9f9e72ff9e4a/1658144882.jpg
IP
45.133.44.10:0
ASN
#39572 DataWeb Global Group B.V.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\012- data
Size
11 kB (11151 bytes)
Hash
62eb9d272cfc03bdc42f5abd423d2dcd
8436ae8ad0ac45946b1bf0fe5768cd868cd8c6a2
0a52e8bbbbe749849d27811ef7404a6623f8908ca7d00f902fc927dab7b828a2

HTTP Headers

GET /si/5d/16/8b/5d168b4c2466b189729f9f9e72ff9e4a/1658144882.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 20 Sep 2022 12:28:36 GMT
content-type: image/jpeg
content-length: 11151
server: nginx/1.17.6
last-modified: Mon, 18 Jul 2022 11:48:10 GMT
etag: "62d5487a-2b8f"
expires: Thu, 22 Sep 2022 12:28:36 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn.barscreative1.com/sb/au/b6/cf/48/b6cf48ca3e8ab4bdbcfaa2279b0fb2bc/1613726822.html

45.133.44.4

200 OK

746 B

URL HTTP/2
cdn.barscreative1.com/sb/au/b6/cf/48/b6cf48ca3e8ab4bdbcfaa2279b0fb2bc/1613726822.html
IP
45.133.44.4:0
ASN
#39572 DataWeb Global Group B.V.

File type
data
Size
746 B (746 bytes)
Hash
e50a35b3213e4e8e2f01090c8a73aeed
47f9cbbaa0c6501c987c7ee22570db1b527bb41f
a352f512723c75e0b3e5d97f8026bdf888591ab3dd336421447e36b58b51accc

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /sb/au/b6/cf/48/b6cf48ca3e8ab4bdbcfaa2279b0fb2bc/1613726822.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anotepad.com
Connection: keep-alive
Referer: https://anotepad.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 20 Sep 2022 12:28:35 GMT
content-type: text/html; charset=utf-8
server: nginx/1.17.6
last-modified: Fri, 19 Feb 2021 09:27:09 GMT
etag: W/"602f846d-4fa"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Tue, 20 Sep 2022 13:28:35 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2

cdn.sb4you1.com/sb/ssp/utility/social-media/facebook/css/animate.css

172.64.200.2

200 OK

4.8 kB

URL HTTP/2
cdn.sb4you1.com/sb/ssp/utility/social-media/facebook/css/animate.css
IP
172.64.200.2:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
4.8 kB (4815 bytes)
Hash
21eb7a65c17a2c22ba104a7ecbf1dc0f
ea8c53be54889c7489aed04e30e3eb83af64dec9
090bd9ceb9a58da038e5ed4a39dfbb63ece49ed4f4f0656ce35f7faa41a3b237

HTTP Headers

GET /sb/ssp/utility/social-media/facebook/css/animate.css HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anotepad.com
Connection: keep-alive
Referer: https://anotepad.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 20 Sep 2022 12:28:35 GMT
content-type: text/css
last-modified: Sat, 20 Feb 2021 08:44:40 GMT
etag: W/"6030cbf8-1358d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 110014
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mB2nTOcsiLVAqUDFHP0FmkGzyWBZvq0%2FE3lDiKAPIpLOyOjczZXrmWlQkEtIuJMXbvVUWopYNSXbAah3OGhc%2Fn%2Bpo7hmA7ZBmECe8ggZvrkx9HD8cNbMnYc7iim%2B6hE9f7E%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74da8fd46d9675b1-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

142.250.74.163

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Size
16 kB (15860 bytes)
Hash
e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://anotepad.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Sep 2022 19:34:08 GMT
expires: Thu, 14 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 492868
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

142.250.74.163

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://anotepad.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Sep 2022 19:34:08 GMT
expires: Thu, 14 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 492868
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

grumblecrytopless.com/impr.gif?sid=H4sIAAAAAAAC%2F1SSz2skxRvGq3cD3694WgmCoDIHDy6YSXdPzy%2F3EIwxSzDuLruK3qR%2B9aQ2NV1NVff0ZE7BBdmDhxH8AzrPJBvUuLgnTy4yWRE2p4ynHAzs0aME9CozG4y%2B0Lxv1%2FMWfOp538938lPiI6cnKx%2BYgdKaLtarfuXNT4LgWmVdJXm%2F0m81Pm1E1yq293a7UfWvVq5LvmkWQz%2Fw%2FcAPKqvKytj0F6ciVHrQDqptvxqF1aAeoW%2F%2F%2B%2B9yD456EL1T8hKUmMw98eah%2BBhJ9%2FsV6TYzk771XjfXNDMWPbH%2FUbKZmCJB96KMrYc42T%2FvhnHHq49hkr0ZLkzvn0amJsT75TFYsn8OCdbbnXEyDZmAiRdR9MaQegxFx%2BDmHpQ4JgAXuHETSffBDWMLuvVcpVN1Qub%2BPIMqJmTut3kk3YfLWvUrd4zOM2USh35cQvXHUJ0x0vwQ2eASVHEInn0GJQiSbgklTt6gUT0M6357gYeivRDV6u2Fth81FuJANCKfNZotSmfGKDWGisfQcgjqPOTTT3nIYw956qErTio8CIKmLzj1W23Oa6IpWUP4AW3GAQ38Rgs5n7IPkaVDcD0Et9tI7TY21RA2%2Fwluo4QTHlxG0BMlCklQOIKCEhSKoMgIil65J7QLXflAaJez4DyH57lWjkzW2aF7JuvIhOykp%2BTKzLAz9js25UmF1ZoijNu1MKr7DclqoiV4m%2FlRqy2arWaLw6kSyl2aPXOgJuTl%2Fx8gVRMy97%2BvwOghnD4EV5dA89dAi1Ez9EE3RlHLxyA5oInJZEpFlZsuhCmRZnPItrwdfUpemXE0wr8g%2BdHS02fXH84PnoHbEqktcVc9Iejo%2B6PbpiC7t03hyKObaaa6akCnQ72T0Uxe%2FuZ9uVUYK9ZW3PDrd%2FhUmJYHH0qXrdNEqKTjyLfLSghpV43lkvy45j6W7FbuNpZzm%2BTp%2Bq13V9e6qZXOKZOMQdWx%2BwJcTcgL1My29dW7P0DZMWxeopsfkfOAMofg6TZcekHvzGVYfdHDUg9FXo5syC4OtZqQ8OwptDxa%2Bu4P%2FHxFD0FZCSf%2FdfGi3nH30bGvg2b3ZovasyV6ugTVQ7j88ihL7dHSr7VZgGlvxLT1dpm2%2Bsvn9jp1Uqn5oslkLJtMRvUollywep35PObTkbc4MjfhVx%2Bd%2FQ0AAP%2F%2FAQAA%2F%2F%2FmO7zNfAQAAA%3D%3D

192.243.59.13

200 OK

7 B

URL HTTP/1.1
grumblecrytopless.com/impr.gif?sid=H4sIAAAAAAAC%2F1SSz2skxRvGq3cD3694WgmCoDIHDy6YSXdPzy%2F3EIwxSzDuLruK3qR%2B9aQ2NV1NVff0ZE7BBdmDhxH8AzrPJBvUuLgnTy4yWRE2p4ynHAzs0aME9CozG4y%2B0Lxv1%2FMWfOp538938lPiI6cnKx%2BYgdKaLtarfuXNT4LgWmVdJXm%2F0m81Pm1E1yq293a7UfWvVq5LvmkWQz%2Fw%2FcAPKqvKytj0F6ciVHrQDqptvxqF1aAeoW%2F%2F%2B%2B9yD456EL1T8hKUmMw98eah%2BBhJ9%2FsV6TYzk771XjfXNDMWPbH%2FUbKZmCJB96KMrYc42T%2FvhnHHq49hkr0ZLkzvn0amJsT75TFYsn8OCdbbnXEyDZmAiRdR9MaQegxFx%2BDmHpQ4JgAXuHETSffBDWMLuvVcpVN1Qub%2BPIMqJmTut3kk3YfLWvUrd4zOM2USh35cQvXHUJ0x0vwQ2eASVHEInn0GJQiSbgklTt6gUT0M6357gYeivRDV6u2Fth81FuJANCKfNZotSmfGKDWGisfQcgjqPOTTT3nIYw956qErTio8CIKmLzj1W23Oa6IpWUP4AW3GAQ38Rgs5n7IPkaVDcD0Et9tI7TY21RA2%2Fwluo4QTHlxG0BMlCklQOIKCEhSKoMgIil65J7QLXflAaJez4DyH57lWjkzW2aF7JuvIhOykp%2BTKzLAz9js25UmF1ZoijNu1MKr7DclqoiV4m%2FlRqy2arWaLw6kSyl2aPXOgJuTl%2Fx8gVRMy97%2BvwOghnD4EV5dA89dAi1Ez9EE3RlHLxyA5oInJZEpFlZsuhCmRZnPItrwdfUpemXE0wr8g%2BdHS02fXH84PnoHbEqktcVc9Iejo%2B6PbpiC7t03hyKObaaa6akCnQ72T0Uxe%2FuZ9uVUYK9ZW3PDrd%2FhUmJYHH0qXrdNEqKTjyLfLSghpV43lkvy45j6W7FbuNpZzm%2BTp%2Bq13V9e6qZXOKZOMQdWx%2BwJcTcgL1My29dW7P0DZMWxeopsfkfOAMofg6TZcekHvzGVYfdHDUg9FXo5syC4OtZqQ8OwptDxa%2Bu4P%2FHxFD0FZCSf%2FdfGi3nH30bGvg2b3ZovasyV6ugTVQ7j88ihL7dHSr7VZgGlvxLT1dpm2%2Bsvn9jp1Uqn5oslkLJtMRvUollywep35PObTkbc4MjfhVx%2Bd%2FQ0AAP%2F%2FAQAA%2F%2F%2FmO7zNfAQAAA%3D%3D
IP
192.243.59.13:0
ASN
#39572 DataWeb Global Group B.V.

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

HTTP Headers

GET /impr.gif?sid=H4sIAAAAAAAC%2F1SSz2skxRvGq3cD3694WgmCoDIHDy6YSXdPzy%2F3EIwxSzDuLruK3qR%2B9aQ2NV1NVff0ZE7BBdmDhxH8AzrPJBvUuLgnTy4yWRE2p4ynHAzs0aME9CozG4y%2B0Lxv1%2FMWfOp538938lPiI6cnKx%2BYgdKaLtarfuXNT4LgWmVdJXm%2F0m81Pm1E1yq293a7UfWvVq5LvmkWQz%2Fw%2FcAPKqvKytj0F6ciVHrQDqptvxqF1aAeoW%2F%2F%2B%2B9yD456EL1T8hKUmMw98eah%2BBhJ9%2FsV6TYzk771XjfXNDMWPbH%2FUbKZmCJB96KMrYc42T%2FvhnHHq49hkr0ZLkzvn0amJsT75TFYsn8OCdbbnXEyDZmAiRdR9MaQegxFx%2BDmHpQ4JgAXuHETSffBDWMLuvVcpVN1Qub%2BPIMqJmTut3kk3YfLWvUrd4zOM2USh35cQvXHUJ0x0vwQ2eASVHEInn0GJQiSbgklTt6gUT0M6357gYeivRDV6u2Fth81FuJANCKfNZotSmfGKDWGisfQcgjqPOTTT3nIYw956qErTio8CIKmLzj1W23Oa6IpWUP4AW3GAQ38Rgs5n7IPkaVDcD0Et9tI7TY21RA2%2Fwluo4QTHlxG0BMlCklQOIKCEhSKoMgIil65J7QLXflAaJez4DyH57lWjkzW2aF7JuvIhOykp%2BTKzLAz9js25UmF1ZoijNu1MKr7DclqoiV4m%2FlRqy2arWaLw6kSyl2aPXOgJuTl%2Fx8gVRMy97%2BvwOghnD4EV5dA89dAi1Ez9EE3RlHLxyA5oInJZEpFlZsuhCmRZnPItrwdfUpemXE0wr8g%2BdHS02fXH84PnoHbEqktcVc9Iejo%2B6PbpiC7t03hyKObaaa6akCnQ72T0Uxe%2FuZ9uVUYK9ZW3PDrd%2FhUmJYHH0qXrdNEqKTjyLfLSghpV43lkvy45j6W7FbuNpZzm%2BTp%2Bq13V9e6qZXOKZOMQdWx%2BwJcTcgL1My29dW7P0DZMWxeopsfkfOAMofg6TZcekHvzGVYfdHDUg9FXo5syC4OtZqQ8OwptDxa%2Bu4P%2FHxFD0FZCSf%2FdfGi3nH30bGvg2b3ZovasyV6ugTVQ7j88ihL7dHSr7VZgGlvxLT1dpm2%2Bsvn9jp1Uqn5oslkLJtMRvUollywep35PObTkbc4MjfhVx%2Bd%2FQ0AAP%2F%2FAQAA%2F%2F%2FmO7zNfAQAAA%3D%3D HTTP/1.1
Host: grumblecrytopless.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anotepad.com/
Cookie: u_pl=15950569; uid_id2=a4522509-c2d9-4359-9046-f1d640b678aa:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecb37d2f9324506eb3d8dc9b0489d7878c=[3551991]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Tue, 20 Sep 2022 12:28:36 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 38cd665bcac21eeb099d868d9905ade1
Strict-Transport-Security: max-age=0; includeSubdomains

grumblecrytopless.com/pixel/sbs?c=1

192.243.59.13

200 OK

0 B

URL HTTP/1.1
grumblecrytopless.com/pixel/sbs?c=1
IP
192.243.59.13:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /pixel/sbs?c=1 HTTP/1.1
Host: grumblecrytopless.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anotepad.com/
Cookie: u_pl=15950569; uid_id2=a4522509-c2d9-4359-9046-f1d640b678aa:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecb37d2f9324506eb3d8dc9b0489d7878c=[3551991]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Tue, 20 Sep 2022 12:28:36 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

addresseepaper.com/sfp.js

172.64.132.22

200 OK

0 B

URL HTTP/2
addresseepaper.com/sfp.js
IP
172.64.132.22:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sfp.js HTTP/1.1
Host: addresseepaper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anotepad.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 20 Sep 2022 12:28:33 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 1632acf398258db24b2ad627eb73a201
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Tue, 20 Sep 2022 12:28:33 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dT9nhQQh1Ch7An2EgFLfsnYOEjxvLJz1ZIj20JPY3QGWwrrf%2F%2F570lRrGKY08YBYmX%2B%2B57HRwGtcKxmq88KZ4O4kzxCt%2FA6%2FlOMxmh1eOO%2F3K3DvxrdP%2BcBZa0XCKpQ%2Bb3RAGJk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74da8fc5092688ad-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

creepingbrings.com/sfp.js

172.64.105.16

200 OK

0 B

URL HTTP/2
creepingbrings.com/sfp.js
IP
172.64.105.16:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sfp.js HTTP/1.1
Host: creepingbrings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anotepad.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 20 Sep 2022 12:28:34 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: c7c425c1f08f7c4d539b9ce88c8dd0c1
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Tue, 20 Sep 2022 12:28:34 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tn5TB%2Fz36V6HRKn3QQ0or33ot2kW%2FrIMWknkEk6ExXEaohWJqZZCPfyxC2a0RVKJTnTolx3DOgPnpNGsxN7LyV6vnqfw25Zeu4e99pWs1iz61PDf1JI9YdROf8CKLGg8J%2F9FiPA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74da8fca6b1974d9-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.anotepad.com/bundles/site-js?v=4JJ_WrZ4oNYh261zftqULRw8l8nIXYjyZV-KxGfEAxE1

143.204.55.18

200 OK

0 B

URL HTTP/2
cdn.anotepad.com/bundles/site-js?v=4JJ_WrZ4oNYh261zftqULRw8l8nIXYjyZV-KxGfEAxE1
IP
143.204.55.18:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /bundles/site-js?v=4JJ_WrZ4oNYh261zftqULRw8l8nIXYjyZV-KxGfEAxE1 HTTP/1.1
Host: cdn.anotepad.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anotepad.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
cache-control: public
expires: Thu, 14 Sep 2023 06:10:39 GMT
last-modified: Wed, 14 Sep 2022 06:10:39 GMT
server: Microsoft-IIS/8.5
x-frame-options: SAMEORIGIN
date: Wed, 14 Sep 2022 06:10:38 GMT
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 5kCQyY4TxBuvwoq-wxh5KY5pD_FSydGsOItWNjBQKSNnkO1HqIGUIA==
age: 541076
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Lato:wght@700&display=swap

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css2?family=Lato:wght@700&display=swap
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css2?family=Lato:wght@700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.anotepad.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 20 Sep 2022 12:28:32 GMT
date: Tue, 20 Sep 2022 12:28:32 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (21)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP