firefox.settings.services.mozilla.com/v1/
143.204.55.115200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 91dd975a7b17b2922dd23c0e49314e40
57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 20 Sep 2022 12:01:52 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: E53REy4B8EkOoakem_LB_vF-CCd4CleoacoqzwZQC0aSmfbAdS-3dw==
Age: 1599
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 861cfa99de956423d917ed0ddbea4b9c
ad65dbc394b48b04a45c205f56af296c8d008db4
5c706b2718b1698995f4feb91223779aef4bf6dc967c31f9ef9a93873197d5f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5C706B2718B1698995F4FEB91223779AEF4BF6DC967C31F9EF9A93873197D5F9"
Last-Modified: Sun, 18 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8408
Expires: Tue, 20 Sep 2022 14:48:39 GMT
Date: Tue, 20 Sep 2022 12:28:31 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.25200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.25:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 20 Sep 2022 04:35:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 8f443xY-x7ylvf0OX7BooODEtGrF0K2uG-kkTZk7nIxOfeuHCdemyg==
age: 28398
X-Firefox-Spdy: h2
anotepad.com/notes/qaixq2hs
207.244.104.157301 Moved Permanently 158 B URL HTTP/1.1 anotepad.com/notes/qaixq2hs
IP 207.244.104.157:0
ASN #30633 LEASEWEB-USA-WDC
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash c056e42f7d24f00e25f7747a20d9b1de
28dacf85dc772717772984c77f6f43aefa87dd3f
0973b6a053c2b6a48aba22ac5cbda34da7dd87a0db5b225dfd99110fe241ec9b
GET /notes/qaixq2hs HTTP/1.1
Host: anotepad.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
Location: https://anotepad.com/notes/qaixq2hs
Server: Microsoft-IIS/8.5
X-Frame-Options: SAMEORIGIN
Date: Tue, 20 Sep 2022 12:28:32 GMT
Content-Length: 158
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 12:28:31 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.115200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Tue, 20 Sep 2022 12:03:22 GMT
Cache-Control: max-age=3600
Expires: Tue, 20 Sep 2022 12:55:15 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: iqQawW9qUnFGCAT46ApzKcPj24ZvAQOstndkAcGsHALX2GYTkfp3IA==
Age: 1510
anotepad.com/notes/qaixq2hs
207.244.104.157200 OK 6.0 kB URL HTTP/1.1 anotepad.com/notes/qaixq2hs
IP 207.244.104.157:0
ASN #30633 LEASEWEB-USA-WDC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2895), with CRLF, LF line terminators
Hash 1b336eb508546194aea54898a0f58a3d
a4abd60680426c8d16aeabac9c5038f708171547
ff38ec1561081150fd1cb86703d0ccd577a1d4cf24bcca6fe9cb8bd783c0e8f9
GET /notes/qaixq2hs HTTP/1.1
Host: anotepad.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Frame-Options: SAMEORIGIN
Date: Tue, 20 Sep 2022 12:28:32 GMT
Content-Length: 5997
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash edf07cd621f733b0eb50c632387ebf4f
61a082d26501c2c8d481b1676d0de2e585269613
e5c4324e4c55824b86f48bf0b9a1d317a82e7d3c19bdea7a91d78ce98d68a980
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6540
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 12:28:32 GMT
Last-Modified: Tue, 20 Sep 2022 10:39:32 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.4.1/css/bootstrap.min.css
104.17.25.14200 OK 16 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.4.1/css/bootstrap.min.css
IP 104.17.25.14:0
File type ASCII text, with very long lines (65369)
Hash d3a47d1d66fc94ed3f89d9e77cd1a122
92b01371dd02a4157abb9cfdfb6c63b9c7a4eee9
3b1897163caeb1738a1bc8d6ec7db9b903b3fc21d91b586714e19fedd46a3d5d
GET /ajax/libs/twitter-bootstrap/3.4.1/css/bootstrap.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anotepad.com
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 20 Sep 2022 12:28:32 GMT
content-type: text/css; charset=utf-8
content-length: 16120
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb04010-1da71"
last-modified: Mon, 04 May 2020 16:17:20 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1018138
expires: Sun, 10 Sep 2023 12:28:32 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HlVihF%2FFk14T%2B05%2F9iyKk3hnjQz5Q9yBnXh6m3d%2BWa0KIZaYoIgFh7tvVgySiIOxiqh2N9gRguLAvKwSMTfTQUZBvc4us9hW7AtFnjz39VybLUy9Y%2BuZiA4FuQbnUpG2jmWsv0W1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74da8fbf0b990af6-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.4.1/js/bootstrap.min.js
104.17.25.14200 OK 9.7 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.4.1/js/bootstrap.min.js
IP 104.17.25.14:0
File type ASCII text, with very long lines (39553)
Hash 6a83a42b86273faf5b5636e7ca26e596
a4fa1db5a05a11de643326e1041f4540f1ca8bc5
e08073d20d6668bc5a0a676b2c51ad8fb5f4293de4f85e71d14dda246f69c12e
GET /ajax/libs/twitter-bootstrap/3.4.1/js/bootstrap.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anotepad.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Sep 2022 12:28:32 GMT
content-type: application/javascript; charset=utf-8
content-length: 9687
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb04010-9b00"
last-modified: Mon, 04 May 2020 16:17:20 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 66638
expires: Sun, 10 Sep 2023 12:28:32 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w5jxpRt%2BMO3IyRDdcnCYnkBaHNvRr4j28B8gvKLSD5%2F6Za3YNWvv6CwIbqRYAho8NKthlgcc00jqslQyN%2F6lsrA3CIv13xHq%2BH9KGuxpZcgp0Ywb7giw1Y082hADp8aD9cFKOgKb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74da8fbf0b9c0af6-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js
104.17.25.14200 OK 30 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js
IP 104.17.25.14:0
File type ASCII text, with very long lines (32077)
Hash 5e4764d3c94d1a1db8c3d0890278b6d1
e5171f2f46e16d32df5f634ba21e47256fa9689c
5077e8927721a6a3ae5d78b456b7041230d627774a0a319beebacc88290b8328
GET /ajax/libs/jquery/1.12.4/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anotepad.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 20 Sep 2022 12:28:32 GMT
content-type: application/javascript; charset=utf-8
content-length: 30360
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-17b8b"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1021066
expires: Sun, 10 Sep 2023 12:28:32 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xJtRcdJlCjfIOED4iK2IZM6Gd2KwHcSQyQzutOzOC%2FQox5DKDM5qtU8scv5YJya4cUrFCE%2BgLj9jhT5TGeyoKud38DTjRlPEIEe5SimSthfGiyji30tL87EPHzKZg8y98KE7I0pW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74da8fbf2baf0af6-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/jqueryui/1.12.1/jquery-ui.min.js
104.17.25.14200 OK 57 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jqueryui/1.12.1/jquery-ui.min.js
IP 104.17.25.14:0
File type ASCII text, with very long lines (32074)
Hash 8486da289409cd85cf8b6fd169c721c4
72d46568b1412639c71f218761c4e637773c4bfc
552f8314a7e6f840ab958f4a71ee38b747deb74634ea9797806f38c95b48c3ef
GET /ajax/libs/jqueryui/1.12.1/jquery-ui.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anotepad.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 20 Sep 2022 12:28:32 GMT
content-type: application/javascript; charset=utf-8
content-length: 57137
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-3dee5"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 9117361
expires: Sun, 10 Sep 2023 12:28:32 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4jaO%2FlPTxYposHGtFAOu7fJRMw8MRZrDtZtJ6to2MmuNAc4denMuC8v14EEhW5eu9eG1zZd8yVPuSAhxBtmie7wtg%2BH5E4XrYJ7kQtZYG8FBSxuaMtcXA3tMfDmMXDVivgGMsdQT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74da8fbf2bac0af6-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 454dea3b87434b94e88a13111cdbfc2e
2bcfa35e79482b8e37cbc9cf1ded738c5e0dd255
d007c1b8be2c4bb6b728f12ea19268a1134f82fb75bf3bc86dae7a3b9d78fb78
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5614
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 12:28:32 GMT
Last-Modified: Tue, 20 Sep 2022 10:54:59 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 280
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 26fcf8aea27805b4a6a29e3e2a4ba19b
f920fd6c5a79a4adb2f456edcee678757ff1602c
7aa63d03f514e4f51190e85f167f747563f980e0e6fdee6cce9393321dff1038
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 12:28:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
44.236.232.139101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.236.232.139:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: O1utY7W7PgUBu4myk2C2zQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: /EtTCsyyxaEQMcSI7zhx+yQG9wA=
www.googletagmanager.com/gtm.js?id=GTM-NQC99C3
142.250.74.72200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-NQC99C3
IP 142.250.74.72:0
File type ASCII text, with very long lines (1720)
Hash 83450e14ffdde5ae33fc2b5596cd979a
0c90c526ba768e8b8df3f4882001b6b52cea521d
303f5b6901e148cee9c95721960f776ec733083ea2ebbf7f229516cf46df7a66
GET /gtm.js?id=GTM-NQC99C3 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anotepad.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 20 Sep 2022 12:28:32 GMT
expires: Tue, 20 Sep 2022 12:28:32 GMT
cache-control: private, max-age=900
last-modified: Tue, 20 Sep 2022 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44458
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash b669f418a60c890e8a53f1f91d4addea
8b40f6280d60b31a2988ee059c9e2454485869dd
b6374c27c6f7c947944c0d38e30b05361a2c4878cfbf68d2747b7da99de3fcb5
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 20 Sep 2022 12:28:32 GMT
Last-Modified: Tue, 20 Sep 2022 11:21:33 GMT
Server: ECS (bsa/EB14)
X-Cache: Miss from cloudfront
Via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: mwfPpbBvR8eCYeDv-ZheDTDUsfpJsXQLXl6hjt0fW16-VCxMIrnBvA==
Age: 4019
cdn.anotepad.com/images/badge_playstore.png
143.204.55.18200 OK 3.7 kB URL HTTP/2 cdn.anotepad.com/images/badge_playstore.png
IP 143.204.55.18:0
File type PNG image data, 270 x 80, 8-bit colormap, non-interlaced\012- data
Hash d4ce4d823f6777f6c4997ad89d50d8fc
3c61260e346bb30109d29009fb90b0625cb1be60
f45f42097ab97da2bd3034f5f7331e2283a38f7147638825cd71912fe8dcbbb6
GET /images/badge_playstore.png HTTP/1.1
Host: cdn.anotepad.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anotepad.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 3709
last-modified: Sun, 12 Jan 2020 18:32:03 GMT
accept-ranges: bytes
server: Microsoft-IIS/8.5
x-frame-options: SAMEORIGIN
cache-control: max-age=604800
date: Sun, 18 Sep 2022 18:15:37 GMT
etag: "bf8eda9576c9d51:0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 1Y_0XEwnI8u87WS1PmdIn2pSyA7k7fn-3if8cE_WY6uvUQGtfAJywA==
age: 151974
X-Firefox-Spdy: h2
cdn.anotepad.com/images/badge_applestore.png
143.204.55.18200 OK 3.1 kB URL HTTP/2 cdn.anotepad.com/images/badge_applestore.png
IP 143.204.55.18:0
File type PNG image data, 239 x 80, 8-bit colormap, non-interlaced\012- data
Hash 4e97ce0a8ea4025ed15e9c19079ca4b6
948efc3776eb186349cf0cec535a82833c56cd6f
7f9164a13476744c911fea7dbab9a2924750f69f82ec1d51d2a09e64638952c0
GET /images/badge_applestore.png HTTP/1.1
Host: cdn.anotepad.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anotepad.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 3050
last-modified: Sun, 12 Jan 2020 18:32:03 GMT
accept-ranges: bytes
server: Microsoft-IIS/8.5
x-frame-options: SAMEORIGIN
date: Tue, 20 Sep 2022 05:27:36 GMT
cache-control: max-age=604800
etag: "82bdb9576c9d51:0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: wLaRXYf3A7I8VjGg-y1UHq_6ayMd6aZXd5Cd6ytFG_X__ukWFsSZuQ==
age: 30328
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash b669f418a60c890e8a53f1f91d4addea
8b40f6280d60b31a2988ee059c9e2454485869dd
b6374c27c6f7c947944c0d38e30b05361a2c4878cfbf68d2747b7da99de3fcb5
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 20 Sep 2022 12:28:32 GMT
Last-Modified: Tue, 20 Sep 2022 11:21:33 GMT
Server: ECS (bsa/EB15)
X-Cache: Miss from cloudfront
Via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: CwFBBX5raqGo5vLIiKfRwK1iiuo_hfo46A8768dOFWXbXn6buHPUdA==
Age: 4019
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash b669f418a60c890e8a53f1f91d4addea
8b40f6280d60b31a2988ee059c9e2454485869dd
b6374c27c6f7c947944c0d38e30b05361a2c4878cfbf68d2747b7da99de3fcb5
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 20 Sep 2022 12:28:32 GMT
Last-Modified: Tue, 20 Sep 2022 11:20:06 GMT
Server: ECS (bsa/EB24)
X-Cache: Miss from cloudfront
Via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: BfIe8X6ZjqYgoWfXNlZKPLjIPSZKXE5YCleXrCLzQrqc-ubq0DArjQ==
Age: 4107
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash b669f418a60c890e8a53f1f91d4addea
8b40f6280d60b31a2988ee059c9e2454485869dd
b6374c27c6f7c947944c0d38e30b05361a2c4878cfbf68d2747b7da99de3fcb5
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 20 Sep 2022 12:28:32 GMT
Last-Modified: Tue, 20 Sep 2022 10:56:06 GMT
Server: ECS (dcb/7EEB)
X-Cache: Miss from cloudfront
Via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: GMRhP4YXeHnrFaWVqy0eTyzQLD8ylO314tHz2i9z-hi3ASLIFFghAA==
Age: 5546
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 26fcf8aea27805b4a6a29e3e2a4ba19b
f920fd6c5a79a4adb2f456edcee678757ff1602c
7aa63d03f514e4f51190e85f167f747563f980e0e6fdee6cce9393321dff1038
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 12:28:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e34f594c2e3b9b6a81e4ae9fef80f363
b7f65f5fb0df328d3c863af6c9351923205645f2
bcedda132b602d90a62a5fbe07e7c37f69cce319fb4b84e1bed40b1200e9898b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 12:28:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.anotepad.com/Images/icons/icon_language_light.png
143.204.55.18200 OK 2.8 kB URL HTTP/2 cdn.anotepad.com/Images/icons/icon_language_light.png
IP 143.204.55.18:0
File type PNG image data, 96 x 96, 8-bit/color RGBA, non-interlaced\012- data
Hash 41246beeea403683c91ce0c8f754bd8c
d89c21eb936491b8ba00b09fd9351813643961cd
84d8eb6af559cc3d679dcbbdc021f2bcd43b699edaf99c7443b0e30c1e65e205
GET /Images/icons/icon_language_light.png HTTP/1.1
Host: cdn.anotepad.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.anotepad.com/bundles/site-css?v=A7BcNioZ7gHnb7Yxnif3W0WdBTQKnRFddLcogYeCxew1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 2752
last-modified: Thu, 16 Dec 2021 08:59:54 GMT
accept-ranges: bytes
server: Microsoft-IIS/8.5
x-frame-options: SAMEORIGIN
cache-control: max-age=604800
date: Tue, 20 Sep 2022 01:53:17 GMT
etag: "061b44a5bf2d71:0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: o0mleS4z7V1KYx3Y5_ABY_VFxKcvRKOz1WArYr1NpwHU_O53WkiqIw==
age: 38116
X-Firefox-Spdy: h2
cdn.anotepad.com/Images/icon_sprites.png?v1
143.204.55.18200 OK 15 kB URL HTTP/2 cdn.anotepad.com/Images/icon_sprites.png?v1
IP 143.204.55.18:0
File type PNG image data, 1824 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash f32de01b6b72a3232f70853b25b9ca75
f97632426ea1e1c9b8031cd67e4c903d3cf94661
f01231a50ecc9c14b80f5f743ed5aeeec39f27867fb70b9b8e79f836f4af078f
GET /Images/icon_sprites.png?v1 HTTP/1.1
Host: cdn.anotepad.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.anotepad.com/bundles/site-css?v=A7BcNioZ7gHnb7Yxnif3W0WdBTQKnRFddLcogYeCxew1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 14982
last-modified: Sat, 13 Nov 2021 20:56:42 GMT
accept-ranges: bytes
server: Microsoft-IIS/8.5
x-frame-options: SAMEORIGIN
cache-control: max-age=604800
date: Thu, 15 Sep 2022 03:33:48 GMT
etag: "47835cf6d0d8d71:0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: JVQcjcHJbG7KQeR2RLL0yxIQn48quEiBxdog-mxjx8O72cACQKrEvA==
age: 464088
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e34f594c2e3b9b6a81e4ae9fef80f363
b7f65f5fb0df328d3c863af6c9351923205645f2
bcedda132b602d90a62a5fbe07e7c37f69cce319fb4b84e1bed40b1200e9898b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 12:28:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4f5180e6651455bc8443945fb5b6860c
01457b8648200c9d274b2790b95274b1dc855aaf
39301cccc2805993f794301cb01a70a954e7c8a8e5d6779acc4888f77d7282c0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 12:28:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
142.250.74.163200 OK 23 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 23040, version 1.0\012- data
Hash de69cf9e514df447d1b0bb16f49d2457
2ac78601179c3a63ba3f3f3081556b12ddcaf655
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
GET /s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://anotepad.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23040
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 13 Sep 2022 17:10:21 GMT
expires: Wed, 13 Sep 2023 17:10:21 GMT
cache-control: public, max-age=31536000
age: 587891
last-modified: Tue, 26 Apr 2022 15:56:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4f5180e6651455bc8443945fb5b6860c
01457b8648200c9d274b2790b95274b1dc855aaf
39301cccc2805993f794301cb01a70a954e7c8a8e5d6779acc4888f77d7282c0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 12:28:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
anotepad.com/note/loadcomment
207.244.104.157200 OK 360 B URL HTTP/1.1 anotepad.com/note/loadcomment
IP 207.244.104.157:0
ASN #30633 LEASEWEB-USA-WDC
File type ASCII text, with CRLF line terminators
Hash 69e62c5f90ce8a3578aae9ea26cb5221
d53f0f16cc1878e6065ef412c63df58e39d47b3a
f185010745652a05abd30200b26d0203cd9b2604646f7f585f9977fcdd214402
POST /note/loadcomment HTTP/1.1
Host: anotepad.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 19
Origin: https://anotepad.com
Connection: keep-alive
Referer: https://anotepad.com/notes/qaixq2hs
Cookie: _ga_6PG3MM86KX=GS1.1.1663676912.1.0.1663676912.0.0.0; _ga=GA1.1.1837355166.1663676913
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Frame-Options: SAMEORIGIN
Date: Tue, 20 Sep 2022 12:28:33 GMT
Content-Length: 360
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 922cf4ad8c18953ba1ce936c7d69fb6c
a7ff29682c9be9e02f08e6ed6809fa85635fdfc8
15a3b7e169f061e8e09c18f7c8fa40e3cd1d735844514d6b47e484a551e9dc83
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "15A3B7E169F061E8E09C18F7C8FA40E3CD1D735844514D6B47E484A551E9DC83"
Last-Modified: Mon, 19 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2253
Expires: Tue, 20 Sep 2022 13:06:06 GMT
Date: Tue, 20 Sep 2022 12:28:33 GMT
Connection: keep-alive
cdn.anotepad.com/favicon-16x16.png
143.204.55.18200 OK 827 B URL HTTP/2 cdn.anotepad.com/favicon-16x16.png
IP 143.204.55.18:0
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash 0469e563461e628f5c7ac9fba30e3134
ce38ece54cf70a32de17b05f2d29f17d95ff5891
25f14abbbf54617b6dc3438702bc5453a81bc841acf24600c40d06b5cdcc3629
GET /favicon-16x16.png HTTP/1.1
Host: cdn.anotepad.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anotepad.com/
Cookie: _ga_6PG3MM86KX=GS1.1.1663676912.1.0.1663676912.0.0.0; _ga=GA1.1.1837355166.1663676913
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 827
last-modified: Sat, 13 Feb 2021 22:46:18 GMT
accept-ranges: bytes
etag: "693427b5a2d71:0"
server: Microsoft-IIS/8.5
x-frame-options: SAMEORIGIN
date: Tue, 20 Sep 2022 02:32:21 GMT
x-cache: Hit from cloudfront
via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 3UTYkRngKFs75nNo7gRBlKIfebmP-_uv0yDwhuoAKaNSiwpVqTknOw==
age: 35773
X-Firefox-Spdy: h2
s7.addthis.com/js/300/addthis_widget.js
23.38.200.123200 OK 116 kB URL HTTP/2 s7.addthis.com/js/300/addthis_widget.js
IP 23.38.200.123:0
File type ASCII text, with very long lines (54602)
Size 116 kB (116360 bytes)
Hash b87cd33d44e99d7bb4fa59f97915a154
429b6461bab5189d6987d39713c3405223c461b8
9ad12a8b1ed82ccdfc74eebce578bd8f146b04ba08476f8a9a237e346f1772b2
GET /js/300/addthis_widget.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anotepad.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/javascript
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-5834c"
cache-control: public, max-age=600
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 116360
date: Tue, 20 Sep 2022 12:28:33 GMT
vary: Accept-Encoding
x-distribution: 99
x-host: s7.addthis.com
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 56f5d7f608e25d64207135f045f988cb
901eb59372ae330ae85e1384da93479b21ae1082
1910daea79e5a9d04829a91e432dfa56f45a80a3e14a8cf667fec73af9fd3d29
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anotepad.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20006
date: Tue, 20 Sep 2022 10:41:12 GMT
expires: Tue, 20 Sep 2022 12:41:12 GMT
cache-control: public, max-age=7200
age: 6441
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pl16023739.revenuenetworkcpm.com/a1/38/54/a1385457843ed7b58df9deca74af31e9.js
192.243.59.12200 OK 17 kB URL HTTP/1.1 pl16023739.revenuenetworkcpm.com/a1/38/54/a1385457843ed7b58df9deca74af31e9.js
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (53726), with no line terminators
Hash ceaee3f35d86c8b3828d936ff35d4564
91867b173dd9ce6fcdf8aeee04a54b371a2e4f7a
242379ac2b1314c871f083462ee25aea2a6a96fc1e4035fe4b3bda82cf263cf4
GET /a1/38/54/a1385457843ed7b58df9deca74af31e9.js HTTP/1.1
Host: pl16023739.revenuenetworkcpm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anotepad.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Tue, 20 Sep 2022 12:28:33 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: abffd98fcfbc07ec1ca924891ec01d0f
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
z.moatads.com/addthismoatframe568911941483/moatframe.js
23.38.201.146200 OK 948 B URL HTTP/2 z.moatads.com/addthismoatframe568911941483/moatframe.js
IP 23.38.201.146:0
File type ASCII text, with very long lines (523)
Hash f14b4e1f799b14f798a195f43cf58376
b6fd3b3d407fb4c0a00fb8a31862235e2a6e0a86
92ed3e9fda5fa4d738ff4d9023846b56633617363dda6a750cacb4fba53241ac
GET /addthismoatframe568911941483/moatframe.js HTTP/1.1
Host: z.moatads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anotepad.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: e0HboiVQpjIDEK8WTxqU5+8G8wOtu9bNCFY72alTHLP0/Yb+qoiTOxu6fad89ebRofzHxENxOOg=
x-amz-request-id: 61EC92F13BB22DD4
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
etag: "f14b4e1f799b14f798a195f43cf58376"
content-encoding: gzip
accept-ranges: bytes
content-type: application/x-javascript
content-length: 948
server: AmazonS3
vary: Accept-Encoding
cache-control: max-age=48107
date: Tue, 20 Sep 2022 12:28:33 GMT
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 737cc6f4b8c7d91c15f348a27d8322ec
5b99cbda2ec6f3ff0b8b9115bd8ba096db9ce4f1
685c08333c217cd90d1742bc7d1ab85801ed350e4f5189e575dac285156128eb
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "685C08333C217CD90D1742BC7D1AB85801ED350E4F5189E575DAC285156128EB"
Last-Modified: Mon, 19 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18726
Expires: Tue, 20 Sep 2022 17:40:39 GMT
Date: Tue, 20 Sep 2022 12:28:33 GMT
Connection: keep-alive
cdn.anotepad.com/bundles/site-css?v=A7BcNioZ7gHnb7Yxnif3W0WdBTQKnRFddLcogYeCxew1
143.204.55.18200 OK 4.1 kB URL HTTP/2 cdn.anotepad.com/bundles/site-css?v=A7BcNioZ7gHnb7Yxnif3W0WdBTQKnRFddLcogYeCxew1
IP 143.204.55.18:0
File type ASCII text, with very long lines (22685), with no line terminators
Hash 013880857c79e40b2d50ce6eb14640f5
bd4b88bb233c62210a9e6c48a2ec6e4778a2bb9d
6f14b5a40479288d88ba947f38cf2326747df8842680941bf3e4e76e08cd6890
GET /bundles/site-css?v=A7BcNioZ7gHnb7Yxnif3W0WdBTQKnRFddLcogYeCxew1 HTTP/1.1
Host: cdn.anotepad.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anotepad.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
cache-control: public
expires: Thu, 14 Sep 2023 06:10:50 GMT
last-modified: Wed, 14 Sep 2022 06:10:50 GMT
server: Microsoft-IIS/8.5
x-frame-options: SAMEORIGIN
date: Wed, 14 Sep 2022 06:10:49 GMT
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: UqkJcF9nup38V-LZK8NCeEjfINy1BR6_7prBLKG9Ex98LXK_0AvgnQ==
age: 541065
X-Firefox-Spdy: h2
a.pub.network/core/pubfig/cls.css
104.26.0.139200 OK 868 B URL HTTP/2 a.pub.network/core/pubfig/cls.css
IP 104.26.0.139:0
Hash 5e5e78864c7f702af64d939bdf7cc21e
03a6569ce86394eb431794fc361cea399c3ca8cb
38d17eef83f316bcd4e98287348ea56a95837f2909037a72154b88a595accd80
GET /core/pubfig/cls.css HTTP/1.1
Host: a.pub.network
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anotepad.com
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 20 Sep 2022 12:28:32 GMT
content-type: text/css
x-guploader-uploadid: ADPycdsfb1X_bdqbacxhvm2M-KKFPDAJ8Ikhnp0awjHu8l_xMfSyd8CupT3fAlJC3Hs6wcahdoyyHLmokshBBugXqCnOyG1Xm-5K
x-goog-generation: 1620765108454625
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1752
x-goog-hash: crc32c=kjwd8A==, md5=KtQsmezne0blpCqFIHo3UA==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: *
expires: Tue, 20 Sep 2022 13:21:08 GMT
cache-control: public, max-age=3600
last-modified: Tue, 11 May 2021 20:31:48 GMT
etag: W/"2ad42c99ece77b46e5a42a85207a3750"
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=67jiwEV%2F5lCMOer1vczEt6OKscT2MKRto8aTRtDfwoXF04U4Bx01qEfU57hVXeuTL%2B%2BBuM1sh1XcwyrjqOPlKI2pwfpljt1G7hmCaQpISO0ihcruXLDjlq7PcjwUX7E%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74da8fbf8f5ffabc-OSL
content-encoding: br
X-Firefox-Spdy: h2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-8870545-1&cid=1837355166.1663676913&jid=1546400292&gjid=974338255&_gid=184347904.1663676913&_u=YADAAEAAAAAAAC~&z=1330086389
142.251.1.155200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-8870545-1&cid=1837355166.1663676913&jid=1546400292&gjid=974338255&_gid=184347904.1663676913&_u=YADAAEAAAAAAAC~&z=1330086389
IP 142.251.1.155:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-8870545-1&cid=1837355166.1663676913&jid=1546400292&gjid=974338255&_gid=184347904.1663676913&_u=YADAAEAAAAAAAC~&z=1330086389 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://anotepad.com
Connection: keep-alive
Referer: https://anotepad.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://anotepad.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 20 Sep 2022 12:28:33 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 737cc6f4b8c7d91c15f348a27d8322ec
5b99cbda2ec6f3ff0b8b9115bd8ba096db9ce4f1
685c08333c217cd90d1742bc7d1ab85801ed350e4f5189e575dac285156128eb
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "685C08333C217CD90D1742BC7D1AB85801ED350E4F5189E575DAC285156128EB"
Last-Modified: Mon, 19 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18726
Expires: Tue, 20 Sep 2022 17:40:39 GMT
Date: Tue, 20 Sep 2022 12:28:33 GMT
Connection: keep-alive
cdn.anotepad.com/images/anotepad.svg
143.204.55.18200 OK 1.3 kB URL HTTP/2 cdn.anotepad.com/images/anotepad.svg
IP 143.204.55.18:0
Hash ee7e67e9bb2e9c9744b57d0185abee68
48f862617a6d80126659746ec9870acea47003ad
943c564e401377f13964cc4b44dfd896a2fc895fc03c415acc380309a90d10ff
GET /images/anotepad.svg HTTP/1.1
Host: cdn.anotepad.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anotepad.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Sat, 13 Feb 2021 21:52:25 GMT
server: Microsoft-IIS/8.5
x-frame-options: SAMEORIGIN
content-encoding: gzip
cache-control: max-age=604800
date: Wed, 14 Sep 2022 01:42:27 GMT
etag: W/"8fdbe283522d71:0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 3ka-Ugu5nbySBwxwuNtq1RZCvNtwHGc_g4EvMI2ikA6769QIIaerfw==
age: 557167
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash fa65e4428adb73fd14d3e23085784699
00f883ce942c6c1be5e8e39d8ebe126de77dbadf
8eb4b4b2d5dc9f17570f22fc0afdf63d1fc80cc0aa37ad77cc81d52dda2bc281
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 12:28:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash c53364cae0510b97de38fb4b3396ff56
d6088b7fe775ebc077d116271fbe7fce898c06f0
2df909d86d97fbb9a27dd94ca9335ea29eae8f9325fccc8d0ef00a4f7cd7cdc6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 12:28:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f6d10754a35583416b9c93946ca777ef
6300aae417ae8339c3307c47085b9a9038a3695f
c7666b0c00f878cde486c1d5990a88a763a50ab1e959268ac0abe1be0320fd73
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C7666B0C00F878CDE486C1D5990A88A763A50AB1E959268AC0ABE1BE0320FD73"
Last-Modified: Mon, 19 Sep 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16455
Expires: Tue, 20 Sep 2022 17:02:48 GMT
Date: Tue, 20 Sep 2022 12:28:33 GMT
Connection: keep-alive
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-8870545-1&cid=1837355166.1663676913&jid=1546400292&_u=YADAAEAAAAAAAC~&z=217938114
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-8870545-1&cid=1837355166.1663676913&jid=1546400292&_u=YADAAEAAAAAAAC~&z=217938114
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-8870545-1&cid=1837355166.1663676913&jid=1546400292&_u=YADAAEAAAAAAAC~&z=217938114 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anotepad.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 20 Sep 2022 12:28:33 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash fe5ffc0bb967bf39c053d24cdfae521a
87bc50876b1600714e2c29608bf4af00fbfbd23e
ceaf52d90eaf692a8da9f6c353d09011e26d8e2b971ec4c17fcbcab8676c70c3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CEAF52D90EAF692A8DA9F6C353D09011E26D8E2B971EC4C17FCBCAB8676C70C3"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13357
Expires: Tue, 20 Sep 2022 16:11:10 GMT
Date: Tue, 20 Sep 2022 12:28:33 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash fe5ffc0bb967bf39c053d24cdfae521a
87bc50876b1600714e2c29608bf4af00fbfbd23e
ceaf52d90eaf692a8da9f6c353d09011e26d8e2b971ec4c17fcbcab8676c70c3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CEAF52D90EAF692A8DA9F6C353D09011E26D8E2B971EC4C17FCBCAB8676C70C3"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13357
Expires: Tue, 20 Sep 2022 16:11:10 GMT
Date: Tue, 20 Sep 2022 12:28:33 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash fe5ffc0bb967bf39c053d24cdfae521a
87bc50876b1600714e2c29608bf4af00fbfbd23e
ceaf52d90eaf692a8da9f6c353d09011e26d8e2b971ec4c17fcbcab8676c70c3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CEAF52D90EAF692A8DA9F6C353D09011E26D8E2B971EC4C17FCBCAB8676C70C3"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13357
Expires: Tue, 20 Sep 2022 16:11:10 GMT
Date: Tue, 20 Sep 2022 12:28:33 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash fe5ffc0bb967bf39c053d24cdfae521a
87bc50876b1600714e2c29608bf4af00fbfbd23e
ceaf52d90eaf692a8da9f6c353d09011e26d8e2b971ec4c17fcbcab8676c70c3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CEAF52D90EAF692A8DA9F6C353D09011E26D8E2B971EC4C17FCBCAB8676C70C3"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13357
Expires: Tue, 20 Sep 2022 16:11:10 GMT
Date: Tue, 20 Sep 2022 12:28:33 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash fe5ffc0bb967bf39c053d24cdfae521a
87bc50876b1600714e2c29608bf4af00fbfbd23e
ceaf52d90eaf692a8da9f6c353d09011e26d8e2b971ec4c17fcbcab8676c70c3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CEAF52D90EAF692A8DA9F6C353D09011E26D8E2B971EC4C17FCBCAB8676C70C3"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13357
Expires: Tue, 20 Sep 2022 16:11:10 GMT
Date: Tue, 20 Sep 2022 12:28:33 GMT
Connection: keep-alive
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-8870545-1&cid=1837355166.1663676913&jid=1546400292&_u=YADAAEAAAAAAAC~&z=217938114
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-8870545-1&cid=1837355166.1663676913&jid=1546400292&_u=YADAAEAAAAAAAC~&z=217938114
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-8870545-1&cid=1837355166.1663676913&jid=1546400292&_u=YADAAEAAAAAAAC~&z=217938114 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anotepad.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 20 Sep 2022 12:28:33 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4c2e0de8-088f-449b-a3cb-bbb83e3883a6.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4c2e0de8-088f-449b-a3cb-bbb83e3883a6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2ed7323b395e757f7766ea0045efdaca
8b91bc3069a3217bc719c27959d578b353b5d9dc
8daf8cb1464daa5f72bc4f1049adb4aba00b2c2dec11cb3ade3454ec2ebbfb63
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4c2e0de8-088f-449b-a3cb-bbb83e3883a6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11832
x-amzn-requestid: 75065a71-5f2d-4987-915b-9bddc772c76a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YugI_EsLIAMFdmQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6328e09f-1248d25405209da3353d4a4a;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 21:35:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: gLh2EBTPdXvFtZuYKH1NVZebvnz4Rhs-f_rZPtfJpIWNemEk0upeOQ==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 22:09:43 GMT
etag: "8b91bc3069a3217bc719c27959d578b353b5d9dc"
content-type: image/jpeg
age: 51530
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b9b6fcc-4a98-463a-8c9c-a60812d5b535.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b9b6fcc-4a98-463a-8c9c-a60812d5b535.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1a7d863845e96c5927e812f325c08c16
b8484fb5443344b03e52dd56b1d6c5682eb6221a
fcb382029332a44deaf212298b618074a752d674d0c735a1b8b861ab4bb6ff0f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b9b6fcc-4a98-463a-8c9c-a60812d5b535.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9865
x-amzn-requestid: 7eeeff5b-cb13-4060-96a6-bf5a4be57331
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YugokGQVoAMFXmA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6328e169-4211dbbe1a22d0255a45aff0;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 21:38:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 2kU9PLuzusMR04mNUdwbU6-120ESVhYJtNaIixERO68Vo9jEfP3JWg==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 22:04:47 GMT
age: 51826
etag: "b8484fb5443344b03e52dd56b1d6c5682eb6221a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a91bc33-86f4-4bda-af70-da083ceb7c72.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a91bc33-86f4-4bda-af70-da083ceb7c72.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d3e70b2859ca89b353682d03f6b46b93
ebd83f29edd95217dfa4f4c7a94eddf34dd58b14
43ad8f8b0a664bbec39e0410c1201498a2d2e36e5bd7d5ece8d65b15230ec50b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a91bc33-86f4-4bda-af70-da083ceb7c72.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10894
x-amzn-requestid: f7aad96e-af80-4db7-8bc1-d1e09a9b37e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YeJQGHhOIAMFYuw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6322559a-538534e91448af217c59ab3d;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 22:28:42 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: P7aZQzmAvqn2rcHJUQjHo0Dcg8dsrqseey5mNOabfq1b857M4SUMDQ==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 10:06:02 GMT
age: 8551
etag: "ebd83f29edd95217dfa4f4c7a94eddf34dd58b14"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F799803b1-7e6e-42da-84f6-3e45140e6ae6.jpeg
34.120.237.76200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F799803b1-7e6e-42da-84f6-3e45140e6ae6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 49ffb7cd4c40b37f5b61c1fd86ee36ec
4188174bf6e595335f784d2bf9c90db57294b2fc
5af29dbb676f5a38288e73e9ca4feada901ccfb06385110ca0a46a4970532d32
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F799803b1-7e6e-42da-84f6-3e45140e6ae6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7358
x-amzn-requestid: 88cc5413-2f66-4dc6-b20d-57dd16e77e89
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YugqUHZIoAMFd3Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6328e175-7357c2251f4434bc4686f9ed;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 21:39:01 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: qL0OjiglHkC5171Q2CTvjoOnpkRsGs9I949IDf-PEYOg5S_hiPUpyA==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 22:09:43 GMT
etag: "4188174bf6e595335f784d2bf9c90db57294b2fc"
content-type: image/jpeg
age: 51530
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1d1af9c9-23b5-42e1-b7c6-655c21db6627.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1d1af9c9-23b5-42e1-b7c6-655c21db6627.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7ca0c1a7f205ad07f1cce80b26448873
0e14f5062e40ce94346494ff947bfcf74b5e88c1
ebc960279032671136749823c126ec807334d9eaf2b019abcc63b41bcdbf4a7f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1d1af9c9-23b5-42e1-b7c6-655c21db6627.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9873
x-amzn-requestid: 7171299f-e6e3-40ef-a292-33779346e1ee
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YugI-FDIIAMF-xg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6328e09f-31f9413434a6b00e77e7709b;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 21:35:27 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: evL3aL1ULo6B2a8Rp6iILKCX7F14O9HMSbEqkEY3XHFhmMptE8FaVw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 22:09:44 GMT
age: 51529
etag: "0e14f5062e40ce94346494ff947bfcf74b5e88c1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc72c9eb8-103b-4d09-b405-97d1a7ae99a8.webp
34.120.237.76200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc72c9eb8-103b-4d09-b405-97d1a7ae99a8.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 30fbdfee7ec4513a5ff3dfcb7282f816
a852edb64a7220532aa619ab2a440c3a7e11b97a
4adee59f97bea412c6a0a786d0a27e431a497198b9047a75841b0a530803bdfe
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc72c9eb8-103b-4d09-b405-97d1a7ae99a8.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9543
x-amzn-requestid: 17be04c9-54f0-4988-82dd-f13911a2a629
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YugINHN1IAMF8iA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6328e09a-35496b4c21c23dec75257964;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 21:35:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: -VBFetQNkmIiWeJtW5IOheaPLdDHM9iKhiGPzVcA3_KQk7Qha5VrXg==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 22:14:25 GMT
age: 51248
etag: "a852edb64a7220532aa619ab2a440c3a7e11b97a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash fa65e4428adb73fd14d3e23085784699
00f883ce942c6c1be5e8e39d8ebe126de77dbadf
8eb4b4b2d5dc9f17570f22fc0afdf63d1fc80cc0aa37ad77cc81d52dda2bc281
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 12:28:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 81fa7001b4b94f54d2ab4f3237ecaabb
e21bb07f34d9bed91f5caac3f9a83e9600a5652c
0ecbe6e0c5198d792a0eeb4197c88ec1d3a9f8b215efae7a6bb87776f7673b6a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 12:28:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
driverpartially.com/b3/7d/2f/b37d2f9324506eb3d8dc9b0489d7878c.js
192.243.59.20200 OK 13 kB URL HTTP/1.1 driverpartially.com/b3/7d/2f/b37d2f9324506eb3d8dc9b0489d7878c.js
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (37125), with no line terminators
Hash d425f39ba003b39e2c06e23d93b175f8
df90736a1aac2211075aab7dc4ba35599e2b1a9a
cb14f3b7a027c13151a0545a0c501c0a566e73bf45521bf5a3930a5538fe6934
Analyzer Verdict Alert fortinet Phishing
GET /b3/7d/2f/b37d2f9324506eb3d8dc9b0489d7878c.js HTTP/1.1
Host: driverpartially.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anotepad.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Tue, 20 Sep 2022 12:28:34 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e5c2ee39cb6517fcc71d3083632ed16b
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash de21453350e94caa1eaa938409519de2
b9819d2fe8761aac1b00b7b6a05f7d5c6358d2d9
9455b40dbff8c871da45e8d9ea3c142c77e200b0ee8698dcfdf246bc4b0383a8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6434
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 12:28:34 GMT
Last-Modified: Tue, 20 Sep 2022 10:41:20 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 279
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 6df30310ab4bd12fd1d6de14fc431cc4
e91defc2ab45d425901a3b800be0870c6a71daf9
6c0fdf8a295320d533a82a1c5019cece54752992aee4fcdfb9957d6f4a736d5c
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 20 Sep 2022 12:28:34 GMT
Last-Modified: Tue, 20 Sep 2022 11:57:01 GMT
Server: ECS (nyb/1D08)
X-Cache: Miss from cloudfront
Via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: U2GKdwUH_o9SyjvifnMlbU8pZmZ9vpqv1H2mvOmqyZBqCNv_9Oh36g==
Age: 1893
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash de21453350e94caa1eaa938409519de2
b9819d2fe8761aac1b00b7b6a05f7d5c6358d2d9
9455b40dbff8c871da45e8d9ea3c142c77e200b0ee8698dcfdf246bc4b0383a8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6434
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 12:28:34 GMT
Last-Modified: Tue, 20 Sep 2022 10:41:20 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 279
simplewebanalysis.com/stats
35.158.153.212200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 35.158.153.212:0
File type ASCII text, with no line terminators
Hash d807704cd54b20db975f3970f9f16035
a6333c0e3f213b189a6d7316a44112f6aafbf785
baaea9e843e09860cbb3912f1cd78a33c9424eabee52a232d40c4ee8166d8a38
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anotepad.com
Connection: keep-alive
Referer: https://anotepad.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 20 Sep 2022 12:28:34 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://anotepad.com
access-control-allow-credentials: true
set-cookie: uid_id2=a4522509-c2d9-4359-9046-f1d640b678aa:1:1; expires=Fri, 17 Sep 2032 12:28:34 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
23.38.200.123200 OK 26 kB URL HTTP/2 s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
IP 23.38.200.123:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (63757)
Hash 707317ccaabe08d32d1bd781754e6871
bb82dcd3e044c960e0861c2ce878f5504e628f78
d0a164ece41c61aec26517fb645646f5ba91f72ea5448eff1ee6c393b7c53051
GET /static/sh.f48a1a04fe8dbf021b4cda1d.html HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anotepad.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: text/html
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-11adc"
timing-allow-origin: *
cache-control: public, max-age=86313600
p3p: CP="NON ADM OUR DEV IND COM STA"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 26421
date: Tue, 20 Sep 2022 12:28:34 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
35.158.153.212200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 35.158.153.212:0
File type ASCII text, with no line terminators
Hash d807704cd54b20db975f3970f9f16035
a6333c0e3f213b189a6d7316a44112f6aafbf785
baaea9e843e09860cbb3912f1cd78a33c9424eabee52a232d40c4ee8166d8a38
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anotepad.com
Connection: keep-alive
Referer: https://anotepad.com/
Cookie: uid_id2=a4522509-c2d9-4359-9046-f1d640b678aa:1:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Sep 2022 12:28:34 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://anotepad.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
35.158.153.212200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 35.158.153.212:0
File type ASCII text, with no line terminators
Hash d807704cd54b20db975f3970f9f16035
a6333c0e3f213b189a6d7316a44112f6aafbf785
baaea9e843e09860cbb3912f1cd78a33c9424eabee52a232d40c4ee8166d8a38
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anotepad.com
Connection: keep-alive
Referer: https://anotepad.com/
Cookie: uid_id2=a4522509-c2d9-4359-9046-f1d640b678aa:1:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Sep 2022 12:28:34 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://anotepad.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2
m.addthis.com/live/red_lojson/300lo.json?si=6329b1f17279911d&bkl=0&bl=1&pdt=943&sid=6329b1f17279911d&pub=ra-56846750fb16a611&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=anotepad.com&fp=notes%2Fqaixq2hs&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=0&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1663676914432&jsl=1&uvs=6329b1f1446912ab000&skipb=1&callback=addthis.cbs.jsonp__18509602519732070
23.38.200.123200 OK 89 B URL HTTP/2 m.addthis.com/live/red_lojson/300lo.json?si=6329b1f17279911d&bkl=0&bl=1&pdt=943&sid=6329b1f17279911d&pub=ra-56846750fb16a611&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=anotepad.com&fp=notes%2Fqaixq2hs&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=0&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1663676914432&jsl=1&uvs=6329b1f1446912ab000&skipb=1&callback=addthis.cbs.jsonp__18509602519732070
IP 23.38.200.123:0
File type ASCII text, with no line terminators
Hash cb3fe27562c8b1c83999e7a153b5a76a
4744227fd9c433df06825c0cc0aa9be91e8f7f8a
5d20ffac9fb36a55555ea07995fd54ec6b12e7ff1354cc2d8bc4478d7ff71460
GET /live/red_lojson/300lo.json?si=6329b1f17279911d&bkl=0&bl=1&pdt=943&sid=6329b1f17279911d&pub=ra-56846750fb16a611&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=anotepad.com&fp=notes%2Fqaixq2hs&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=0&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1663676914432&jsl=1&uvs=6329b1f1446912ab000&skipb=1&callback=addthis.cbs.jsonp__18509602519732070 HTTP/1.1
Host: m.addthis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anotepad.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
content-length: 89
cache-control: max-age=0, no-cache, no-store, no-transform
pragma: no-cache
content-disposition: attachment; filename=1.txt
date: Tue, 20 Sep 2022 12:28:34 GMT
X-Firefox-Spdy: h2
v1.addthisedge.com/live/boost/ra-56846750fb16a611/_ate.track.config_resp
23.38.200.123200 OK 154 B URL HTTP/2 v1.addthisedge.com/live/boost/ra-56846750fb16a611/_ate.track.config_resp
IP 23.38.200.123:0
File type ASCII text, with no line terminators
Hash 1798455c51e19a1de93e52339a502e8d
a0457d200050e575fe5fce342ef18826773a19a2
3f695eaf6f5245ffc8385edd6ed3d174509a3faedc9b9e14e4bffb1f0a881fb0
GET /live/boost/ra-56846750fb16a611/_ate.track.config_resp HTTP/1.1
Host: v1.addthisedge.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anotepad.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
etag: 659743217
content-disposition: attachment; filename=1.txt
content-encoding: gzip
content-length: 154
cache-control: public, max-age=60, s-maxage=86400
date: Tue, 20 Sep 2022 12:28:34 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3560fd0459a75cf29346caa46f7e84a1
f4ddcaf667912056478156ea67a9c16cfdacc0b0
f2f4b9cb192aba52569b22fa34a39420113c1ae958b17b6b59652182ffa10eed
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F2F4B9CB192ABA52569B22FA34A39420113C1AE958B17B6B59652182FFA10EED"
Last-Modified: Sun, 18 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1629
Expires: Tue, 20 Sep 2022 12:55:44 GMT
Date: Tue, 20 Sep 2022 12:28:35 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3560fd0459a75cf29346caa46f7e84a1
f4ddcaf667912056478156ea67a9c16cfdacc0b0
f2f4b9cb192aba52569b22fa34a39420113c1ae958b17b6b59652182ffa10eed
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F2F4B9CB192ABA52569B22FA34A39420113C1AE958B17B6B59652182FFA10EED"
Last-Modified: Sun, 18 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1629
Expires: Tue, 20 Sep 2022 12:55:44 GMT
Date: Tue, 20 Sep 2022 12:28:35 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0b33c37d8278a7978305e81d40f0b720
bf93c7b9790150d483f02136a7720cc029bea4bb
d6eeac717014b10223e7a13cd15a184d11302a42a8398eb5c57f0eee77ca7346
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D6EEAC717014B10223E7A13CD15A184D11302A42A8398EB5C57F0EEE77CA7346"
Last-Modified: Mon, 19 Sep 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1089
Expires: Tue, 20 Sep 2022 12:46:44 GMT
Date: Tue, 20 Sep 2022 12:28:35 GMT
Connection: keep-alive
unseenreport.com/pxf.gif?uuid=a4522509-c2d9-4359-9046-f1d640b678aa&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=a1385457843ed7b58df9deca74af31e9&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=12
192.243.61.225200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=a4522509-c2d9-4359-9046-f1d640b678aa&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=a1385457843ed7b58df9deca74af31e9&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=12
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=a4522509-c2d9-4359-9046-f1d640b678aa&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=a1385457843ed7b58df9deca74af31e9&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=12 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anotepad.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Tue, 20 Sep 2022 12:28:35 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ab341810beccae081f978e95de0a74bf
Strict-Transport-Security: max-age=0; includeSubdomains
unseenreport.com/pxf.gif?uuid=a4522509-c2d9-4359-9046-f1d640b678aa&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=b37d2f9324506eb3d8dc9b0489d7878c&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=12
192.243.61.225200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=a4522509-c2d9-4359-9046-f1d640b678aa&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=b37d2f9324506eb3d8dc9b0489d7878c&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=12
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=a4522509-c2d9-4359-9046-f1d640b678aa&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=b37d2f9324506eb3d8dc9b0489d7878c&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=12 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anotepad.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Tue, 20 Sep 2022 12:28:35 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e065782b7f2d1561cc415bb23f2804e5
Strict-Transport-Security: max-age=0; includeSubdomains
grumblecrytopless.com/sbar.json?key=b37d2f9324506eb3d8dc9b0489d7878c&uuid=a4522509-c2d9-4359-9046-f1d640b678aa%3A1%3A1
192.243.59.13200 OK 4.2 kB URL HTTP/1.1 grumblecrytopless.com/sbar.json?key=b37d2f9324506eb3d8dc9b0489d7878c&uuid=a4522509-c2d9-4359-9046-f1d640b678aa%3A1%3A1
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (6117), with no line terminators
Hash 2e65c664814c8cf7309a73ec5777d18f
d72f23f58a07f8117ef56435a614a04c5fe61809
9eec6ba30c12b68c5dafeca34e5a8fac8a511dbe0f532a6f67bd3fc214063b95
GET /sbar.json?key=b37d2f9324506eb3d8dc9b0489d7878c&uuid=a4522509-c2d9-4359-9046-f1d640b678aa%3A1%3A1 HTTP/1.1
Host: grumblecrytopless.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anotepad.com
Connection: keep-alive
Referer: https://anotepad.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Tue, 20 Sep 2022 12:28:35 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://anotepad.com
Access-Control-Allow-Origin: https://anotepad.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=15950569; expires=Wed, 21 Sep 2022 12:28:35 GMT; secure; SameSite=None
uid_id2=a4522509-c2d9-4359-9046-f1d640b678aa:1:1; expires=Tue, 27 Sep 2022 12:28:35 GMT; secure; SameSite=None
pdhtkv=true; expires=Wed, 21 Sep 2022 12:28:35 GMT; secure; SameSite=None
uncs=1; expires=Wed, 21 Sep 2022 12:28:35 GMT; secure; SameSite=None
pdhtkv29=true; expires=Wed, 21 Sep 2022 12:28:35 GMT; secure; SameSite=None
uncs29=1; expires=Wed, 21 Sep 2022 12:28:35 GMT; secure; SameSite=None
slecb37d2f9324506eb3d8dc9b0489d7878c=[3551991]; expires=Tue, 20 Sep 2022 12:28:40 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 10ca6cb0899318693cf1ee62cc1d9d2b
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4e1105390425f83fdb65ce7eb6b827b3
011ad268920717a499b7db9981139547d1d533a9
d838baec01ed3cd9b92c8e8f140504e61ddb531f77b7bec11784853085303637
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D838BAEC01ED3CD9B92C8E8F140504E61DDB531F77B7BEC11784853085303637"
Last-Modified: Tue, 20 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9623
Expires: Tue, 20 Sep 2022 15:08:58 GMT
Date: Tue, 20 Sep 2022 12:28:35 GMT
Connection: keep-alive
grumblecrytopless.com/ren.gif?sid=H4sIAAAAAAAC%2F1SSwWskxRfHq3cDv594WgmCoDIHDy6YSXdPT%2Fe0ewjGmCUYd5ddRW9SXVUzqU1NV1PVPT2ZU3BB9uBhBP%2BAzneSDWpc3JMnF5msCJtTxlMOBvboUQJ6lZkNRh8U71V9X8GnvvU%2B3ylOiYuCnqx8oAdSKbrYrLu1Nz%2FxvGu1dZkW%2FVq%2FFX4aBtdqpvd2HNbdq7Xrgm3qRd%2F1XNdzvdqqNKKt%2B4tTETI7iL167NYDv%2B41A%2FTNf%2Fe2cGCpA947JS9B8sncE2ceko2Rdr9fEXYz19lb73ULRXNt0OP7H6WbqS5TdC%2FKtnHQTvfPu6Ht8epj6HRvhgvd%2B6cxkRPi%2FPIYSbp%2FDomktzvjTBREioS%2FiLI3hlBjSDoG0%2Fcg%2BTEBGMeNm0i7D25oU9Kt5yqdqhMy9%2BcZZDkhc7%2FNI%2B0%2BXFayX7ujVZFLnVr02xVkfwzZGSMrDpEPLkGWh2D5Z5CcIO1WkPzkDRo0fb%2FpxgvM5%2FFC0GjGC7EbhAttj4eBm4RRi9KZMVKOIdtjKDEEtQ6K6ZIOiraDInPQ5Sc15nle5HJG3VbMWINHIgm569Go7VHPDVso2JR9iDwbgqkhmNlGZraxKYcwxU%2BwGxUsd2Bzgh6vUAqC0hKUlKCUBGVOUPaqPa6sb6sHXNki8c6zf54b1UjnnR26p%2FOOSMlOdkquzAw7S37HpjipJY2I%2B%2B244QdNNxRJg7c4ixM3aMU8akUtBisrSHtp9syBnJCX%2F3%2BATE7I3P%2B%2BQkIPYdUhmLwEWrwGWo4i3wXdGAUtF4P0gKY6Fxnldaa74LpCls8h33J21Cl5ZcYR%2Bn9BsKOlp8%2BuP5wfPAMzFTJT4a58QtBR90e3dUl2b%2BvSkkc3s1x25YBOP%2FVOTnNx%2BZv3xVapDV9bscOv32FTYVoefChsvk5TLtOOJd8uS86FWdWGCfLjmv1YJLcKu7FcmLTI1m%2B9u7rWzYywVup0DCqP7RdgckJeoHo2ra%2Fe%2FQHSjGGKCt3iiJwHpD4Ey7Zhswt6qy%2FDqIueJHNQFtXI%2BMnFoZIT4p89hRJHS9%2F9gZ%2BvqCFoUsGKf128qHfsfXTM66D5vdmg9kyFnqpA1RC2uDzKM3O09GtjFkiUM0qUcXYTZdSXz%2B218qQWNRouDeOmF0VUREngt9qhxyn1g9APQ9pAbifs6qOzvwEAAP%2F%2FAQAA%2F%2F9m72klfAQAAA%3D%3D
192.243.59.13200 OK 7 B URL HTTP/1.1 grumblecrytopless.com/ren.gif?sid=H4sIAAAAAAAC%2F1SSwWskxRfHq3cDv594WgmCoDIHDy6YSXdPT%2Fe0ewjGmCUYd5ddRW9SXVUzqU1NV1PVPT2ZU3BB9uBhBP%2BAzneSDWpc3JMnF5msCJtTxlMOBvboUQJ6lZkNRh8U71V9X8GnvvU%2B3ylOiYuCnqx8oAdSKbrYrLu1Nz%2FxvGu1dZkW%2FVq%2FFX4aBtdqpvd2HNbdq7Xrgm3qRd%2F1XNdzvdqqNKKt%2B4tTETI7iL167NYDv%2B41A%2FTNf%2Fe2cGCpA947JS9B8sncE2ceko2Rdr9fEXYz19lb73ULRXNt0OP7H6WbqS5TdC%2FKtnHQTvfPu6Ht8epj6HRvhgvd%2B6cxkRPi%2FPIYSbp%2FDomktzvjTBREioS%2FiLI3hlBjSDoG0%2Fcg%2BTEBGMeNm0i7D25oU9Kt5yqdqhMy9%2BcZZDkhc7%2FNI%2B0%2BXFayX7ujVZFLnVr02xVkfwzZGSMrDpEPLkGWh2D5Z5CcIO1WkPzkDRo0fb%2FpxgvM5%2FFC0GjGC7EbhAttj4eBm4RRi9KZMVKOIdtjKDEEtQ6K6ZIOiraDInPQ5Sc15nle5HJG3VbMWINHIgm569Go7VHPDVso2JR9iDwbgqkhmNlGZraxKYcwxU%2BwGxUsd2Bzgh6vUAqC0hKUlKCUBGVOUPaqPa6sb6sHXNki8c6zf54b1UjnnR26p%2FOOSMlOdkquzAw7S37HpjipJY2I%2B%2B244QdNNxRJg7c4ixM3aMU8akUtBisrSHtp9syBnJCX%2F3%2BATE7I3P%2B%2BQkIPYdUhmLwEWrwGWo4i3wXdGAUtF4P0gKY6Fxnldaa74LpCls8h33J21Cl5ZcYR%2Bn9BsKOlp8%2BuP5wfPAMzFTJT4a58QtBR90e3dUl2b%2BvSkkc3s1x25YBOP%2FVOTnNx%2BZv3xVapDV9bscOv32FTYVoefChsvk5TLtOOJd8uS86FWdWGCfLjmv1YJLcKu7FcmLTI1m%2B9u7rWzYywVup0DCqP7RdgckJeoHo2ra%2Fe%2FQHSjGGKCt3iiJwHpD4Ey7Zhswt6qy%2FDqIueJHNQFtXI%2BMnFoZIT4p89hRJHS9%2F9gZ%2BvqCFoUsGKf128qHfsfXTM66D5vdmg9kyFnqpA1RC2uDzKM3O09GtjFkiUM0qUcXYTZdSXz%2B218qQWNRouDeOmF0VUREngt9qhxyn1g9APQ9pAbifs6qOzvwEAAP%2F%2FAQAA%2F%2F9m72klfAQAAA%3D%3D
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
GET /ren.gif?sid=H4sIAAAAAAAC%2F1SSwWskxRfHq3cDv594WgmCoDIHDy6YSXdPT%2Fe0ewjGmCUYd5ddRW9SXVUzqU1NV1PVPT2ZU3BB9uBhBP%2BAzneSDWpc3JMnF5msCJtTxlMOBvboUQJ6lZkNRh8U71V9X8GnvvU%2B3ylOiYuCnqx8oAdSKbrYrLu1Nz%2FxvGu1dZkW%2FVq%2FFX4aBtdqpvd2HNbdq7Xrgm3qRd%2F1XNdzvdqqNKKt%2B4tTETI7iL167NYDv%2B41A%2FTNf%2Fe2cGCpA947JS9B8sncE2ceko2Rdr9fEXYz19lb73ULRXNt0OP7H6WbqS5TdC%2FKtnHQTvfPu6Ht8epj6HRvhgvd%2B6cxkRPi%2FPIYSbp%2FDomktzvjTBREioS%2FiLI3hlBjSDoG0%2Fcg%2BTEBGMeNm0i7D25oU9Kt5yqdqhMy9%2BcZZDkhc7%2FNI%2B0%2BXFayX7ujVZFLnVr02xVkfwzZGSMrDpEPLkGWh2D5Z5CcIO1WkPzkDRo0fb%2FpxgvM5%2FFC0GjGC7EbhAttj4eBm4RRi9KZMVKOIdtjKDEEtQ6K6ZIOiraDInPQ5Sc15nle5HJG3VbMWINHIgm569Go7VHPDVso2JR9iDwbgqkhmNlGZraxKYcwxU%2BwGxUsd2Bzgh6vUAqC0hKUlKCUBGVOUPaqPa6sb6sHXNki8c6zf54b1UjnnR26p%2FOOSMlOdkquzAw7S37HpjipJY2I%2B%2B244QdNNxRJg7c4ixM3aMU8akUtBisrSHtp9syBnJCX%2F3%2BATE7I3P%2B%2BQkIPYdUhmLwEWrwGWo4i3wXdGAUtF4P0gKY6Fxnldaa74LpCls8h33J21Cl5ZcYR%2Bn9BsKOlp8%2BuP5wfPAMzFTJT4a58QtBR90e3dUl2b%2BvSkkc3s1x25YBOP%2FVOTnNx%2BZv3xVapDV9bscOv32FTYVoefChsvk5TLtOOJd8uS86FWdWGCfLjmv1YJLcKu7FcmLTI1m%2B9u7rWzYywVup0DCqP7RdgckJeoHo2ra%2Fe%2FQHSjGGKCt3iiJwHpD4Ey7Zhswt6qy%2FDqIueJHNQFtXI%2BMnFoZIT4p89hRJHS9%2F9gZ%2BvqCFoUsGKf128qHfsfXTM66D5vdmg9kyFnqpA1RC2uDzKM3O09GtjFkiUM0qUcXYTZdSXz%2B218qQWNRouDeOmF0VUREngt9qhxyn1g9APQ9pAbifs6qOzvwEAAP%2F%2FAQAA%2F%2F9m72klfAQAAA%3D%3D HTTP/1.1
Host: grumblecrytopless.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anotepad.com/
Cookie: u_pl=15950569; uid_id2=a4522509-c2d9-4359-9046-f1d640b678aa:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecb37d2f9324506eb3d8dc9b0489d7878c=[3551991]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Tue, 20 Sep 2022 12:28:35 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 2a9f979c3c8f5ea15e97abf3b63a7cb3
Strict-Transport-Security: max-age=0; includeSubdomains
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a72130ae7c499a48ceed4d717ba04279
686cf6c69ee0bc3b20f334e1f40162b0a348ece2
18117375cc72fba620f3e53df7f99a61ab02c4adf834566eb46d63be66f1ca54
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "18117375CC72FBA620F3E53DF7F99A61AB02C4ADF834566EB46D63BE66F1CA54"
Last-Modified: Mon, 19 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7308
Expires: Tue, 20 Sep 2022 14:30:23 GMT
Date: Tue, 20 Sep 2022 12:28:35 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a72130ae7c499a48ceed4d717ba04279
686cf6c69ee0bc3b20f334e1f40162b0a348ece2
18117375cc72fba620f3e53df7f99a61ab02c4adf834566eb46d63be66f1ca54
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "18117375CC72FBA620F3E53DF7F99A61AB02C4ADF834566EB46D63BE66F1CA54"
Last-Modified: Mon, 19 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7308
Expires: Tue, 20 Sep 2022 14:30:23 GMT
Date: Tue, 20 Sep 2022 12:28:35 GMT
Connection: keep-alive
grumblecrytopless.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2Fb6%2Fcf%2F48%2Fb6cf48ca3e8ab4bdbcfaa2279b0fb2bc%2F1613726822.html&l=1274&fd=187
192.243.59.13200 OK 0 B URL HTTP/1.1 grumblecrytopless.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2Fb6%2Fcf%2F48%2Fb6cf48ca3e8ab4bdbcfaa2279b0fb2bc%2F1613726822.html&l=1274&fd=187
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2Fb6%2Fcf%2F48%2Fb6cf48ca3e8ab4bdbcfaa2279b0fb2bc%2F1613726822.html&l=1274&fd=187 HTTP/1.1
Host: grumblecrytopless.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anotepad.com/
Cookie: u_pl=15950569; uid_id2=a4522509-c2d9-4359-9046-f1d640b678aa:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecb37d2f9324506eb3d8dc9b0489d7878c=[3551991]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Tue, 20 Sep 2022 12:28:35 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
cdn.sb4you1.com/sb/ssp/utility/social-media/facebook/img/close.svg
172.64.200.2200 OK 930 B URL HTTP/2 cdn.sb4you1.com/sb/ssp/utility/social-media/facebook/img/close.svg
IP 172.64.200.2:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash b52cd36802689df4b494eb105d335c36
5dc306bfef201392c1a9bbcf34bd1a8cff037618
a84b306f72f1076fbab9c8314de0b5e9f653a90151650b3fdf70cf343ae7b1a7
GET /sb/ssp/utility/social-media/facebook/img/close.svg HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Sep 2022 12:28:35 GMT
content-type: image/svg+xml
last-modified: Thu, 11 Feb 2021 15:13:59 GMT
etag: W/"602549b7-52a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 4155862
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v%2FUj5n%2BnkggJzUFiky8q%2FIFxPiBKFrHPO8R%2B7%2FcGWhqL8PcVWnxo7GPa92n6gAYPqrGLbrnPpNfPCrnTJsWJ0DVTP8tRrLBS8OeKfXmlcjI6vgAL7L%2F0SFAGMq7vRo7IWAc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74da8fd49de575b1-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e9645643e1a43d77b51841592522035e
f68948762b7c3e69fab5f71bf690f77b6cd76155
aa340c2215536bc9f307bd8c245f43b792f19dd5ee4b528621054ea8bcac9ca3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AA340C2215536BC9F307BD8C245F43B792F19DD5EE4B528621054EA8BCAC9CA3"
Last-Modified: Sun, 18 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19243
Expires: Tue, 20 Sep 2022 17:49:19 GMT
Date: Tue, 20 Sep 2022 12:28:36 GMT
Connection: keep-alive
cdn.sb4you1.com/sb/ssp/utility/social-media/facebook/css/style.css
172.64.200.2200 OK 1.5 kB URL HTTP/2 cdn.sb4you1.com/sb/ssp/utility/social-media/facebook/css/style.css
IP 172.64.200.2:0
Hash 908dce303e802b45f99455bfa3c26ef2
2f064693d34a6eac3903455fc3de8477c4554e40
60eed66130c70fbeb214c6ab5a7f747cfaaad001a5f10d33d3da7d57f70d6f98
GET /sb/ssp/utility/social-media/facebook/css/style.css HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anotepad.com
Connection: keep-alive
Referer: https://anotepad.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 20 Sep 2022 12:28:35 GMT
content-type: text/css
last-modified: Fri, 27 Aug 2021 12:19:14 GMT
etag: W/"6128d842-18be"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 10285
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mJ40yUWdEVMkPI4NSGMXI3RvagykCTRduLEa0hbazuxVjaIwC564gufGVXGb2gOLq50ETZpXLg%2FwAZq%2BURoVXPvvKZinyKxp0C6ZoS5%2BW1eQ8ZhKYmZnxodFwbxT2HM1dMA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74da8fd46d9875b1-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/si/5d/16/8b/5d168b4c2466b189729f9f9e72ff9e4a/1658144882.jpg
45.133.44.10200 OK 11 kB URL HTTP/2 cdn.cloudimagesb.com/si/5d/16/8b/5d168b4c2466b189729f9f9e72ff9e4a/1658144882.jpg
IP 45.133.44.10:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\012- data
Hash 62eb9d272cfc03bdc42f5abd423d2dcd
8436ae8ad0ac45946b1bf0fe5768cd868cd8c6a2
0a52e8bbbbe749849d27811ef7404a6623f8908ca7d00f902fc927dab7b828a2
GET /si/5d/16/8b/5d168b4c2466b189729f9f9e72ff9e4a/1658144882.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 20 Sep 2022 12:28:36 GMT
content-type: image/jpeg
content-length: 11151
server: nginx/1.17.6
last-modified: Mon, 18 Jul 2022 11:48:10 GMT
etag: "62d5487a-2b8f"
expires: Thu, 22 Sep 2022 12:28:36 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.barscreative1.com/sb/au/b6/cf/48/b6cf48ca3e8ab4bdbcfaa2279b0fb2bc/1613726822.html
45.133.44.4200 OK 746 B URL HTTP/2 cdn.barscreative1.com/sb/au/b6/cf/48/b6cf48ca3e8ab4bdbcfaa2279b0fb2bc/1613726822.html
IP 45.133.44.4:0
ASN #39572 DataWeb Global Group B.V.
Hash e50a35b3213e4e8e2f01090c8a73aeed
47f9cbbaa0c6501c987c7ee22570db1b527bb41f
a352f512723c75e0b3e5d97f8026bdf888591ab3dd336421447e36b58b51accc
Analyzer Verdict Alert fortinet Phishing
GET /sb/au/b6/cf/48/b6cf48ca3e8ab4bdbcfaa2279b0fb2bc/1613726822.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anotepad.com
Connection: keep-alive
Referer: https://anotepad.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 20 Sep 2022 12:28:35 GMT
content-type: text/html; charset=utf-8
server: nginx/1.17.6
last-modified: Fri, 19 Feb 2021 09:27:09 GMT
etag: W/"602f846d-4fa"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Tue, 20 Sep 2022 13:28:35 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2
cdn.sb4you1.com/sb/ssp/utility/social-media/facebook/css/animate.css
172.64.200.2200 OK 4.8 kB URL HTTP/2 cdn.sb4you1.com/sb/ssp/utility/social-media/facebook/css/animate.css
IP 172.64.200.2:0
Hash 21eb7a65c17a2c22ba104a7ecbf1dc0f
ea8c53be54889c7489aed04e30e3eb83af64dec9
090bd9ceb9a58da038e5ed4a39dfbb63ece49ed4f4f0656ce35f7faa41a3b237
GET /sb/ssp/utility/social-media/facebook/css/animate.css HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anotepad.com
Connection: keep-alive
Referer: https://anotepad.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 20 Sep 2022 12:28:35 GMT
content-type: text/css
last-modified: Sat, 20 Feb 2021 08:44:40 GMT
etag: W/"6030cbf8-1358d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 110014
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mB2nTOcsiLVAqUDFHP0FmkGzyWBZvq0%2FE3lDiKAPIpLOyOjczZXrmWlQkEtIuJMXbvVUWopYNSXbAah3OGhc%2Fn%2Bpo7hmA7ZBmECe8ggZvrkx9HD8cNbMnYc7iim%2B6hE9f7E%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74da8fd46d9675b1-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://anotepad.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Sep 2022 19:34:08 GMT
expires: Thu, 14 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 492868
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://anotepad.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Sep 2022 19:34:08 GMT
expires: Thu, 14 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 492868
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
grumblecrytopless.com/impr.gif?sid=H4sIAAAAAAAC%2F1SSz2skxRvGq3cD3694WgmCoDIHDy6YSXdPzy%2F3EIwxSzDuLruK3qR%2B9aQ2NV1NVff0ZE7BBdmDhxH8AzrPJBvUuLgnTy4yWRE2p4ynHAzs0aME9CozG4y%2B0Lxv1%2FMWfOp538938lPiI6cnKx%2BYgdKaLtarfuXNT4LgWmVdJXm%2F0m81Pm1E1yq293a7UfWvVq5LvmkWQz%2Fw%2FcAPKqvKytj0F6ciVHrQDqptvxqF1aAeoW%2F%2F%2B%2B9yD456EL1T8hKUmMw98eah%2BBhJ9%2FsV6TYzk771XjfXNDMWPbH%2FUbKZmCJB96KMrYc42T%2FvhnHHq49hkr0ZLkzvn0amJsT75TFYsn8OCdbbnXEyDZmAiRdR9MaQegxFx%2BDmHpQ4JgAXuHETSffBDWMLuvVcpVN1Qub%2BPIMqJmTut3kk3YfLWvUrd4zOM2USh35cQvXHUJ0x0vwQ2eASVHEInn0GJQiSbgklTt6gUT0M6357gYeivRDV6u2Fth81FuJANCKfNZotSmfGKDWGisfQcgjqPOTTT3nIYw956qErTio8CIKmLzj1W23Oa6IpWUP4AW3GAQ38Rgs5n7IPkaVDcD0Et9tI7TY21RA2%2Fwluo4QTHlxG0BMlCklQOIKCEhSKoMgIil65J7QLXflAaJez4DyH57lWjkzW2aF7JuvIhOykp%2BTKzLAz9js25UmF1ZoijNu1MKr7DclqoiV4m%2FlRqy2arWaLw6kSyl2aPXOgJuTl%2Fx8gVRMy97%2BvwOghnD4EV5dA89dAi1Ez9EE3RlHLxyA5oInJZEpFlZsuhCmRZnPItrwdfUpemXE0wr8g%2BdHS02fXH84PnoHbEqktcVc9Iejo%2B6PbpiC7t03hyKObaaa6akCnQ72T0Uxe%2FuZ9uVUYK9ZW3PDrd%2FhUmJYHH0qXrdNEqKTjyLfLSghpV43lkvy45j6W7FbuNpZzm%2BTp%2Bq13V9e6qZXOKZOMQdWx%2BwJcTcgL1My29dW7P0DZMWxeopsfkfOAMofg6TZcekHvzGVYfdHDUg9FXo5syC4OtZqQ8OwptDxa%2Bu4P%2FHxFD0FZCSf%2FdfGi3nH30bGvg2b3ZovasyV6ugTVQ7j88ihL7dHSr7VZgGlvxLT1dpm2%2Bsvn9jp1Uqn5oslkLJtMRvUollywep35PObTkbc4MjfhVx%2Bd%2FQ0AAP%2F%2FAQAA%2F%2F%2FmO7zNfAQAAA%3D%3D
192.243.59.13200 OK 7 B URL HTTP/1.1 grumblecrytopless.com/impr.gif?sid=H4sIAAAAAAAC%2F1SSz2skxRvGq3cD3694WgmCoDIHDy6YSXdPzy%2F3EIwxSzDuLruK3qR%2B9aQ2NV1NVff0ZE7BBdmDhxH8AzrPJBvUuLgnTy4yWRE2p4ynHAzs0aME9CozG4y%2B0Lxv1%2FMWfOp538938lPiI6cnKx%2BYgdKaLtarfuXNT4LgWmVdJXm%2F0m81Pm1E1yq293a7UfWvVq5LvmkWQz%2Fw%2FcAPKqvKytj0F6ciVHrQDqptvxqF1aAeoW%2F%2F%2B%2B9yD456EL1T8hKUmMw98eah%2BBhJ9%2FsV6TYzk771XjfXNDMWPbH%2FUbKZmCJB96KMrYc42T%2FvhnHHq49hkr0ZLkzvn0amJsT75TFYsn8OCdbbnXEyDZmAiRdR9MaQegxFx%2BDmHpQ4JgAXuHETSffBDWMLuvVcpVN1Qub%2BPIMqJmTut3kk3YfLWvUrd4zOM2USh35cQvXHUJ0x0vwQ2eASVHEInn0GJQiSbgklTt6gUT0M6357gYeivRDV6u2Fth81FuJANCKfNZotSmfGKDWGisfQcgjqPOTTT3nIYw956qErTio8CIKmLzj1W23Oa6IpWUP4AW3GAQ38Rgs5n7IPkaVDcD0Et9tI7TY21RA2%2Fwluo4QTHlxG0BMlCklQOIKCEhSKoMgIil65J7QLXflAaJez4DyH57lWjkzW2aF7JuvIhOykp%2BTKzLAz9js25UmF1ZoijNu1MKr7DclqoiV4m%2FlRqy2arWaLw6kSyl2aPXOgJuTl%2Fx8gVRMy97%2BvwOghnD4EV5dA89dAi1Ez9EE3RlHLxyA5oInJZEpFlZsuhCmRZnPItrwdfUpemXE0wr8g%2BdHS02fXH84PnoHbEqktcVc9Iejo%2B6PbpiC7t03hyKObaaa6akCnQ72T0Uxe%2FuZ9uVUYK9ZW3PDrd%2FhUmJYHH0qXrdNEqKTjyLfLSghpV43lkvy45j6W7FbuNpZzm%2BTp%2Bq13V9e6qZXOKZOMQdWx%2BwJcTcgL1My29dW7P0DZMWxeopsfkfOAMofg6TZcekHvzGVYfdHDUg9FXo5syC4OtZqQ8OwptDxa%2Bu4P%2FHxFD0FZCSf%2FdfGi3nH30bGvg2b3ZovasyV6ugTVQ7j88ihL7dHSr7VZgGlvxLT1dpm2%2Bsvn9jp1Uqn5oslkLJtMRvUollywep35PObTkbc4MjfhVx%2Bd%2FQ0AAP%2F%2FAQAA%2F%2F%2FmO7zNfAQAAA%3D%3D
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
GET /impr.gif?sid=H4sIAAAAAAAC%2F1SSz2skxRvGq3cD3694WgmCoDIHDy6YSXdPzy%2F3EIwxSzDuLruK3qR%2B9aQ2NV1NVff0ZE7BBdmDhxH8AzrPJBvUuLgnTy4yWRE2p4ynHAzs0aME9CozG4y%2B0Lxv1%2FMWfOp538938lPiI6cnKx%2BYgdKaLtarfuXNT4LgWmVdJXm%2F0m81Pm1E1yq293a7UfWvVq5LvmkWQz%2Fw%2FcAPKqvKytj0F6ciVHrQDqptvxqF1aAeoW%2F%2F%2B%2B9yD456EL1T8hKUmMw98eah%2BBhJ9%2FsV6TYzk771XjfXNDMWPbH%2FUbKZmCJB96KMrYc42T%2FvhnHHq49hkr0ZLkzvn0amJsT75TFYsn8OCdbbnXEyDZmAiRdR9MaQegxFx%2BDmHpQ4JgAXuHETSffBDWMLuvVcpVN1Qub%2BPIMqJmTut3kk3YfLWvUrd4zOM2USh35cQvXHUJ0x0vwQ2eASVHEInn0GJQiSbgklTt6gUT0M6357gYeivRDV6u2Fth81FuJANCKfNZotSmfGKDWGisfQcgjqPOTTT3nIYw956qErTio8CIKmLzj1W23Oa6IpWUP4AW3GAQ38Rgs5n7IPkaVDcD0Et9tI7TY21RA2%2Fwluo4QTHlxG0BMlCklQOIKCEhSKoMgIil65J7QLXflAaJez4DyH57lWjkzW2aF7JuvIhOykp%2BTKzLAz9js25UmF1ZoijNu1MKr7DclqoiV4m%2FlRqy2arWaLw6kSyl2aPXOgJuTl%2Fx8gVRMy97%2BvwOghnD4EV5dA89dAi1Ez9EE3RlHLxyA5oInJZEpFlZsuhCmRZnPItrwdfUpemXE0wr8g%2BdHS02fXH84PnoHbEqktcVc9Iejo%2B6PbpiC7t03hyKObaaa6akCnQ72T0Uxe%2FuZ9uVUYK9ZW3PDrd%2FhUmJYHH0qXrdNEqKTjyLfLSghpV43lkvy45j6W7FbuNpZzm%2BTp%2Bq13V9e6qZXOKZOMQdWx%2BwJcTcgL1My29dW7P0DZMWxeopsfkfOAMofg6TZcekHvzGVYfdHDUg9FXo5syC4OtZqQ8OwptDxa%2Bu4P%2FHxFD0FZCSf%2FdfGi3nH30bGvg2b3ZovasyV6ugTVQ7j88ihL7dHSr7VZgGlvxLT1dpm2%2Bsvn9jp1Uqn5oslkLJtMRvUollywep35PObTkbc4MjfhVx%2Bd%2FQ0AAP%2F%2FAQAA%2F%2F%2FmO7zNfAQAAA%3D%3D HTTP/1.1
Host: grumblecrytopless.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anotepad.com/
Cookie: u_pl=15950569; uid_id2=a4522509-c2d9-4359-9046-f1d640b678aa:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecb37d2f9324506eb3d8dc9b0489d7878c=[3551991]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Tue, 20 Sep 2022 12:28:36 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 38cd665bcac21eeb099d868d9905ade1
Strict-Transport-Security: max-age=0; includeSubdomains
grumblecrytopless.com/pixel/sbs?c=1
192.243.59.13200 OK 0 B URL HTTP/1.1 grumblecrytopless.com/pixel/sbs?c=1
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel/sbs?c=1 HTTP/1.1
Host: grumblecrytopless.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anotepad.com/
Cookie: u_pl=15950569; uid_id2=a4522509-c2d9-4359-9046-f1d640b678aa:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecb37d2f9324506eb3d8dc9b0489d7878c=[3551991]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Tue, 20 Sep 2022 12:28:36 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
addresseepaper.com/sfp.js
172.64.132.22200 OK 0 B URL HTTP/2 addresseepaper.com/sfp.js
IP 172.64.132.22:0
GET /sfp.js HTTP/1.1
Host: addresseepaper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anotepad.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 20 Sep 2022 12:28:33 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 1632acf398258db24b2ad627eb73a201
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Tue, 20 Sep 2022 12:28:33 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dT9nhQQh1Ch7An2EgFLfsnYOEjxvLJz1ZIj20JPY3QGWwrrf%2F%2F570lRrGKY08YBYmX%2B%2B57HRwGtcKxmq88KZ4O4kzxCt%2FA6%2FlOMxmh1eOO%2F3K3DvxrdP%2BcBZa0XCKpQ%2Bb3RAGJk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74da8fc5092688ad-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
creepingbrings.com/sfp.js
172.64.105.16200 OK 0 B URL HTTP/2 creepingbrings.com/sfp.js
IP 172.64.105.16:0
GET /sfp.js HTTP/1.1
Host: creepingbrings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anotepad.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 20 Sep 2022 12:28:34 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: c7c425c1f08f7c4d539b9ce88c8dd0c1
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Tue, 20 Sep 2022 12:28:34 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tn5TB%2Fz36V6HRKn3QQ0or33ot2kW%2FrIMWknkEk6ExXEaohWJqZZCPfyxC2a0RVKJTnTolx3DOgPnpNGsxN7LyV6vnqfw25Zeu4e99pWs1iz61PDf1JI9YdROf8CKLGg8J%2F9FiPA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74da8fca6b1974d9-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.anotepad.com/bundles/site-js?v=4JJ_WrZ4oNYh261zftqULRw8l8nIXYjyZV-KxGfEAxE1
143.204.55.18200 OK 0 B URL HTTP/2 cdn.anotepad.com/bundles/site-js?v=4JJ_WrZ4oNYh261zftqULRw8l8nIXYjyZV-KxGfEAxE1
IP 143.204.55.18:0
GET /bundles/site-js?v=4JJ_WrZ4oNYh261zftqULRw8l8nIXYjyZV-KxGfEAxE1 HTTP/1.1
Host: cdn.anotepad.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anotepad.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
cache-control: public
expires: Thu, 14 Sep 2023 06:10:39 GMT
last-modified: Wed, 14 Sep 2022 06:10:39 GMT
server: Microsoft-IIS/8.5
x-frame-options: SAMEORIGIN
date: Wed, 14 Sep 2022 06:10:38 GMT
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 5kCQyY4TxBuvwoq-wxh5KY5pD_FSydGsOItWNjBQKSNnkO1HqIGUIA==
age: 541076
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Lato:wght@700&display=swap
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=Lato:wght@700&display=swap
IP 142.250.74.10:0
GET /css2?family=Lato:wght@700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.anotepad.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 20 Sep 2022 12:28:32 GMT
date: Tue, 20 Sep 2022 12:28:32 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2