Report - anotepad.com/notes/83nk9j2y

Report Overview

Submitted URL
anotepad.com/notes/83nk9j2y
IP
207.244.104.157
ASN
#30633 LEASEWEB-USA-WDC
Submitted
2022-09-22 04:09:20
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
22

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	58 kB	142.250.74.163
www.google-analytics.com	40	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	357 B	20 kB	142.250.74.174
cdn.sb4you1.com	22321	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	823 B	1.9 kB	172.64.201.2
cdn.cloudimagesb.com	23099	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	389 B	17 kB	45.133.44.9
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.2 kB	12 kB	23.36.77.32
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	34.160.144.191
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	397 B	1.6 kB	216.58.211.10
quarrelaimless.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	383 B	14 kB	192.243.61.225
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	50 kB	34.120.237.76
unseenreport.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	846 B	192.243.59.12
a.pub.network	6324	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	362 B	2.0 kB	172.67.68.60
ocsp.sca1b.amazontrust.com	1015	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.0 kB	2.7 kB	143.204.42.88
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.6 kB	7.7 kB	142.250.74.3
m.media-amazon.com	580	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	410 B	194 kB	143.204.53.204
cdn.anotepad.com	724042	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.1 kB	28 kB	143.204.55.18
z.moatads.com	374	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	375 B	1.4 kB	23.38.201.146
stats.g.doubleclick.net	96	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	584 B	707 B	142.251.1.156
www.google.no	25607	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	497 B	694 B	142.250.74.3
m.addthis.com	1448	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	718 B	361 B	23.38.200.123
cdnjs.cloudflare.com	235	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.5 kB	118 kB	104.17.25.14
ocsp.godaddy.com	698	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	328 B	2.3 kB	192.124.249.23
e1.o.lencr.org	6159	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	2.9 kB	23.36.77.32
simplewebanalysis.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	373 B	405 B	3.64.106.196
www.google.com	7	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	498 B	694 B	142.250.74.164
cdn.barscreative1.com	25648	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	431 B	386 B	45.133.44.3
region1.google-analytics.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	742 B	559 B	216.239.32.36
www.destinationlighting.com	610101	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	410 B	89 kB	147.135.60.20
s7.addthis.com	1504	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	860 B	144 kB	23.38.200.123
v1.addthisedge.com	1721	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	406 B	463 B	23.38.200.123
addresseepaper.com	18169	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	345 B	960 B	172.64.193.5
anotepad.com	192286	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	6.6 kB	207.244.104.157
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	2.4 kB	93.184.220.29
www.googletagmanager.com	75	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	366 B	45 kB	142.250.74.72
pl16023739.revenuenetworkcpm.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	397 B	18 kB	192.243.59.13
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	143.204.55.27
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	100.20.30.105
varietiesplea.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	6.7 kB	9.1 kB	173.233.137.36
creepingbrings.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	345 B	24 kB	172.64.105.16

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-09-22	medium	cdn.barscreative1.com/sb/au/b6/cf/48/b6cf48ca3e8ab4bdbcfaa2279b0fb2bc/1613726822.html	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-09-22	medium	quarrelaimless.com	Sinkholed
2022-09-22	medium	unseenreport.com	Sinkholed
2022-09-22	medium	unseenreport.com	Sinkholed
2022-09-22	medium	varietiesplea.com	Sinkholed
2022-09-22	medium	varietiesplea.com	Sinkholed
2022-09-22	medium	varietiesplea.com	Sinkholed
2022-09-22	medium	varietiesplea.com	Sinkholed
2022-09-22	medium	varietiesplea.com	Sinkholed
2022-09-22	medium	varietiesplea.com	Sinkholed
2022-09-22	medium	varietiesplea.com	Sinkholed

JavaScript (21)

	URL	Size	First Seen	Last Seen
	cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js	97 kB	2023-03-07	2024-04-25
Pretty URL cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-04-25 14:28:53 Times Seen118702 Hash 4f252523d4af0b478c810c2547a63e19 5a9dcfbef655a2668e78baebeaa8dc6f41d8dabb 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404 Loading...

	cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.4.1/js/bootstrap.min.js	40 kB	2023-03-07	2024-04-25
Pretty URL cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.4.1/js/bootstrap.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-04-25 04:42:11 Times Seen12200 Hash 2f34b630ffe30ba2ff2b91e3f3c322a1 b16fd8226bd6bfb08e568f1b1d0a21d60247cefb 9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe Loading...

	www.googletagmanager.com/gtag/js?id=G-6PG3MM86KX&l=dataLayer&cx=c	215 kB	2023-03-07	2023-03-07
Pretty URL www.googletagmanager.com/gtag/js?id=G-6PG3MM86KX&l=dataLayer&cx=c IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:00:11 Last Seen2023-03-07 23:00:11 Times Seen1 Hash fd61a99b48c236f2db0ffee3b07ffe3c 33f092b124650ca97cddbb844053e8bc61e9b97d 2a6f58598b0f1ec4dc83997052d2dba44700b98ba3d6994399d341a15f05073d Loading...

	anotepad.com/notes/83nk9j2y	83 B	2023-03-07	2023-11-25
Pretty URL anotepad.com/notes/83nk9j2y IP 207.244.104.157 ASN #30633 LEASEWEB-USA-WDC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:33:42 Last Seen2023-11-25 02:48:30 Times Seen27 Hash 5b9ba8c7336bc03b70ee825d67293d70 14ce9f2b7ef27b4595ce6d501388cef99ba66867 71625044733d0cbc032c032fa1f5a1ce246dd700a717165fde28dc7cf23f892a Loading...

	anotepad.com/notes/83nk9j2y	706 B	2023-03-07	2023-11-25
Pretty URL anotepad.com/notes/83nk9j2y IP 207.244.104.157 ASN #30633 LEASEWEB-USA-WDC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:33:42 Last Seen2023-11-25 02:48:30 Times Seen27 Hash 5d7aff84c39145baf56b3b1623a9996f 95424fdc21c6e3fe19a059d35fb23868b809a46e 0f2ddc50af3d0990a3d4596b8f99d8d1ceb3d1a3f35cecc3b39c387c56fea05d Loading...

	pl16023739.revenuenetworkcpm.com/a1/38/54/a1385457843ed7b58df9deca74af31e9.js	54 kB	2023-03-07	2023-03-07
Pretty URL pl16023739.revenuenetworkcpm.com/a1/38/54/a1385457843ed7b58df9deca74af31e9.js IP 192.243.59.13 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:00:11 Last Seen2023-03-07 23:00:11 Times Seen1 Hash ae8be62f96b93252ff34ef86c12d4fe5 156e4adfb481aa4b756967bfc26acd0110db5a39 ab2e84e56547a90029bae2385ae2e3f71ef32f9a322bd30c3a76326caafd66dc Loading...

	s7.addthis.com/js/300/addthis_widget.js#pubid=ra-56846750fb16a611	361 kB	2023-03-07	2023-11-23
Pretty URL s7.addthis.com/js/300/addthis_widget.js#pubid=ra-56846750fb16a611 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:57 Last Seen2023-11-23 23:37:41 Times Seen4632 Hash 61dcfa8958e6a7cc3f23b3b4758ee178 c4313cf29a2c056422ab798a2d088743c0972e97 acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-07	2024-01-06
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.174 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:05:31 Last Seen2024-01-06 17:39:53 Times Seen66 Hash 99ba52a15d2da967b023016d1af58cbd 5c2246049c43834d17113877b4731bd4f9803d55 9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f Loading...

	quarrelaimless.com/b3/7d/2f/b37d2f9324506eb3d8dc9b0489d7878c.js	37 kB	2023-03-07	2023-03-07
Pretty URL quarrelaimless.com/b3/7d/2f/b37d2f9324506eb3d8dc9b0489d7878c.js IP 192.243.61.225 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:33:42 Last Seen2023-03-07 23:51:57 Times Seen1 Hash 24c61dc8efb83884abee7107662c96af a0920fa21eb0b6a68235853c852f53d5fca18365 b22e6009ec715a71557b5e64afab0f242037b139303594ed018f0e9ce7505be9 Loading...

	s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html#rand=0.21863130361108518&iit=1663819751906&tmr=load%3D1663819751373%26core%3D1663819751386%26main%3D1663819751904%26ifr%3D1663819751910&cb=0&cdn=0&md=0&kw=&ab=-&dh=anotepad.com&dr=&du=https%3A%2F%2Fanotepad.com%2Fnotes%2F83nk9j2y&href=https%3A%2F%2Fanotepad.com%2Fnotes%2F83nk9j2y&dt=Ways%20to%20Add%20Beauty%20and%20Functionality%20to%20Home%20with%20Fitter%20Glass%20Shades%20-%20Online%20Notepad&dbg=0&cap=tc%3D0%26ab%3D0&inst=1&jsl=1&prod=undefined&lng=en&ogt=&pc=men&pub=ra-56846750fb16a611&ssl=1&sid=632bdfe71a6db9c1&srf=0.01&ver=300&xck=0&xtr=0&og=&csi=undefined&rev=v8.28.8-wp&ct=0&xld=1&xd=1	72 kB	2023-03-07	2023-05-06
Pretty URL s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html#rand=0.21863130361108518&iit=1663819751906&tmr=load%3D1663819751373%26core%3D1663819751386%26main%3D1663819751904%26ifr%3D1663819751910&cb=0&cdn=0&md=0&kw=&ab=-&dh=anotepad.com&dr=&du=https%3A%2F%2Fanotepad.com%2Fnotes%2F83nk9j2y&href=https%3A%2F%2Fanotepad.com%2Fnotes%2F83nk9j2y&dt=Ways%20to%20Add%20Beauty%20and%20Functionality%20to%20Home%20with%20Fitter%20Glass%20Shades%20-%20Online%20Notepad&dbg=0&cap=tc%3D0%26ab%3D0&inst=1&jsl=1&prod=undefined&lng=en&ogt=&pc=men&pub=ra-56846750fb16a611&ssl=1&sid=632bdfe71a6db9c1&srf=0.01&ver=300&xck=0&xtr=0&og=&csi=undefined&rev=v8.28.8-wp&ct=0&xld=1&xd=1 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:57 Last Seen2023-05-06 01:05:13 Times Seen3063 Hash 7d5b5e32745c7b2e10b41554f0dc4142 2fe0a408b06fb8a44f7c1b54ad4f1b70204584ab 7eae26867a4cf6c29d2fbc4cbf3a222058ba71a9ceb7ff0d6d96c3cfb462cc81 Loading...

	anotepad.com/notes/83nk9j2y	337 B	2023-03-07	2023-11-25
Pretty URL anotepad.com/notes/83nk9j2y IP 207.244.104.157 ASN #30633 LEASEWEB-USA-WDC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:33:42 Last Seen2023-11-25 02:48:30 Times Seen27 Hash 7ed8d094acd4ca41435478d71d181ff3 a8c5a39c74ed6f55d3d160f6fab48ae8ed8d06d6 5daf8f0671a577e7b3e7ed96c134a1cdfd026fa344d72a58722b402d03366068 Loading...

	cdn.anotepad.com/bundles/site-js?v=4JJ_WrZ4oNYh261zftqULRw8l8nIXYjyZV-KxGfEAxE1	19 kB	2023-03-07	2023-03-07
Pretty URL cdn.anotepad.com/bundles/site-js?v=4JJ_WrZ4oNYh261zftqULRw8l8nIXYjyZV-KxGfEAxE1 IP 143.204.55.18 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 21:42:07 Last Seen2023-03-07 23:51:57 Times Seen1 Hash 1412e3592a9fde6d7f419cb94c1e55bc 24d4ae92a25b030c23c103eef3909bd29e6c038e 31a0670506a649405f6027937f2b64043f74622b6216d1130fd87538fde72419 Loading...

	v1.addthisedge.com/live/boost/ra-56846750fb16a611/_ate.track.config_resp	166 B	2023-03-07	2023-05-05
Pretty URL v1.addthisedge.com/live/boost/ra-56846750fb16a611/_ate.track.config_resp IP 23.38.200.123 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:33:22 Last Seen2023-05-05 09:27:43 Times Seen156 Hash ce1e291468dd80d09650c7b039de0f29 940e37be1fa48f3664d60f4585e5b738eff25f06 4cf8b4da854cac70fb514c2d255e93904353bda1fcc7229de2f59d5971d83028 Loading...

	cdnjs.cloudflare.com/ajax/libs/jqueryui/1.12.1/jquery-ui.min.js	254 kB	2023-03-07	2024-04-25
Pretty URL cdnjs.cloudflare.com/ajax/libs/jqueryui/1.12.1/jquery-ui.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:19:34 Last Seen2024-04-25 14:19:06 Times Seen6567 Hash c15b1008dec3c8967ea657a7bb4baaec 78489e580adaef931e6e5b131dab556c397e4a1a 28ce75d953678c4942df47a11707a15e3c756021cf89090e3e6aa7ad6b6971c3 Loading...

	www.googletagmanager.com/gtm.js?id=GTM-NQC99C3	115 kB	2023-03-07	2023-03-07
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-NQC99C3 IP 142.250.74.72 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:00:11 Last Seen2023-03-07 23:00:11 Times Seen1 Hash 05bed79eebea51da16976de79f5041e7 0f4163e4105a6a69eac269eda86c10f6b3645dbc a210cc69c5b98e308130bf1cf720c947098089d2510f040ae3423f94f79ff852 Loading...

	anotepad.com/notes/83nk9j2y	166 B	2023-03-07	2023-03-07
Pretty URL anotepad.com/notes/83nk9j2y IP 207.244.104.157 ASN #30633 LEASEWEB-USA-WDC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:00:11 Last Seen2023-03-07 23:00:11 Times Seen1 Hash 47bf3a11a8727856eb02bf185823c95c 3aa09c10d6cba1b5350fcba6c33a19e1dcea1148 a58c49266164e39b1cac321a2870c0fb349db4b170b107a34837c563e3d7073e Loading...

	z.moatads.com/addthismoatframe568911941483/moatframe.js	1.7 kB	2023-03-07	2023-11-01
Pretty URL z.moatads.com/addthismoatframe568911941483/moatframe.js IP 23.38.201.146 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:57 Last Seen2023-11-01 14:42:28 Times Seen4278 Hash dd1a19cb8d13e4571d2b293c0a0d2ccf 18070dd5c894930a8aef7117bf8d49bd4922a723 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd Loading...

	m.addthis.com/live/red_lojson/300lo.json?si=632bdfe71a6db9c1&bkl=0&bl=1&pdt=852&sid=632bdfe71a6db9c1&pub=ra-56846750fb16a611&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=anotepad.com&fp=notes%2F83nk9j2y&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=0&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1663819751914&jsl=1&uvs=632bdfe70a063224000&skipb=1&callback=addthis.cbs.jsonp__176288228165508820	90 B	2023-03-07	2023-03-07
Pretty URL m.addthis.com/live/red_lojson/300lo.json?si=632bdfe71a6db9c1&bkl=0&bl=1&pdt=852&sid=632bdfe71a6db9c1&pub=ra-56846750fb16a611&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=anotepad.com&fp=notes%2F83nk9j2y&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=0&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1663819751914&jsl=1&uvs=632bdfe70a063224000&skipb=1&callback=addthis.cbs.jsonp__176288228165508820 IP 23.38.200.123 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:00:11 Last Seen2023-03-07 23:00:11 Times Seen1 Hash 3d157be773f775ec5282f5f7139aa2cb aa1a3294fbba8c65d4a4ee18cfb09b5cb00d80ab 3349cbc7a5bcce19070f17f285ad25d263b50dca87c6a6f582b5c5ada290cf8d Loading...

	http:blank	659 B	2023-03-07	2023-03-17
Pretty URL http:blank IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 21:42:07 Last Seen2023-03-17 11:40:14 Times Seen1 Hash 75fc8e1b2ede9448b2e6ecdf2e824bc7 2d61bc3c87171fc848fe1a87c51afd3c6e97100c 82079cb7930624716fcb67c1a72e879a06d62f6076a4b45aff70d16996d8e43e Loading...

		Size	First Seen	Last Seen
	#1 Eval - 449bf5704205ea90d9021bf85b4300cd	11 B	2023-03-07	2024-04-14
Pretty Observations First Seen2023-03-07 01:02:58 Last Seen2024-04-14 19:52:56 Times Seen3353 Hash 449bf5704205ea90d9021bf85b4300cd a8401782462f9e0afe2435dea38cb79ac66d83af 8ee784d797ce97ed9716bb42682346deb0c7ae8ff75d7ad8ae60508907054c16 Loading...

	#2 Eval - 062687690045026856f53e20000732e7	8 B	2023-03-07	2024-04-14
Pretty Observations First Seen2023-03-07 01:02:58 Last Seen2024-04-14 19:52:56 Times Seen3365 Hash 062687690045026856f53e20000732e7 907a784295139ac62a25fed0fe9636c8a3a5b3af 3c4b9b06fe520e9d07b2150eebd412a59c91d789706d99a2b2dc9bf217604d1f Loading...

HTTP Transactions (97)

URL IP Response Size

firefox.settings.services.mozilla.com/v1/

143.204.55.27

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.27:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Thu, 22 Sep 2022 03:13:54 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 4k1kq9KPMK8wYGZdROK80ctJxGP4sdEAkqaFL0i7-KcMXg3Cx5RzeQ==
Age: 3315

anotepad.com/notes/83nk9j2y

207.244.104.157

301 Moved Permanently

158 B

URL HTTP/1.1
anotepad.com/notes/83nk9j2y
IP
207.244.104.157:0
ASN
#30633 LEASEWEB-USA-WDC

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text
Size
158 B (158 bytes)
Hash
60c95da62833ac8dc1a90f93a66bbb50
c3eb7cf4e2959d19767cacf05cd027b69b4c1386
310f348f3000939d476d88f6f25cc97515f7ad8f990df022242715ad4ffeaf25

HTTP Headers

GET /notes/83nk9j2y HTTP/1.1
Host: anotepad.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
Location: https://anotepad.com/notes/83nk9j2y
Server: Microsoft-IIS/8.5
X-Frame-Options: SAMEORIGIN
Date: Thu, 22 Sep 2022 04:09:12 GMT
Content-Length: 158

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a26d0784548ecab22f417f3d689daf23
8893b79366bbadeb5c8d587b8f023e310694df1c
35baaae7b3ce3110ebb2b075881cfab55ecf3eab57d834283fd18ac691b41fa2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35BAAAE7B3CE3110EBB2B075881CFAB55ECF3EAB57D834283FD18AC691B41FA2"
Last-Modified: Tue, 20 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3531
Expires: Thu, 22 Sep 2022 05:08:00 GMT
Date: Thu, 22 Sep 2022 04:09:09 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
afb65a07bf7214addf83d17a53acba32
a8e973204431320aa7b362a4e73944520c4b51b9
46e1a9e6c98245afb7fa84bc6d9ba6844105024e2d3f56e28748e6c321475d02

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "46E1A9E6C98245AFB7FA84BC6D9BA6844105024E2D3F56E28748E6C321475D02"
Last-Modified: Wed, 21 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16536
Expires: Thu, 22 Sep 2022 08:44:45 GMT
Date: Thu, 22 Sep 2022 04:09:09 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: UPXN9JSOcULm/EXgnQgQEQEhMGhH+PoqpVAp941b257n+cM7ntA4vSwiw59p8Oz3N42irzAOhHw=
x-amz-request-id: J4Y2YE23HA9R5JCR
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 22 Sep 2022 03:43:36 GMT
age: 1533
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
etag: "6113f8408c59aebe188d6af273b90743"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 04:09:09 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

anotepad.com/notes/83nk9j2y

207.244.104.157

200 OK

5.4 kB

URL HTTP/1.1
anotepad.com/notes/83nk9j2y
IP
207.244.104.157:0
ASN
#30633 LEASEWEB-USA-WDC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2343), with CRLF line terminators
Size
5.4 kB (5360 bytes)
Hash
a62f4593093270ff43df6e15aa4bbed6
886a24e7d63671721c97bf1ba530df0a00b38a10
4a349ac6910063d1db4dafb7f895e00565437ede1302e4e56e15aff751fd4ab9

HTTP Headers

GET /notes/83nk9j2y HTTP/1.1
Host: anotepad.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Frame-Options: SAMEORIGIN
Date: Thu, 22 Sep 2022 04:09:12 GMT
Content-Length: 5360

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.27

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.27:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Thu, 22 Sep 2022 04:03:23 GMT
Cache-Control: max-age=3600
Expires: Thu, 22 Sep 2022 04:54:52 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: nYLt2bdzZU_Yi8AvLwTkLfPMfa30zZu650zYskc0g_nbmqJZh9Dqmw==
Age: 348

cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.4.1/css/bootstrap.min.css

104.17.25.14

200 OK

16 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.4.1/css/bootstrap.min.css
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65369)
Size
16 kB (16120 bytes)
Hash
d3a47d1d66fc94ed3f89d9e77cd1a122
92b01371dd02a4157abb9cfdfb6c63b9c7a4eee9
3b1897163caeb1738a1bc8d6ec7db9b903b3fc21d91b586714e19fedd46a3d5d

HTTP Headers

GET /ajax/libs/twitter-bootstrap/3.4.1/css/bootstrap.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anotepad.com
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 22 Sep 2022 04:09:10 GMT
content-type: text/css; charset=utf-8
content-length: 16120
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb04010-1da71"
last-modified: Mon, 04 May 2020 16:17:20 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1160976
expires: Tue, 12 Sep 2023 04:09:10 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=11XoVb0%2F5e5rSkYVQcea%2F%2Fj9fMjvfYoFGfJWvOQVoNTVhiBArnN6oP0Nj2JWj2Klry4g6PfdKrz%2FsGZCgjU5fdzYPWH7AE4FQ99OK1XnMDUoa3FSD8YATHyPvWnv5NJ9SCLGT%2Bmx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74e82eff5dbdb523-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js

104.17.25.14

200 OK

30 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (32077)
Size
30 kB (30360 bytes)
Hash
5e4764d3c94d1a1db8c3d0890278b6d1
e5171f2f46e16d32df5f634ba21e47256fa9689c
5077e8927721a6a3ae5d78b456b7041230d627774a0a319beebacc88290b8328

HTTP Headers

GET /ajax/libs/jquery/1.12.4/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anotepad.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 22 Sep 2022 04:09:10 GMT
content-type: application/javascript; charset=utf-8
content-length: 30360
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-17b8b"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1163904
expires: Tue, 12 Sep 2023 04:09:10 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CRP%2BVxfuaJC6xbWH%2FTHXno%2FqzFiFkHIQNiaxydICUIEgzdNYNX3WUQMeDwyh3ZVzUFk5AwWdzoqSBX9lMOJ1s4%2FeQ%2B1rL0QiEIFknPhbDHtAqUygYVId8CexJ5VI0z5H4jzR9mVr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74e82eff6dc9b523-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/jqueryui/1.12.1/jquery-ui.min.js

104.17.25.14

200 OK

57 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/jqueryui/1.12.1/jquery-ui.min.js
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (32074)
Size
57 kB (57137 bytes)
Hash
8486da289409cd85cf8b6fd169c721c4
72d46568b1412639c71f218761c4e637773c4bfc
552f8314a7e6f840ab958f4a71ee38b747deb74634ea9797806f38c95b48c3ef

HTTP Headers

GET /ajax/libs/jqueryui/1.12.1/jquery-ui.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anotepad.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 22 Sep 2022 04:09:10 GMT
content-type: application/javascript; charset=utf-8
content-length: 57137
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-3dee5"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 9260199
expires: Tue, 12 Sep 2023 04:09:10 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CoXnzRRzLQ%2BlO2mPaldjPl4fqzMV9w9Abx0eP7Bs473srdaw5jFVPz1cqk4v3ZyM%2BqA6WiKeNa0%2FBWsZxnsn0pDjXpffB%2FUOzoI8bczKqpKlwNOhfSOjEDZt%2B6otJL5JtKl0TFs%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74e82eff6dccb523-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.4.1/js/bootstrap.min.js

104.17.25.14

200 OK

9.7 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.4.1/js/bootstrap.min.js
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (39553)
Size
9.7 kB (9687 bytes)
Hash
6a83a42b86273faf5b5636e7ca26e596
a4fa1db5a05a11de643326e1041f4540f1ca8bc5
e08073d20d6668bc5a0a676b2c51ad8fb5f4293de4f85e71d14dda246f69c12e

HTTP Headers

GET /ajax/libs/twitter-bootstrap/3.4.1/js/bootstrap.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anotepad.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 22 Sep 2022 04:09:10 GMT
content-type: application/javascript; charset=utf-8
content-length: 9687
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb04010-9b00"
last-modified: Mon, 04 May 2020 16:17:20 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 209476
expires: Tue, 12 Sep 2023 04:09:10 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MspCyOp6%2BiFbE7FJPBkmRLyaviAchqOcaiP0%2BSiqOLrokyulvuCAXkpXaxhbEyDbY%2FBE%2BNzjpoXN51TGAE4UCTgeZbdMKWgUfq0CZh1R98OqIyZR%2Ft19vIJHmhn4CTt7AaPD4ldH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74e82effade7b523-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
35343b6981ed4c9eb2cd90bc8c2146cd
4e49432e50195a2bc528fb1745a2899306c79db8
cf55f53534e3e8b62513618cda90832a7b9bcd0d15b1a8f6bb51db6eb60daefd

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 04:09:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
ff6d50919e56aed75c47feb45ee2f2ec
98f558a4b2d4f3c271abc93d0b74ece4ad7a59ef
b1b6f0e78b5a1e2092cba6d71d0d5a918066c0486176cef0a19f51e2d5a9962e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5513
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 04:09:10 GMT
Last-Modified: Thu, 22 Sep 2022 02:37:17 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471

www.googletagmanager.com/gtm.js?id=GTM-NQC99C3

142.250.74.72

200 OK

44 kB

URL HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-NQC99C3
IP
142.250.74.72:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1720)
Size
44 kB (44377 bytes)
Hash
ab83f821c9edc6b6541abbb5ba094958
4f5ba9a64fa842fe31f23938c40187959f109915
d76c283bfb98a46d9e56156c2fe35e5bde3eac258fd7843dbd61af7b44bbe395

HTTP Headers

GET /gtm.js?id=GTM-NQC99C3 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anotepad.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 22 Sep 2022 04:09:10 GMT
expires: Thu, 22 Sep 2022 04:09:10 GMT
cache-control: private, max-age=900
last-modified: Thu, 22 Sep 2022 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44377
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
35343b6981ed4c9eb2cd90bc8c2146cd
4e49432e50195a2bc528fb1745a2899306c79db8
cf55f53534e3e8b62513618cda90832a7b9bcd0d15b1a8f6bb51db6eb60daefd

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 04:09:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

m.media-amazon.com/images/I/71Wi6jWMjCL._AC_SL1500_.jpg

143.204.53.204

200 OK

193 kB

URL HTTP/2
m.media-amazon.com/images/I/71Wi6jWMjCL._AC_SL1500_.jpg
IP
143.204.53.204:0
ASN
#16509 AMAZON-02

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1500x1500, components 3\012- data
Size
193 kB (192883 bytes)
Hash
acc8c03ebf63329a36786f41ad3aa28b
9fabfaf51656022e417dcd9a3aff96933ad015e2
228a881f647f71cb32165ca23e4403b624ab464badc337be8a640e881da75cd8

HTTP Headers

GET /images/I/71Wi6jWMjCL._AC_SL1500_.jpg HTTP/1.1
Host: m.media-amazon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anotepad.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
content-length: 192883
server: Server
date: Fri, 09 Sep 2022 18:42:05 GMT
x-amz-ir-id: d9f14634-0fa3-44ae-b0fc-83b66e57fc9b
expires: Thu, 04 Sep 2042 18:42:05 GMT
cache-control: max-age=630720000,public
surrogate-key: x-cache-860 /images/I/71Wi6jWMjCL
timing-allow-origin: https://www.amazon.in, https://www.amazon.com
edge-cache-tag: x-cache-860,/images/I/71Wi6jWMjCL
access-control-allow-origin: *
last-modified: Wed, 29 Apr 2020 08:23:54 GMT
x-nginx-cache-status: MISS
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: GuHSBmINzy64bzy98BdO3R7aLrLwjbjmUF1L5tji0r5NKkzUPzjbcA==
age: 1070825
X-Firefox-Spdy: h2

push.services.mozilla.com/

100.20.30.105

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
100.20.30.105:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: gMrra/ZB1+HTd1WwtvtRTA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: tFNu8xM1afoBx6ygr8npqh2GM9k=

ocsp.sca1b.amazontrust.com/

143.204.42.88

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.88:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
288875491f58edf31b9b99573585cf47
62618c3a75126d1e5810887c84f9dec8a5693205
e57719f3141bd48987fd6827252129ff5c385472125c5bb88070fed0ddd49c43

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Thu, 22 Sep 2022 04:09:10 GMT
Server: ECS (dcb/7FA7)
X-Cache: Miss from cloudfront
Via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: I8w1QxIzPlbEt0f7z-86H8LKmQkIakSptTLmxn6RTdWO8s0O7eKkQQ==

ocsp.sca1b.amazontrust.com/

143.204.42.88

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.88:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
288875491f58edf31b9b99573585cf47
62618c3a75126d1e5810887c84f9dec8a5693205
e57719f3141bd48987fd6827252129ff5c385472125c5bb88070fed0ddd49c43

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Thu, 22 Sep 2022 04:09:10 GMT
Server: ECS (dcb/7F3A)
X-Cache: Miss from cloudfront
Via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: aO-dO-ekD7jrEjU4PPQAlu3oMPh5KJY1aTDs-J61atoyAfXrF0dYzA==

cdn.anotepad.com/images/badge_applestore.png

143.204.55.18

200 OK

3.1 kB

URL HTTP/2
cdn.anotepad.com/images/badge_applestore.png
IP
143.204.55.18:0
ASN
#16509 AMAZON-02

File type
PNG image data, 239 x 80, 8-bit colormap, non-interlaced\012- data
Size
3.1 kB (3050 bytes)
Hash
4e97ce0a8ea4025ed15e9c19079ca4b6
948efc3776eb186349cf0cec535a82833c56cd6f
7f9164a13476744c911fea7dbab9a2924750f69f82ec1d51d2a09e64638952c0

HTTP Headers

GET /images/badge_applestore.png HTTP/1.1
Host: cdn.anotepad.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anotepad.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 3050
last-modified: Sun, 12 Jan 2020 18:32:03 GMT
accept-ranges: bytes
server: Microsoft-IIS/8.5
x-frame-options: SAMEORIGIN
cache-control: max-age=604800
date: Tue, 20 Sep 2022 04:03:05 GMT
etag: "82bdb9576c9d51:0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 7UGTiQIvZWROz0zEQJCVIHyHKykr6CEPkHJfl3qnYJ9FH7e2ntrzHA==
age: 173166
X-Firefox-Spdy: h2

cdn.anotepad.com/images/badge_playstore.png

143.204.55.18

200 OK

3.7 kB

URL HTTP/2
cdn.anotepad.com/images/badge_playstore.png
IP
143.204.55.18:0
ASN
#16509 AMAZON-02

File type
PNG image data, 270 x 80, 8-bit colormap, non-interlaced\012- data
Size
3.7 kB (3709 bytes)
Hash
d4ce4d823f6777f6c4997ad89d50d8fc
3c61260e346bb30109d29009fb90b0625cb1be60
f45f42097ab97da2bd3034f5f7331e2283a38f7147638825cd71912fe8dcbbb6

HTTP Headers

GET /images/badge_playstore.png HTTP/1.1
Host: cdn.anotepad.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anotepad.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 3709
last-modified: Sun, 12 Jan 2020 18:32:03 GMT
accept-ranges: bytes
server: Microsoft-IIS/8.5
x-frame-options: SAMEORIGIN
cache-control: max-age=604800
date: Sun, 18 Sep 2022 18:15:37 GMT
etag: "bf8eda9576c9d51:0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: joihegKk1RhoQnEeKPBi4EhnbGx3Pk6SqefUufE90sxrveyCpFPjig==
age: 294812
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
bd44646d6e00a35e7e08de68b78e01ec
2ac0b25e107e5654aa780d642be07215874ea73a
68481404cff0ed8c467515446c4f761e671492400fe2bb45ec81ba0a59710ae9

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4479
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 04:09:10 GMT
Last-Modified: Thu, 22 Sep 2022 02:54:31 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 280

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
c8ac2005f83e8a3a9da1a9837b6c2ff3
7c05f49683e49232c1e11b91253e684d2f96ab83
b0b42743b4c7e4b528fd78aadc5429ef34c2e127f3d5147330d428a47203dc0a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 04:09:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.godaddy.com/

192.124.249.23

200 OK

1.8 kB

URL HTTP/1.1
ocsp.godaddy.com/
IP
192.124.249.23:0
ASN
#30148 SUCURI-SEC

File type
data
Size
1.8 kB (1778 bytes)
Hash
88864564eccd271cdd9c2c1bb36f3e74
48b793d8224d2b50b0bf88d5c71bb256e3a6bce4
dc656cc817c951f28e4d4d25476b027e5aa6ca62e0ff21af98ee7d458a8ac03c

HTTP Headers

POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Thu, 22 Sep 2022 04:09:10 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Wed, 21 Sep 2022 20:56:09 GMT
Expires: Thu, 22 Sep 2022 20:56:09 GMT
ETag: "48b793d8224d2b50b0bf88d5c71bb256e3a6bce4"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
2ef2fb8b39a0404295814a0bc676cfe0
d85dab9c4b02f407f20cc3aaff784a68835ca578
1e683e3ffb4e486d36304d6c8ecd63b6dcbe730dd90de3c7ee7be8a088371fb1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1E683E3FFB4E486D36304D6C8ECD63B6DCBE730DD90DE3C7EE7BE8A088371FB1"
Last-Modified: Wed, 21 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9758
Expires: Thu, 22 Sep 2022 06:51:48 GMT
Date: Thu, 22 Sep 2022 04:09:10 GMT
Connection: keep-alive

cdn.anotepad.com/Images/icons/icon_language_light.png

143.204.55.18

200 OK

2.8 kB

URL HTTP/2
cdn.anotepad.com/Images/icons/icon_language_light.png
IP
143.204.55.18:0
ASN
#16509 AMAZON-02

File type
PNG image data, 96 x 96, 8-bit/color RGBA, non-interlaced\012- data
Size
2.8 kB (2752 bytes)
Hash
41246beeea403683c91ce0c8f754bd8c
d89c21eb936491b8ba00b09fd9351813643961cd
84d8eb6af559cc3d679dcbbdc021f2bcd43b699edaf99c7443b0e30c1e65e205

HTTP Headers

GET /Images/icons/icon_language_light.png HTTP/1.1
Host: cdn.anotepad.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.anotepad.com/bundles/site-css?v=A7BcNioZ7gHnb7Yxnif3W0WdBTQKnRFddLcogYeCxew1
Cookie: _ga_6PG3MM86KX=GS1.1.1663819750.1.0.1663819750.0.0.0; _ga=GA1.1.1178988000.1663819750
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 2752
last-modified: Thu, 16 Dec 2021 08:59:54 GMT
accept-ranges: bytes
server: Microsoft-IIS/8.5
x-frame-options: SAMEORIGIN
cache-control: max-age=604800
date: Tue, 20 Sep 2022 01:53:17 GMT
etag: "061b44a5bf2d71:0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: RfMcProCw3GLT-eBS2svg_edRnXgdc73CN2HA1ej0QR6S3Of1Dn3LQ==
age: 180954
X-Firefox-Spdy: h2

cdn.anotepad.com/Images/icon_sprites.png?v1

143.204.55.18

200 OK

15 kB

URL HTTP/2
cdn.anotepad.com/Images/icon_sprites.png?v1
IP
143.204.55.18:0
ASN
#16509 AMAZON-02

File type
PNG image data, 1824 x 48, 8-bit/color RGBA, non-interlaced\012- data
Size
15 kB (14982 bytes)
Hash
f32de01b6b72a3232f70853b25b9ca75
f97632426ea1e1c9b8031cd67e4c903d3cf94661
f01231a50ecc9c14b80f5f743ed5aeeec39f27867fb70b9b8e79f836f4af078f

HTTP Headers

GET /Images/icon_sprites.png?v1 HTTP/1.1
Host: cdn.anotepad.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.anotepad.com/bundles/site-css?v=A7BcNioZ7gHnb7Yxnif3W0WdBTQKnRFddLcogYeCxew1
Cookie: _ga_6PG3MM86KX=GS1.1.1663819750.1.0.1663819750.0.0.0; _ga=GA1.1.1178988000.1663819750
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 14982
last-modified: Sat, 13 Nov 2021 20:56:42 GMT
accept-ranges: bytes
server: Microsoft-IIS/8.5
x-frame-options: SAMEORIGIN
date: Thu, 22 Sep 2022 03:58:03 GMT
cache-control: max-age=604800
etag: "47835cf6d0d8d71:0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: vVq9yHsHLE-n8kbCvj6VhX0ejqKpfBwp7skvWv5m3K_8EPmQHivqGg==
age: 465517
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
c8ac2005f83e8a3a9da1a9837b6c2ff3
7c05f49683e49232c1e11b91253e684d2f96ab83
b0b42743b4c7e4b528fd78aadc5429ef34c2e127f3d5147330d428a47203dc0a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 04:09:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.googleapis.com/css2?family=Lato:wght@700&display=swap

216.58.211.10

200 OK

816 B

URL HTTP/2
fonts.googleapis.com/css2?family=Lato:wght@700&display=swap
IP
216.58.211.10:0
ASN
#15169 GOOGLE

File type
data
Size
816 B (816 bytes)
Hash
fe5ec977d280010b9f06672593cde5af
54d288a4c504c79a6818886913516f8ef46c58be
06a577e67de295c85c3ae0aa2185b1beffd2d0b95291eb5e510ccdf44d0a4a5f

HTTP Headers

GET /css2?family=Lato:wght@700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.anotepad.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 22 Sep 2022 04:09:10 GMT
date: Thu, 22 Sep 2022 04:09:10 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2

142.250.74.163

200 OK

23 kB

URL HTTP/2
fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 23040, version 1.0\012- data
Size
23 kB (23040 bytes)
Hash
de69cf9e514df447d1b0bb16f49d2457
2ac78601179c3a63ba3f3f3081556b12ddcaf655
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

HTTP Headers

GET /s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://anotepad.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23040
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 20 Sep 2022 17:10:21 GMT
expires: Wed, 20 Sep 2023 17:10:21 GMT
cache-control: public, max-age=31536000
age: 125929
last-modified: Tue, 26 Apr 2022 15:56:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
5149084af9bb01e5471e0be93a009ab0
1aaae44973461346130015cba0c36e9d1b5b77f2
db8a390c5bb50072d57429a45c470496139deb98e04b175f45600e5e4b2ac884

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 04:09:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

pl16023739.revenuenetworkcpm.com/a1/38/54/a1385457843ed7b58df9deca74af31e9.js

192.243.59.13

200 OK

17 kB

URL HTTP/1.1
pl16023739.revenuenetworkcpm.com/a1/38/54/a1385457843ed7b58df9deca74af31e9.js
IP
192.243.59.13:0
ASN
#39572 DataWeb Global Group B.V.

File type
ASCII text, with very long lines (53723), with no line terminators
Size
17 kB (17161 bytes)
Hash
b38b7eb38801282afade2e35b197b3b8
67df3e63d0bf016e880dfd666ba06641eb8981ec
b36ed72cce572f5fe4bf3a5a21425ef2ebbea2e44fb417bbf79ffba71e733e75

HTTP Headers

GET /a1/38/54/a1385457843ed7b58df9deca74af31e9.js HTTP/1.1
Host: pl16023739.revenuenetworkcpm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anotepad.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Thu, 22 Sep 2022 04:09:10 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: fb8a2f5f35f9874367439f300fea0304
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

anotepad.com/note/loadcomment

207.244.104.157

200 OK

360 B

URL HTTP/1.1
anotepad.com/note/loadcomment
IP
207.244.104.157:0
ASN
#30633 LEASEWEB-USA-WDC

File type
ASCII text, with CRLF line terminators
Size
360 B (360 bytes)
Hash
69e62c5f90ce8a3578aae9ea26cb5221
d53f0f16cc1878e6065ef412c63df58e39d47b3a
f185010745652a05abd30200b26d0203cd9b2604646f7f585f9977fcdd214402

HTTP Headers

POST /note/loadcomment HTTP/1.1
Host: anotepad.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 19
Origin: https://anotepad.com
Connection: keep-alive
Referer: https://anotepad.com/notes/83nk9j2y
Cookie: _ga_6PG3MM86KX=GS1.1.1663819750.1.0.1663819750.0.0.0; _ga=GA1.1.1178988000.1663819750
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Frame-Options: SAMEORIGIN
Date: Thu, 22 Sep 2022 04:09:13 GMT
Content-Length: 360

e1.o.lencr.org/

23.36.77.32

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
b2494aa6483ac8a65bf0e6bcb2d8c554
894888054ce1647c8ae1f2afefe4faeecebaa95d
63a85091d4a67a58e301d159e3c330d37264929824c1de55d6af76f308093013

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "63A85091D4A67A58E301D159E3C330D37264929824C1DE55D6AF76F308093013"
Last-Modified: Wed, 21 Sep 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12186
Expires: Thu, 22 Sep 2022 07:32:17 GMT
Date: Thu, 22 Sep 2022 04:09:11 GMT
Connection: keep-alive

region1.google-analytics.com/g/collect?v=2&tid=G-6PG3MM86KX&gtm=2oe9j0&_p=955416395&cid=1178988000.1663819750&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1663819750&sct=1&seg=0&dl=https%3A%2F%2Fanotepad.com%2Fnotes%2F83nk9j2y&dt=Ways%20to%20Add%20Beauty%20and%20Functionality%20to%20Home%20with%20Fitter%20Glass%20Shades%20-%20Online%20Notepad&en=page_view&_fv=1&_nsi=1&_ss=1

216.239.32.36

204 No Content

0 B

URL HTTP/2
region1.google-analytics.com/g/collect?v=2&tid=G-6PG3MM86KX&gtm=2oe9j0&_p=955416395&cid=1178988000.1663819750&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1663819750&sct=1&seg=0&dl=https%3A%2F%2Fanotepad.com%2Fnotes%2F83nk9j2y&dt=Ways%20to%20Add%20Beauty%20and%20Functionality%20to%20Home%20with%20Fitter%20Glass%20Shades%20-%20Online%20Notepad&en=page_view&_fv=1&_nsi=1&_ss=1
IP
216.239.32.36:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-6PG3MM86KX&gtm=2oe9j0&_p=955416395&cid=1178988000.1663819750&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1663819750&sct=1&seg=0&dl=https%3A%2F%2Fanotepad.com%2Fnotes%2F83nk9j2y&dt=Ways%20to%20Add%20Beauty%20and%20Functionality%20to%20Home%20with%20Fitter%20Glass%20Shades%20-%20Online%20Notepad&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anotepad.com
Connection: keep-alive
Referer: https://anotepad.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://anotepad.com
date: Thu, 22 Sep 2022 04:09:11 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.77.32

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
b2494aa6483ac8a65bf0e6bcb2d8c554
894888054ce1647c8ae1f2afefe4faeecebaa95d
63a85091d4a67a58e301d159e3c330d37264929824c1de55d6af76f308093013

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "63A85091D4A67A58E301D159E3C330D37264929824C1DE55D6AF76F308093013"
Last-Modified: Wed, 21 Sep 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12186
Expires: Thu, 22 Sep 2022 07:32:17 GMT
Date: Thu, 22 Sep 2022 04:09:11 GMT
Connection: keep-alive

www.destinationlighting.com/images/products_zoom/175/P695175~zoom.jpg

147.135.60.20

200 OK

88 kB

URL HTTP/1.1
www.destinationlighting.com/images/products_zoom/175/P695175~zoom.jpg
IP
147.135.60.20:0
ASN
#16276 OVH SAS

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 1000x1000, components 3\012- data
Size
88 kB (88339 bytes)
Hash
abf47dc38488d7a3276f311ddfd39a26
6db405f32fb20710cda3501f478f570a12f78d12
07472ebb34381cd310c16a8477aba1bd2709aae12858d8dc22ce7a592db5876d

HTTP Headers

GET /images/products_zoom/175/P695175~zoom.jpg HTTP/1.1
Host: www.destinationlighting.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anotepad.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 04:09:11 GMT
Server: Apache
Last-Modified: Wed, 11 Jul 2012 23:37:29 GMT
Accept-Ranges: bytes
Content-Length: 88339
Cache-Control: max-age=604800
Expires: Thu, 29 Sep 2022 04:09:11 GMT
X-Frame-Options: sameorigin
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/jpeg

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
eec52ba77099578fe886b6bf13206678
ba500db4ec07ee84a6d93155776463ade3b341bd
e620b2115c6c3ac305db8e7fea38c298dd67d7506cf72b1ca9ad0b1530de62aa

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E620B2115C6C3AC305DB8E7FEA38C298DD67D7506CF72B1CA9AD0B1530DE62AA"
Last-Modified: Wed, 21 Sep 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9193
Expires: Thu, 22 Sep 2022 06:42:24 GMT
Date: Thu, 22 Sep 2022 04:09:11 GMT
Connection: keep-alive

s7.addthis.com/js/300/addthis_widget.js

23.38.200.123

200 OK

116 kB

URL HTTP/2
s7.addthis.com/js/300/addthis_widget.js
IP
23.38.200.123:0
ASN
#16625 AKAMAI-AS

File type
ASCII text, with very long lines (54602)
Size
116 kB (116360 bytes)
Hash
b87cd33d44e99d7bb4fa59f97915a154
429b6461bab5189d6987d39713c3405223c461b8
9ad12a8b1ed82ccdfc74eebce578bd8f146b04ba08476f8a9a237e346f1772b2

HTTP Headers

GET /js/300/addthis_widget.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anotepad.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx/1.15.8
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: "5f971164-5834c"
cache-control: public, max-age=600
strict-transport-security: max-age=15724800; includeSubDomains
content-type: application/javascript
content-encoding: gzip
content-length: 116360
date: Thu, 22 Sep 2022 04:09:11 GMT
vary: Accept-Encoding
x-distribution: 99
x-host: s7.addthis.com
X-Firefox-Spdy: h2

www.google-analytics.com/analytics.js

142.250.74.174

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1325)
Size
20 kB (19826 bytes)
Hash
cae538dcce82598fbe43c0bf443e62dd
cc68ac6be9c5e0087a0000e5735b83270ace30f5
954b9e9d9744e1319c51760780a35de2dec353afffac705c2cca6d836a5e056d

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anotepad.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 19826
date: Thu, 22 Sep 2022 02:41:10 GMT
expires: Thu, 22 Sep 2022 04:41:10 GMT
cache-control: public, max-age=7200
age: 5281
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

z.moatads.com/addthismoatframe568911941483/moatframe.js

23.38.201.146

200 OK

948 B

URL HTTP/2
z.moatads.com/addthismoatframe568911941483/moatframe.js
IP
23.38.201.146:0
ASN
#16625 AKAMAI-AS

File type
ASCII text, with very long lines (523)
Size
948 B (948 bytes)
Hash
f14b4e1f799b14f798a195f43cf58376
b6fd3b3d407fb4c0a00fb8a31862235e2a6e0a86
92ed3e9fda5fa4d738ff4d9023846b56633617363dda6a750cacb4fba53241ac

HTTP Headers

GET /addthismoatframe568911941483/moatframe.js HTTP/1.1
Host: z.moatads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anotepad.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: e0HboiVQpjIDEK8WTxqU5+8G8wOtu9bNCFY72alTHLP0/Yb+qoiTOxu6fad89ebRofzHxENxOOg=
x-amz-request-id: 61EC92F13BB22DD4
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
etag: "f14b4e1f799b14f798a195f43cf58376"
content-encoding: gzip
accept-ranges: bytes
content-type: application/x-javascript
content-length: 948
server: AmazonS3
vary: Accept-Encoding
cache-control: max-age=30870
date: Thu, 22 Sep 2022 04:09:11 GMT
X-Firefox-Spdy: h2

quarrelaimless.com/b3/7d/2f/b37d2f9324506eb3d8dc9b0489d7878c.js

192.243.61.225

200 OK

13 kB

URL HTTP/1.1
quarrelaimless.com/b3/7d/2f/b37d2f9324506eb3d8dc9b0489d7878c.js
IP
192.243.61.225:0
ASN
#39572 DataWeb Global Group B.V.

File type
ASCII text, with very long lines (37113), with no line terminators
Size
13 kB (13401 bytes)
Hash
bc7e10b3e6baf7b7ccf07d3750854490
18f2eed8d08fc12d2724cb693c251261f8f57854
2ac0e1320a4c6e8ff97a3ef1cd22225c8ecba5ac640ed9ef68b9faea0952d0d0

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /b3/7d/2f/b37d2f9324506eb3d8dc9b0489d7878c.js HTTP/1.1
Host: quarrelaimless.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anotepad.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Thu, 22 Sep 2022 04:09:11 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 5043a4db39d05de87c85bd9ab21d429a
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
77f9b5e468180a8976a641e40dceedbf
9873db160721dc9f41d3ff2d711db700d6f5d4d7
cae6929c00ed37fc097432c9ac1d6800244479d3877b17662c67bafeeff23aba

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 04:09:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-8870545-1&cid=1178988000.1663819750&jid=1912840707&gjid=1392346247&_gid=213111274.1663819751&_u=YADAAEAAAAAAAC~&z=1741234394

142.251.1.156

200 OK

4 B

URL HTTP/2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-8870545-1&cid=1178988000.1663819750&jid=1912840707&gjid=1392346247&_gid=213111274.1663819751&_u=YADAAEAAAAAAAC~&z=1741234394
IP
142.251.1.156:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
4 B (4 bytes)
Hash
48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a

HTTP Headers

POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-8870545-1&cid=1178988000.1663819750&jid=1912840707&gjid=1392346247&_gid=213111274.1663819751&_u=YADAAEAAAAAAAC~&z=1741234394 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://anotepad.com
Connection: keep-alive
Referer: https://anotepad.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: https://anotepad.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 22 Sep 2022 04:09:11 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
5be5f96cdc159a82d25fd190b830cb49
9d801b69b3806fc114246cef063df0d1bfed05a2
7ed655f34f2ae711e0f7e980edf5cc0d51873782cd9dd84b8097b3f5dc04992f

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3511
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 04:09:11 GMT
Last-Modified: Thu, 22 Sep 2022 03:10:40 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 279

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
77f9b5e468180a8976a641e40dceedbf
9873db160721dc9f41d3ff2d711db700d6f5d4d7
cae6929c00ed37fc097432c9ac1d6800244479d3877b17662c67bafeeff23aba

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 04:09:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6795
Expires: Thu, 22 Sep 2022 06:02:26 GMT
Date: Thu, 22 Sep 2022 04:09:11 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6795
Expires: Thu, 22 Sep 2022 06:02:26 GMT
Date: Thu, 22 Sep 2022 04:09:11 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6795
Expires: Thu, 22 Sep 2022 06:02:26 GMT
Date: Thu, 22 Sep 2022 04:09:11 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6795
Expires: Thu, 22 Sep 2022 06:02:26 GMT
Date: Thu, 22 Sep 2022 04:09:11 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dee9427-1c1b-4ddc-9f89-8c6e254bd0f1.jpeg

34.120.237.76

200 OK

8.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dee9427-1c1b-4ddc-9f89-8c6e254bd0f1.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.5 kB (8549 bytes)
Hash
62818de3c50f957b2e5680851a1768c9
80e48c9ae48c89598780736b089c98e22d58df9a
16f2c2d23e8641a3f297a175730343d11120a228c0fe846c0fdf1e39212c522c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dee9427-1c1b-4ddc-9f89-8c6e254bd0f1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8549
x-amzn-requestid: 6d44626b-16c6-4f19-ae52-d5350065b390
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y1GwPHJJoAMFdfA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632b84ce-46ebc35612eb7a4473b36189;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 21:40:30 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: UoQTXSP0LgR4LwELp2Avm27hUekfO9TU9yfvNbIlmUtB-FrU9MGRbg==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 21:48:19 GMT
age: 22852
etag: "80e48c9ae48c89598780736b089c98e22d58df9a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2f739db-1c27-4929-8aff-997c0f66b2ed.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.7 kB (5650 bytes)
Hash
a5edcd9aee78a6cacc9241b47cbce598
f95b843029e84dbb188427a8c2ff8c9f32740465
6a56c3d0eb1d641e565d3d7d31b42be03bdad30beb20b994ffc9a6f2aaceee1e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2f739db-1c27-4929-8aff-997c0f66b2ed.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5650
x-amzn-requestid: 6badb939-afe6-4432-a0ad-3a2b7f85a7e0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y1G-rFbuIAMFTeA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632b852a-3e9ac3331503b41d5e734a01;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 21:42:02 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: PeFdtN-ow0NE39XAV9pCHX9VSno5L9z56rg-T6Bd1fks7f1ESDDzWA==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 21:48:27 GMT
etag: "f95b843029e84dbb188427a8c2ff8c9f32740465"
content-type: image/jpeg
age: 22844
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F17a25218-4228-4cd1-8d35-a4a3f83296c8.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.4 kB (8449 bytes)
Hash
233816c447da50c62180800f65f5fe2f
78db85f54d3e4030f620f259f173ddb1438948fa
94cbbb0fe3d4edab6d96af2f4857eb1ad018a0e8c21fd8bbeacc4a383e99d859

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F17a25218-4228-4cd1-8d35-a4a3f83296c8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8449
x-amzn-requestid: 5b83b63b-07cc-459d-a31e-25dce2e250ec
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YzG34H01oAMF73g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632ab832-03dc7ef72e1ef72f371716a9;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 07:07:30 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: I_Ohu8tmnISFj4rsHgGXPk_dw1nkeHsmP0hPMxeDlD3kFuVGCoE1qA==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 5954c6394458ffb44c970b3819d7ff2a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 07:37:07 GMT
age: 73924
etag: "78db85f54d3e4030f620f259f173ddb1438948fa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60ffb31d-d07d-4e81-9477-522f011ae13e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.9 kB (8861 bytes)
Hash
a504981ee10d8341b64f19001464ae8a
56f228d7358ba9deef000f53214dc7c1dc358109
0ea3b6ed12f3adf9d56e7d9b61f284d28107d99f28ee4e66b4c078a9a1a0cbee

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60ffb31d-d07d-4e81-9477-522f011ae13e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8861
x-amzn-requestid: 873e88ab-7afc-4b14-b428-d90ec2079741
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YO2wuE0AoAMF7Gw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631c3804-0d25ab397a16c78907914e23;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 07:08:52 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: E3CxTY9UbUKfKS16_Os-lp6w8b_bIIbWqcIzaGOOc0iwrSOzj6NNqQ==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 03:25:37 GMT
age: 2614
etag: "56f228d7358ba9deef000f53214dc7c1dc358109"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

3.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F25c92e76-c63f-4c49-a4f1-56d030e97e10.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
3.4 kB (3372 bytes)
Hash
37687ec8382ef481897d1e65bf14010a
6ce495268093b256875ec1c4d6a05fc1f3d25446
24cc6f8715bb5b0b8a27a3f40831f9fed6cc4c5a882622633e1865dca6e50531

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F25c92e76-c63f-4c49-a4f1-56d030e97e10.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 3372
x-amzn-requestid: 10d24c22-0b3d-402b-9a10-6cbfc9a699a3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YzG5QHJRoAMFaPA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632ab83b-37ba740c7eba56b30e2ea528;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 07:07:39 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: VM9vtBQFJEEX58Q_SYVC7L18jDp-kxDCIk1QMjyaaLc6DNUSJ9uivg==
via: 1.1 de8fc80b494d3d381f7e006918dcc588.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 07:08:36 GMT
age: 75635
etag: "6ce495268093b256875ec1c4d6a05fc1f3d25446"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b308c1c-61ac-4185-bb59-ab0cf1f2b8fc.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.2 kB (9233 bytes)
Hash
ce3e9d330cc9b9c84fb7846bf0d8c7a0
134720f07ffdbef5ff551bdb3c3743c806d1512d
0724f7ca2de62c8086e80b527aec78de6b63996107b32c7e9990bd472e64a347

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b308c1c-61ac-4185-bb59-ab0cf1f2b8fc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9233
x-amzn-requestid: f90a9ed8-b4e7-4786-887a-90f24cc4f432
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y1HZSG1IoAMFwxw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632b85d4-7a75336f316aa6450e3369b4;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 21:44:52 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: PEhEMNxyamS4_x8DPhIeX2bEkaVWzS4foO7vPQX8KgWpm1KjsSvRxQ==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 22:21:48 GMT
age: 20843
etag: "134720f07ffdbef5ff551bdb3c3743c806d1512d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.sca1b.amazontrust.com/

143.204.42.88

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.88:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
c767348aba50f30dd4d55b0289ab5d85
13869c6315f9cdae425826677371047d72297330
da8b028216a09f3d8197f55dc4a5727187fa81f63dcffaabdc948302f7bd6d0d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 22 Sep 2022 04:09:11 GMT
Last-Modified: Thu, 22 Sep 2022 02:55:31 GMT
Server: ECS (bsa/EB1D)
X-Cache: Miss from cloudfront
Via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: tcycJ6L47T_HR2TnuMs2uPAtJQWn5VsNxAgo8_xAz9MrsTPRfBhQMg==
Age: 4420

simplewebanalysis.com/stats

3.64.106.196

200 OK

40 B

URL HTTP/2
simplewebanalysis.com/stats
IP
3.64.106.196:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
4ccef192f2b1fe0677860d62588cb692
fd272525d05905a0a95eb2d0a3fab9dc1e067348
aebfc96f0b2b297f0a2b8a7df35202582a40e83b375e3d842ea96223571746f4

HTTP Headers

GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anotepad.com
Connection: keep-alive
Referer: https://anotepad.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 22 Sep 2022 04:09:12 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://anotepad.com
access-control-allow-credentials: true
set-cookie: uid_id2=902f640e-938c-4b4d-bac2-20552cfa8699:2:1; expires=Sun, 19 Sep 2032 04:09:12 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
5be5f96cdc159a82d25fd190b830cb49
9d801b69b3806fc114246cef063df0d1bfed05a2
7ed655f34f2ae711e0f7e980edf5cc0d51873782cd9dd84b8097b3f5dc04992f

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3512
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 04:09:12 GMT
Last-Modified: Thu, 22 Sep 2022 03:10:40 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 279

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
f675396b1827a50c78e358358f256144
451b788273e06a08f762735c23c13028e32a3f3c
6bd9e2ec423bf8f0f681a92f4ad0b28cdb53f5df6ca4b571c9697b678c20c126

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 04:09:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
41630fb2c7ef9e435a8762b0943e0980
04b6c8bfe97bc5408e1450b5921331c6ae6de682
e9e83895eef14a5a26e91c9574fc9f60eb2f47959406eabe87b4618412519476

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 04:09:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-8870545-1&cid=1178988000.1663819750&jid=1912840707&_u=YADAAEAAAAAAAC~&z=1339459503

142.250.74.3

200 OK

42 B

URL HTTP/2
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-8870545-1&cid=1178988000.1663819750&jid=1912840707&_u=YADAAEAAAAAAAC~&z=1339459503
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-8870545-1&cid=1178988000.1663819750&jid=1912840707&_u=YADAAEAAAAAAAC~&z=1339459503 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anotepad.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 22 Sep 2022 04:09:12 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-8870545-1&cid=1178988000.1663819750&jid=1912840707&_u=YADAAEAAAAAAAC~&z=1339459503

142.250.74.164

200 OK

42 B

URL HTTP/2
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-8870545-1&cid=1178988000.1663819750&jid=1912840707&_u=YADAAEAAAAAAAC~&z=1339459503
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-8870545-1&cid=1178988000.1663819750&jid=1912840707&_u=YADAAEAAAAAAAC~&z=1339459503 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anotepad.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 22 Sep 2022 04:09:12 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
f675396b1827a50c78e358358f256144
451b788273e06a08f762735c23c13028e32a3f3c
6bd9e2ec423bf8f0f681a92f4ad0b28cdb53f5df6ca4b571c9697b678c20c126

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 04:09:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

23.38.200.123

200 OK

26 kB

URL HTTP/2
s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
IP
23.38.200.123:0
ASN
#16625 AKAMAI-AS

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (63757)
Size
26 kB (26421 bytes)
Hash
707317ccaabe08d32d1bd781754e6871
bb82dcd3e044c960e0861c2ce878f5504e628f78
d0a164ece41c61aec26517fb645646f5ba91f72ea5448eff1ee6c393b7c53051

HTTP Headers

GET /static/sh.f48a1a04fe8dbf021b4cda1d.html HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anotepad.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx/1.15.8
content-type: text/html
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-11adc"
timing-allow-origin: *
cache-control: public, max-age=86313600
p3p: CP="NON ADM OUR DEV IND COM STA"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 26421
date: Thu, 22 Sep 2022 04:09:12 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
1b33d59cf038a3fe7273f78fda2cce3a
0b367731ef6df8e1f6c1b8774198daa9959d7cf5
b02b1756112479f92786994de8e884986b0a7eb3d5885300bfd8a64f597f7cc4

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 04:09:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

v1.addthisedge.com/live/boost/ra-56846750fb16a611/_ate.track.config_resp

23.38.200.123

200 OK

154 B

URL HTTP/2
v1.addthisedge.com/live/boost/ra-56846750fb16a611/_ate.track.config_resp
IP
23.38.200.123:0
ASN
#16625 AKAMAI-AS

File type
ASCII text, with no line terminators
Size
154 B (154 bytes)
Hash
1798455c51e19a1de93e52339a502e8d
a0457d200050e575fe5fce342ef18826773a19a2
3f695eaf6f5245ffc8385edd6ed3d174509a3faedc9b9e14e4bffb1f0a881fb0

HTTP Headers

GET /live/boost/ra-56846750fb16a611/_ate.track.config_resp HTTP/1.1
Host: v1.addthisedge.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anotepad.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
etag: 659743217
content-disposition: attachment; filename=1.txt
content-encoding: gzip
content-length: 154
cache-control: public, max-age=31, s-maxage=86400
date: Thu, 22 Sep 2022 04:09:12 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2

m.addthis.com/live/red_lojson/300lo.json?si=632bdfe71a6db9c1&bkl=0&bl=1&pdt=852&sid=632bdfe71a6db9c1&pub=ra-56846750fb16a611&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=anotepad.com&fp=notes%2F83nk9j2y&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=0&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1663819751914&jsl=1&uvs=632bdfe70a063224000&skipb=1&callback=addthis.cbs.jsonp__176288228165508820

23.38.200.123

200 OK

90 B

URL HTTP/2
m.addthis.com/live/red_lojson/300lo.json?si=632bdfe71a6db9c1&bkl=0&bl=1&pdt=852&sid=632bdfe71a6db9c1&pub=ra-56846750fb16a611&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=anotepad.com&fp=notes%2F83nk9j2y&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=0&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1663819751914&jsl=1&uvs=632bdfe70a063224000&skipb=1&callback=addthis.cbs.jsonp__176288228165508820
IP
23.38.200.123:0
ASN
#16625 AKAMAI-AS

File type
ASCII text, with no line terminators
Size
90 B (90 bytes)
Hash
3d157be773f775ec5282f5f7139aa2cb
aa1a3294fbba8c65d4a4ee18cfb09b5cb00d80ab
3349cbc7a5bcce19070f17f285ad25d263b50dca87c6a6f582b5c5ada290cf8d

HTTP Headers

GET /live/red_lojson/300lo.json?si=632bdfe71a6db9c1&bkl=0&bl=1&pdt=852&sid=632bdfe71a6db9c1&pub=ra-56846750fb16a611&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=anotepad.com&fp=notes%2F83nk9j2y&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=0&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1663819751914&jsl=1&uvs=632bdfe70a063224000&skipb=1&callback=addthis.cbs.jsonp__176288228165508820 HTTP/1.1
Host: m.addthis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anotepad.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
content-length: 90
cache-control: max-age=0, no-cache, no-store, no-transform
pragma: no-cache
content-disposition: attachment; filename=1.txt
date: Thu, 22 Sep 2022 04:09:12 GMT
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
32a56657ee87189d84e36aa919cd2469
c93ce15e966956dbaa7ed6dae6b56c2745114833
2134db13c1af8c05396990aa5c37b0f5d8e9e3561f70cea5540cd6900f2c468f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2134DB13C1AF8C05396990AA5C37B0F5D8E9E3561F70CEA5540CD6900F2C468F"
Last-Modified: Wed, 21 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5936
Expires: Thu, 22 Sep 2022 05:48:08 GMT
Date: Thu, 22 Sep 2022 04:09:12 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
32a56657ee87189d84e36aa919cd2469
c93ce15e966956dbaa7ed6dae6b56c2745114833
2134db13c1af8c05396990aa5c37b0f5d8e9e3561f70cea5540cd6900f2c468f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2134DB13C1AF8C05396990AA5C37B0F5D8E9E3561F70CEA5540CD6900F2C468F"
Last-Modified: Wed, 21 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5936
Expires: Thu, 22 Sep 2022 05:48:08 GMT
Date: Thu, 22 Sep 2022 04:09:12 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1ab42ebd713ba2af2a05c3e7c491bd38
042be0dd73f35b9d6bfb6c7833049ac12c561a39
8ba89053c321bc905e63e9f9364fbbce265bdfa31594978ce078d7d9e3f0b3ef

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8BA89053C321BC905E63E9F9364FBBCE265BDFA31594978CE078D7D9E3F0B3EF"
Last-Modified: Mon, 19 Sep 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7487
Expires: Thu, 22 Sep 2022 06:13:59 GMT
Date: Thu, 22 Sep 2022 04:09:12 GMT
Connection: keep-alive

unseenreport.com/pxf.gif?uuid=902f640e-938c-4b4d-bac2-20552cfa8699&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=a1385457843ed7b58df9deca74af31e9&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=4

192.243.59.12

200 OK

1 B

URL HTTP/1.1
unseenreport.com/pxf.gif?uuid=902f640e-938c-4b4d-bac2-20552cfa8699&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=a1385457843ed7b58df9deca74af31e9&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=4
IP
192.243.59.12:0
ASN
#39572 DataWeb Global Group B.V.

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=902f640e-938c-4b4d-bac2-20552cfa8699&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=a1385457843ed7b58df9deca74af31e9&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=4 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anotepad.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Thu, 22 Sep 2022 04:09:12 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f099b198c1eb947b7900e464b4c5f996
Strict-Transport-Security: max-age=0; includeSubdomains

unseenreport.com/pxf.gif?uuid=902f640e-938c-4b4d-bac2-20552cfa8699&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=b37d2f9324506eb3d8dc9b0489d7878c&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=4

192.243.59.12

200 OK

1 B

URL HTTP/1.1
unseenreport.com/pxf.gif?uuid=902f640e-938c-4b4d-bac2-20552cfa8699&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=b37d2f9324506eb3d8dc9b0489d7878c&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=4
IP
192.243.59.12:0
ASN
#39572 DataWeb Global Group B.V.

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=902f640e-938c-4b4d-bac2-20552cfa8699&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=b37d2f9324506eb3d8dc9b0489d7878c&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=4 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anotepad.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Thu, 22 Sep 2022 04:09:12 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c4090f33b10a8a1991cc769fa84dc592
Strict-Transport-Security: max-age=0; includeSubdomains

varietiesplea.com/sbar.json?key=b37d2f9324506eb3d8dc9b0489d7878c&uuid=902f640e-938c-4b4d-bac2-20552cfa8699%3A2%3A1

173.233.137.36

200 OK

4.3 kB

URL HTTP/1.1
varietiesplea.com/sbar.json?key=b37d2f9324506eb3d8dc9b0489d7878c&uuid=902f640e-938c-4b4d-bac2-20552cfa8699%3A2%3A1
IP
173.233.137.36:0
ASN
#7979 SERVERS-COM

File type
JSON data\012- , Unicode text, UTF-8 text, with very long lines (6058), with no line terminators
Size
4.3 kB (4303 bytes)
Hash
616b93f806cc15c0bd41f417bbc2e125
2a00a7204b0aa80bc1d40078192056b1de4ddd94
fa8da3b7f38b98fe5d807aa309aca34b647897e0ac917b386920c2ba525fc50c

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /sbar.json?key=b37d2f9324506eb3d8dc9b0489d7878c&uuid=902f640e-938c-4b4d-bac2-20552cfa8699%3A2%3A1 HTTP/1.1
Host: varietiesplea.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anotepad.com
Connection: keep-alive
Referer: https://anotepad.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 22 Sep 2022 04:09:13 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://anotepad.com
Access-Control-Allow-Origin: https://anotepad.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=15950569; expires=Fri, 23 Sep 2022 04:09:12 GMT; secure; SameSite=None
uid_id2=902f640e-938c-4b4d-bac2-20552cfa8699:2:1; expires=Thu, 29 Sep 2022 04:09:12 GMT; secure; SameSite=None
pdhtkv=true; expires=Fri, 23 Sep 2022 04:09:13 GMT; secure; SameSite=None
uncs=1; expires=Fri, 23 Sep 2022 04:09:13 GMT; secure; SameSite=None
pdhtkv29=true; expires=Fri, 23 Sep 2022 04:09:13 GMT; secure; SameSite=None
uncs29=1; expires=Fri, 23 Sep 2022 04:09:13 GMT; secure; SameSite=None
slecb37d2f9324506eb3d8dc9b0489d7878c=[3551994]; expires=Thu, 22 Sep 2022 04:09:18 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 6a3690294ea28e67d3682152a1e7f358
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

varietiesplea.com/ren.gif?sid=H4sIAAAAAAAC%2F1SSwWskRRTGq5OAiiclCAsqc%2FCgaCbdPTM90%2B4hGGOWYMwuu4repLqqZlKb6q6mqnt6MqfgguzBwwj%2BAZ1vkg1qXPQquMhkQdicMl7Mwcge9xzwIAgys8Hou7xX9X0FP756n%2B%2FmZ8RFTk9XPtB9qRRdbFTdyuufeN7VyrpM8l6l1wo%2BDepXK6b7dhhU3Tcq1wTb0ou%2B67mu53qVVWlEW%2FcWJyJkehh61dCt1v2q16ijZ%2F5%2FtrkDSx3w7hl5EZKP5x4685BshCT%2BfkXYrUynb70X54pm2qDLDz5KthJdJIgvx7Zx0E4OLtzQ9mT1AXSyP8WF7v5rjOSYOL88QJQcXEAi6u5NOSMFkSDiz6PojiDUCJKOwPQdSH5CAMaxcR1JfG9Dm4JuP1XpRB2TuT%2FPIYsxmft9Hkl8f1nJXuWWVnkmdWLRa5eQvRFkZ4Q0P0LWn4EsjsCyzyA5QRKXkPz0tdD120HdFQthrcUW6lGdL0SU%2BQu%2B22j4rE1bQRhOg5FyBNkeQYkBqJ1Bbh3k0kHedpCnDmJ%2BWmGe5zVdzqjbChmr8aaIAu56tNn2qOcGLeRswj5Alg7A1ADM7CA1O9iSA5j8Z9jNEpY7sBlBl5coBEFhCQpKUEiCIiMouuU%2BV9a35T2ubB55F92%2F6LVyqLPOLt3XWUckZDc9Iy9MAzuPnmBLnFaiWpP77bDm1xtuIKIab3EWRm69FfJmq9lisLKEtDOg1kFfjslLzx4ilWMy98xXiOgRrDoCkzOg%2BSugxbDpu6Cbw3rLRT85pInOREp5lekYXJdIszlk286uOiNXphyB%2FxcEO1569Pja%2Ffn%2BYzBTIjUlbsuHBB11d3hTF2Tvpi4s%2BeF6mslY9unkU29lNBOz37wvtgtt%2BNqKHXz9DpsIk%2FHwQ2GzdZpwmXQs%2BXZZci7MqjZMkJ%2FW7MciupHbzeXcJHm6fuPd1bU4NcJaqZMRqDyxX4DJMXmO6um2vnz7R0gzgslLxPkxuShIfQSW7sCml%2FRWz8KoS0%2BUOijycmj86PJSyTHxzx9BieOl7%2F7eyH674oNGJaz4z8PLedfeRce8CprdmS5q15ToqhJUDWDz2WGWmuOlX2vTQqScYaSMsxcpo758Gq%2BVp5VmrebSIGx4zSYVzajut9qBxyn164EfBLSGzI7Zm388%2BQcAAP%2F%2FAQAA%2F%2F%2FAUUrMfAQAAA%3D%3D

173.233.137.36

200 OK

7 B

URL HTTP/1.1
varietiesplea.com/ren.gif?sid=H4sIAAAAAAAC%2F1SSwWskRRTGq5OAiiclCAsqc%2FCgaCbdPTM90%2B4hGGOWYMwuu4repLqqZlKb6q6mqnt6MqfgguzBwwj%2BAZ1vkg1qXPQquMhkQdicMl7Mwcge9xzwIAgys8Hou7xX9X0FP756n%2B%2FmZ8RFTk9XPtB9qRRdbFTdyuufeN7VyrpM8l6l1wo%2BDepXK6b7dhhU3Tcq1wTb0ou%2B67mu53qVVWlEW%2FcWJyJkehh61dCt1v2q16ijZ%2F5%2FtrkDSx3w7hl5EZKP5x4685BshCT%2BfkXYrUynb70X54pm2qDLDz5KthJdJIgvx7Zx0E4OLtzQ9mT1AXSyP8WF7v5rjOSYOL88QJQcXEAi6u5NOSMFkSDiz6PojiDUCJKOwPQdSH5CAMaxcR1JfG9Dm4JuP1XpRB2TuT%2FPIYsxmft9Hkl8f1nJXuWWVnkmdWLRa5eQvRFkZ4Q0P0LWn4EsjsCyzyA5QRKXkPz0tdD120HdFQthrcUW6lGdL0SU%2BQu%2B22j4rE1bQRhOg5FyBNkeQYkBqJ1Bbh3k0kHedpCnDmJ%2BWmGe5zVdzqjbChmr8aaIAu56tNn2qOcGLeRswj5Alg7A1ADM7CA1O9iSA5j8Z9jNEpY7sBlBl5coBEFhCQpKUEiCIiMouuU%2BV9a35T2ubB55F92%2F6LVyqLPOLt3XWUckZDc9Iy9MAzuPnmBLnFaiWpP77bDm1xtuIKIab3EWRm69FfJmq9lisLKEtDOg1kFfjslLzx4ilWMy98xXiOgRrDoCkzOg%2BSugxbDpu6Cbw3rLRT85pInOREp5lekYXJdIszlk286uOiNXphyB%2FxcEO1569Pja%2Ffn%2BYzBTIjUlbsuHBB11d3hTF2Tvpi4s%2BeF6mslY9unkU29lNBOz37wvtgtt%2BNqKHXz9DpsIk%2FHwQ2GzdZpwmXQs%2BXZZci7MqjZMkJ%2FW7MciupHbzeXcJHm6fuPd1bU4NcJaqZMRqDyxX4DJMXmO6um2vnz7R0gzgslLxPkxuShIfQSW7sCml%2FRWz8KoS0%2BUOijycmj86PJSyTHxzx9BieOl7%2F7eyH674oNGJaz4z8PLedfeRce8CprdmS5q15ToqhJUDWDz2WGWmuOlX2vTQqScYaSMsxcpo758Gq%2BVp5VmrebSIGx4zSYVzajut9qBxyn164EfBLSGzI7Zm388%2BQcAAP%2F%2FAQAA%2F%2F%2FAUUrMfAQAAA%3D%3D
IP
173.233.137.36:0
ASN
#7979 SERVERS-COM

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /ren.gif?sid=H4sIAAAAAAAC%2F1SSwWskRRTGq5OAiiclCAsqc%2FCgaCbdPTM90%2B4hGGOWYMwuu4repLqqZlKb6q6mqnt6MqfgguzBwwj%2BAZ1vkg1qXPQquMhkQdicMl7Mwcge9xzwIAgys8Hou7xX9X0FP756n%2B%2FmZ8RFTk9XPtB9qRRdbFTdyuufeN7VyrpM8l6l1wo%2BDepXK6b7dhhU3Tcq1wTb0ou%2B67mu53qVVWlEW%2FcWJyJkehh61dCt1v2q16ijZ%2F5%2FtrkDSx3w7hl5EZKP5x4685BshCT%2BfkXYrUynb70X54pm2qDLDz5KthJdJIgvx7Zx0E4OLtzQ9mT1AXSyP8WF7v5rjOSYOL88QJQcXEAi6u5NOSMFkSDiz6PojiDUCJKOwPQdSH5CAMaxcR1JfG9Dm4JuP1XpRB2TuT%2FPIYsxmft9Hkl8f1nJXuWWVnkmdWLRa5eQvRFkZ4Q0P0LWn4EsjsCyzyA5QRKXkPz0tdD120HdFQthrcUW6lGdL0SU%2BQu%2B22j4rE1bQRhOg5FyBNkeQYkBqJ1Bbh3k0kHedpCnDmJ%2BWmGe5zVdzqjbChmr8aaIAu56tNn2qOcGLeRswj5Alg7A1ADM7CA1O9iSA5j8Z9jNEpY7sBlBl5coBEFhCQpKUEiCIiMouuU%2BV9a35T2ubB55F92%2F6LVyqLPOLt3XWUckZDc9Iy9MAzuPnmBLnFaiWpP77bDm1xtuIKIab3EWRm69FfJmq9lisLKEtDOg1kFfjslLzx4ilWMy98xXiOgRrDoCkzOg%2BSugxbDpu6Cbw3rLRT85pInOREp5lekYXJdIszlk286uOiNXphyB%2FxcEO1569Pja%2Ffn%2BYzBTIjUlbsuHBB11d3hTF2Tvpi4s%2BeF6mslY9unkU29lNBOz37wvtgtt%2BNqKHXz9DpsIk%2FHwQ2GzdZpwmXQs%2BXZZci7MqjZMkJ%2FW7MciupHbzeXcJHm6fuPd1bU4NcJaqZMRqDyxX4DJMXmO6um2vnz7R0gzgslLxPkxuShIfQSW7sCml%2FRWz8KoS0%2BUOijycmj86PJSyTHxzx9BieOl7%2F7eyH674oNGJaz4z8PLedfeRce8CprdmS5q15ToqhJUDWDz2WGWmuOlX2vTQqScYaSMsxcpo758Gq%2BVp5VmrebSIGx4zSYVzajut9qBxyn164EfBLSGzI7Zm388%2BQcAAP%2F%2FAQAA%2F%2F%2FAUUrMfAQAAA%3D%3D HTTP/1.1
Host: varietiesplea.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anotepad.com/
Cookie: u_pl=15950569; uid_id2=902f640e-938c-4b4d-bac2-20552cfa8699:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecb37d2f9324506eb3d8dc9b0489d7878c=[3551994]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 22 Sep 2022 04:09:13 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 721d5d19e989f57ce8ee04f9336ba793
Strict-Transport-Security: max-age=0; includeSubdomains

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4e1105390425f83fdb65ce7eb6b827b3
011ad268920717a499b7db9981139547d1d533a9
d838baec01ed3cd9b92c8e8f140504e61ddb531f77b7bec11784853085303637

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D838BAEC01ED3CD9B92C8E8F140504E61DDB531F77B7BEC11784853085303637"
Last-Modified: Tue, 20 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9117
Expires: Thu, 22 Sep 2022 06:41:10 GMT
Date: Thu, 22 Sep 2022 04:09:13 GMT
Connection: keep-alive

creepingbrings.com/sfp.js

172.64.105.16

200 OK

23 kB

URL HTTP/2
creepingbrings.com/sfp.js
IP
172.64.105.16:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Size
23 kB (23429 bytes)
Hash
a1894d1a592390ef9251c692e6cc5a3c
41cc23f15da5d48069883dea4ece23e8bb507b12
16e6fe885e733cac42208f6ee0558ced891cbc8cd2fb224d7948375112cbcd3c

HTTP Headers

GET /sfp.js HTTP/1.1
Host: creepingbrings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anotepad.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 22 Sep 2022 04:09:12 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 18788e940e4810bd8d8652520ad05f5a
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Thu, 22 Sep 2022 04:09:11 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rS1F05VVcmWWLbViu4sd4QiGtr319sxU%2BFZLZTwaxpIYJRoMKCRBs2ox4hdwDxBljlkE1ayuBGeH0FyxZglPCPvqVbrfFtCTUCANyED%2FoDotC%2B0ZUGjqphHx5Q7rLDwWY7FESo0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74e82f096ed47686-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

a.pub.network/core/pubfig/cls.css

172.67.68.60

200 OK

741 B

URL HTTP/2
a.pub.network/core/pubfig/cls.css
IP
172.67.68.60:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
741 B (741 bytes)
Hash
ae6cd1393e7bfeda7ef920d9eb3a124a
db71b0e2dbf341cb1179fc8d326dc9a50bec3f77
e7c138e9b4f76e1474472ebc7e308b05919ed887962da28274c24ee5093a2754

HTTP Headers

GET /core/pubfig/cls.css HTTP/1.1
Host: a.pub.network
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anotepad.com
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 22 Sep 2022 04:09:10 GMT
content-type: text/css
x-guploader-uploadid: ADPycds9yJ03ArmY55TGoSDdqjwabOoXbxfFDPzoeQ8dwiq59sTILRNtuC3TBOYB0aN9AF1ADq_3131dES6yKyarCKbM1A
x-goog-generation: 1620765108454625
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1752
x-goog-hash: crc32c=kjwd8A==, md5=KtQsmezne0blpCqFIHo3UA==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
expires: Thu, 22 Sep 2022 05:09:10 GMT
cache-control: public, max-age=3600
last-modified: Tue, 11 May 2021 20:31:48 GMT
etag: W/"2ad42c99ece77b46e5a42a85207a3750"
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y4%2BOCTMftHLYBcqUHmKbk9wfniK43MOhr5pPPnAKgxPLBa%2BeUYi%2FZVsw8yYBXFytS%2FMlntkJZZJrS1n1Ig%2BSvU5UhKmPFsUU0UhACIeC4aH2WPHInA1Ae9pAwvY9Ffc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74e82f021d58b527-OSL
content-encoding: br
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.77.32

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
b7a556e012ef2ad5033d6828be41a6fe
81082e4d3b89c3bd71d4acc17d4717bc15f1383c
5f18e2035118b6323cc8d9000dc10ea05ec18df8b1d62dfcaf283c79ed0f410b

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "5F18E2035118B6323CC8D9000DC10EA05EC18DF8B1D62DFCAF283C79ED0F410B"
Last-Modified: Wed, 21 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5583
Expires: Thu, 22 Sep 2022 05:42:16 GMT
Date: Thu, 22 Sep 2022 04:09:13 GMT
Connection: keep-alive

varietiesplea.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2Fb6%2Fcf%2F48%2Fb6cf48ca3e8ab4bdbcfaa2279b0fb2bc%2F1613726822.html&l=1274&fd=339

173.233.137.36

200 OK

0 B

URL HTTP/1.1
varietiesplea.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2Fb6%2Fcf%2F48%2Fb6cf48ca3e8ab4bdbcfaa2279b0fb2bc%2F1613726822.html&l=1274&fd=339
IP
173.233.137.36:0
ASN
#7979 SERVERS-COM

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2Fb6%2Fcf%2F48%2Fb6cf48ca3e8ab4bdbcfaa2279b0fb2bc%2F1613726822.html&l=1274&fd=339 HTTP/1.1
Host: varietiesplea.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anotepad.com/
Cookie: u_pl=15950569; uid_id2=902f640e-938c-4b4d-bac2-20552cfa8699:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecb37d2f9324506eb3d8dc9b0489d7878c=[3551994]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 22 Sep 2022 04:09:13 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

e1.o.lencr.org/

23.36.77.32

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
b7a556e012ef2ad5033d6828be41a6fe
81082e4d3b89c3bd71d4acc17d4717bc15f1383c
5f18e2035118b6323cc8d9000dc10ea05ec18df8b1d62dfcaf283c79ed0f410b

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "5F18E2035118B6323CC8D9000DC10EA05EC18DF8B1D62DFCAF283C79ED0F410B"
Last-Modified: Wed, 21 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5583
Expires: Thu, 22 Sep 2022 05:42:16 GMT
Date: Thu, 22 Sep 2022 04:09:13 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
278111c3c7bd20522fd84097d44186e3
d0748bb5754c07e168a734b7a198ea2cbbd8197b
4d8a7cd202a14451e01acbf38d7e91ff3d55a560604c94c5fe3183365af874eb

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4D8A7CD202A14451E01ACBF38D7E91FF3D55A560604C94C5FE3183365AF874EB"
Last-Modified: Wed, 21 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9450
Expires: Thu, 22 Sep 2022 06:46:43 GMT
Date: Thu, 22 Sep 2022 04:09:13 GMT
Connection: keep-alive

varietiesplea.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fssp%2Futility%2Fsocial-media%2Ffacebook%2Fjs%2Fscript.js&l=444&fd=102

173.233.137.36

200 OK

0 B

URL HTTP/1.1
varietiesplea.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fssp%2Futility%2Fsocial-media%2Ffacebook%2Fjs%2Fscript.js&l=444&fd=102
IP
173.233.137.36:0
ASN
#7979 SERVERS-COM

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fssp%2Futility%2Fsocial-media%2Ffacebook%2Fjs%2Fscript.js&l=444&fd=102 HTTP/1.1
Host: varietiesplea.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anotepad.com/
Cookie: u_pl=15950569; uid_id2=902f640e-938c-4b4d-bac2-20552cfa8699:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecb37d2f9324506eb3d8dc9b0489d7878c=[3551994]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 22 Sep 2022 04:09:13 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

cdn.cloudimagesb.com/si/a5/38/82/a538823dc3936f2d56da6943c137a79d/1658144826.jpg

45.133.44.9

200 OK

17 kB

URL HTTP/2
cdn.cloudimagesb.com/si/a5/38/82/a538823dc3936f2d56da6943c137a79d/1658144826.jpg
IP
45.133.44.9:0
ASN
#39572 DataWeb Global Group B.V.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\012- data
Size
17 kB (16913 bytes)
Hash
11e8fa77a29b9c78b6a9b759abff4667
b67f409f364c567805e7fcd0d9f14fe882cf0592
27e7345cc77747f44f5acbc02bf5afbebb0d831a4e4f06a171d7876382ffd049

HTTP Headers

GET /si/a5/38/82/a538823dc3936f2d56da6943c137a79d/1658144826.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 22 Sep 2022 04:09:13 GMT
content-type: image/jpeg
content-length: 16913
server: nginx/1.17.6
last-modified: Mon, 18 Jul 2022 11:47:14 GMT
etag: "62d54842-4211"
expires: Sat, 24 Sep 2022 04:09:13 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn.sb4you1.com/sb/ssp/utility/social-media/facebook/js/script.js

172.64.201.2

200 OK

210 B

URL HTTP/2
cdn.sb4you1.com/sb/ssp/utility/social-media/facebook/js/script.js
IP
172.64.201.2:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
210 B (210 bytes)
Hash
14c6a15c2c7729c885b33c990f37d2a5
865d9621a3a4c2b446ec535471412bf491a1e60e
bd7b0405bc197d2564e68c4366fdbfc06c0711a10231877d33c8c6cdd05fe7f0

HTTP Headers

GET /sb/ssp/utility/social-media/facebook/js/script.js HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anotepad.com
Connection: keep-alive
Referer: https://anotepad.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 22 Sep 2022 04:09:13 GMT
content-type: application/javascript
last-modified: Sat, 20 Feb 2021 08:47:14 GMT
etag: W/"6030cc92-1bc"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 246567
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZEryCdXy9CKq8eJwuaxwJXiv%2B1m7pwQKdN2tdJBUy%2B8cttMsEWfU%2Fpn5MM8kihMt9XOYgVaMAJ6XyMvmrWIKqUh%2BXnTeTtcpdAY7FAJgEA%2FElra1Xi6Y3eoLKY%2FO%2BnYaP0U%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74e82f147f36d16c-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

varietiesplea.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fssp%2Futility%2Fsocial-media%2Ffacebook%2Fcss%2Fstyle.css&l=6334&fd=109

173.233.137.36

200 OK

0 B

URL HTTP/1.1
varietiesplea.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fssp%2Futility%2Fsocial-media%2Ffacebook%2Fcss%2Fstyle.css&l=6334&fd=109
IP
173.233.137.36:0
ASN
#7979 SERVERS-COM

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fssp%2Futility%2Fsocial-media%2Ffacebook%2Fcss%2Fstyle.css&l=6334&fd=109 HTTP/1.1
Host: varietiesplea.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anotepad.com/
Cookie: u_pl=15950569; uid_id2=902f640e-938c-4b4d-bac2-20552cfa8699:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecb37d2f9324506eb3d8dc9b0489d7878c=[3551994]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 22 Sep 2022 04:09:13 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

142.250.74.163

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Size
16 kB (15860 bytes)
Hash
e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://anotepad.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 19:34:08 GMT
expires: Thu, 21 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 30906
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

142.250.74.163

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://anotepad.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 19:34:08 GMT
expires: Thu, 21 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 30906
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

varietiesplea.com/pixel/sbs?c=1

173.233.137.36

200 OK

0 B

URL HTTP/1.1
varietiesplea.com/pixel/sbs?c=1
IP
173.233.137.36:0
ASN
#7979 SERVERS-COM

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pixel/sbs?c=1 HTTP/1.1
Host: varietiesplea.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anotepad.com/
Cookie: u_pl=15950569; uid_id2=902f640e-938c-4b4d-bac2-20552cfa8699:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecb37d2f9324506eb3d8dc9b0489d7878c=[3551994]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 22 Sep 2022 04:09:14 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

varietiesplea.com/impr.gif?sid=H4sIAAAAAAAC%2F1SSzWskVRTFXyUBFVdKEAZUeuFC0XSqqr%2BdRTDGDMGYGWYU3cn7qs6bvK5XvFfV1elVcEBm4aIF%2F4DK6WSCGgfdCg7SGRAmq7QbszAyy1kHXAiCdE8wejf3Vp3z4Me59%2FPd7Iz4yOjpygemr7Smi7WyX3r9kyC4WlpXcdYr9Zr1T%2BvVqyXbfbtVL%2FtvlK5JvmUWQz%2Fw%2FcAPSqvKysj0FiciVHLYCsotv1wNy0Gtip79%2F7fLPDjqQXTPyItQYjz30JuH4iPEne9XpNtKTfLWe51M09RYdMXBR%2FFWbPIYncsxsh6i%2BODCDeNOVh%2FAxPtTXJjuv0amxsT75QFYfHABCdbdm3IyDRmDieeRd0eQegRFR%2BDmDpQ4IQAX2LiOuHNvw9icbj9V6UQdk7k%2Fz6HyMZn7fR5x5%2F6yVr3SLaOzVJnYoRcVUL0RVHuEJDtC2p%2BByo%2FA08%2BgBEHcKaDE6WstP4zqVV8utCpNvlBlVbHAKA8XQr9WC3lEm%2FVWaxqMUiOoaAQtB6BuBpnzkCkPWeQhSzx0xGmJB0HQ8AWnfrPFeUU0JKsLP6CNKKCBX28i4xP2AdJkAK4H4HYHid3BlhrAZj%2FDbRZwwoNLCbqiQC4JckeQU4JcEeQpQd4t9oV2oSvuCe0yFlz08KJXiqFJ27t036RtGZPd5Iy8MA3snD3BljwtsUpDhFGrElZrfl2yimgK3mJ%2BtdkSjWajyeFUAeVmQJ2HvhqTl549RKLGZO6Zr8DoEZw%2BAlczoNkroPmwEfqgm8Nq00c%2FPqSxSWVCRZmbDoQpkKRzSLe9XX1Grkw56uFfkPx46dHja%2Ffn%2B4%2FBbYHEFritHhK09d3hTZOTvZsmd%2BSH60mqOqpPJ0u9ldJUzn7zvtzOjRVrK27w9Tt8IkzGww%2BlS9dpLFTcduTbZSWEtKvGckl%2BWnMfS3Yjc5vLmY2zZP3Gu6trncRK55SJR6DqxH0BrsbkOWqm1%2Fry7R%2Bh7Ag2K9DJjslFQZkj8GQHLrmkd2YWVl96WOIhz4qhDdnlT63GJDx%2FBC2Pl777eyP97UoIygo4%2BZ%2BHl%2FOuu4u2fRU0vTM91K4t0NUFqB7AZbPDNLHHS79WpgWmvSHT1ttj2uovn8br1Gmp4osGk5FsMFmtVSPJBavVmM8jPll5kyN1Y%2F7mH0%2F%2BAQAA%2F%2F8BAAD%2F%2F0CFnyR8BAAA

173.233.137.36

200 OK

7 B

URL HTTP/1.1
varietiesplea.com/impr.gif?sid=H4sIAAAAAAAC%2F1SSzWskVRTFXyUBFVdKEAZUeuFC0XSqqr%2BdRTDGDMGYGWYU3cn7qs6bvK5XvFfV1elVcEBm4aIF%2F4DK6WSCGgfdCg7SGRAmq7QbszAyy1kHXAiCdE8wejf3Vp3z4Me59%2FPd7Iz4yOjpygemr7Smi7WyX3r9kyC4WlpXcdYr9Zr1T%2BvVqyXbfbtVL%2FtvlK5JvmUWQz%2Fw%2FcAPSqvKysj0FiciVHLYCsotv1wNy0Gtip79%2F7fLPDjqQXTPyItQYjz30JuH4iPEne9XpNtKTfLWe51M09RYdMXBR%2FFWbPIYncsxsh6i%2BODCDeNOVh%2FAxPtTXJjuv0amxsT75QFYfHABCdbdm3IyDRmDieeRd0eQegRFR%2BDmDpQ4IQAX2LiOuHNvw9icbj9V6UQdk7k%2Fz6HyMZn7fR5x5%2F6yVr3SLaOzVJnYoRcVUL0RVHuEJDtC2p%2BByo%2FA08%2BgBEHcKaDE6WstP4zqVV8utCpNvlBlVbHAKA8XQr9WC3lEm%2FVWaxqMUiOoaAQtB6BuBpnzkCkPWeQhSzx0xGmJB0HQ8AWnfrPFeUU0JKsLP6CNKKCBX28i4xP2AdJkAK4H4HYHid3BlhrAZj%2FDbRZwwoNLCbqiQC4JckeQU4JcEeQpQd4t9oV2oSvuCe0yFlz08KJXiqFJ27t036RtGZPd5Iy8MA3snD3BljwtsUpDhFGrElZrfl2yimgK3mJ%2BtdkSjWajyeFUAeVmQJ2HvhqTl549RKLGZO6Zr8DoEZw%2BAlczoNkroPmwEfqgm8Nq00c%2FPqSxSWVCRZmbDoQpkKRzSLe9XX1Grkw56uFfkPx46dHja%2Ffn%2B4%2FBbYHEFritHhK09d3hTZOTvZsmd%2BSH60mqOqpPJ0u9ldJUzn7zvtzOjRVrK27w9Tt8IkzGww%2BlS9dpLFTcduTbZSWEtKvGckl%2BWnMfS3Yjc5vLmY2zZP3Gu6trncRK55SJR6DqxH0BrsbkOWqm1%2Fry7R%2Bh7Ag2K9DJjslFQZkj8GQHLrmkd2YWVl96WOIhz4qhDdnlT63GJDx%2FBC2Pl777eyP97UoIygo4%2BZ%2BHl%2FOuu4u2fRU0vTM91K4t0NUFqB7AZbPDNLHHS79WpgWmvSHT1ttj2uovn8br1Gmp4osGk5FsMFmtVSPJBavVmM8jPll5kyN1Y%2F7mH0%2F%2BAQAA%2F%2F8BAAD%2F%2F0CFnyR8BAAA
IP
173.233.137.36:0
ASN
#7979 SERVERS-COM

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /impr.gif?sid=H4sIAAAAAAAC%2F1SSzWskVRTFXyUBFVdKEAZUeuFC0XSqqr%2BdRTDGDMGYGWYU3cn7qs6bvK5XvFfV1elVcEBm4aIF%2F4DK6WSCGgfdCg7SGRAmq7QbszAyy1kHXAiCdE8wejf3Vp3z4Me59%2FPd7Iz4yOjpygemr7Smi7WyX3r9kyC4WlpXcdYr9Zr1T%2BvVqyXbfbtVL%2FtvlK5JvmUWQz%2Fw%2FcAPSqvKysj0FiciVHLYCsotv1wNy0Gtip79%2F7fLPDjqQXTPyItQYjz30JuH4iPEne9XpNtKTfLWe51M09RYdMXBR%2FFWbPIYncsxsh6i%2BODCDeNOVh%2FAxPtTXJjuv0amxsT75QFYfHABCdbdm3IyDRmDieeRd0eQegRFR%2BDmDpQ4IQAX2LiOuHNvw9icbj9V6UQdk7k%2Fz6HyMZn7fR5x5%2F6yVr3SLaOzVJnYoRcVUL0RVHuEJDtC2p%2BByo%2FA08%2BgBEHcKaDE6WstP4zqVV8utCpNvlBlVbHAKA8XQr9WC3lEm%2FVWaxqMUiOoaAQtB6BuBpnzkCkPWeQhSzx0xGmJB0HQ8AWnfrPFeUU0JKsLP6CNKKCBX28i4xP2AdJkAK4H4HYHid3BlhrAZj%2FDbRZwwoNLCbqiQC4JckeQU4JcEeQpQd4t9oV2oSvuCe0yFlz08KJXiqFJ27t036RtGZPd5Iy8MA3snD3BljwtsUpDhFGrElZrfl2yimgK3mJ%2BtdkSjWajyeFUAeVmQJ2HvhqTl549RKLGZO6Zr8DoEZw%2BAlczoNkroPmwEfqgm8Nq00c%2FPqSxSWVCRZmbDoQpkKRzSLe9XX1Grkw56uFfkPx46dHja%2Ffn%2B4%2FBbYHEFritHhK09d3hTZOTvZsmd%2BSH60mqOqpPJ0u9ldJUzn7zvtzOjRVrK27w9Tt8IkzGww%2BlS9dpLFTcduTbZSWEtKvGckl%2BWnMfS3Yjc5vLmY2zZP3Gu6trncRK55SJR6DqxH0BrsbkOWqm1%2Fry7R%2Bh7Ag2K9DJjslFQZkj8GQHLrmkd2YWVl96WOIhz4qhDdnlT63GJDx%2FBC2Pl777eyP97UoIygo4%2BZ%2BHl%2FOuu4u2fRU0vTM91K4t0NUFqB7AZbPDNLHHS79WpgWmvSHT1ttj2uovn8br1Gmp4osGk5FsMFmtVSPJBavVmM8jPll5kyN1Y%2F7mH0%2F%2BAQAA%2F%2F8BAAD%2F%2F0CFnyR8BAAA HTTP/1.1
Host: varietiesplea.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anotepad.com/
Cookie: u_pl=15950569; uid_id2=902f640e-938c-4b4d-bac2-20552cfa8699:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecb37d2f9324506eb3d8dc9b0489d7878c=[3551994]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 22 Sep 2022 04:09:14 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 226ed125a592a2c5a5f1d7446f1d413b
Strict-Transport-Security: max-age=0; includeSubdomains

addresseepaper.com/sfp.js

172.64.193.5

200 OK

0 B

URL HTTP/2
addresseepaper.com/sfp.js
IP
172.64.193.5:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sfp.js HTTP/1.1
Host: addresseepaper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anotepad.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 22 Sep 2022 04:09:11 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 3cf9b7b9c5b9d45089bfb7321ebff682
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Thu, 22 Sep 2022 04:09:11 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xxbBWFSKnNuBBAkODmCTik%2BRq2vcWzqVfx5mmiM324CYFJIYwVuAfElw0faWUod3zCEBzbnxw4msJ%2B3Ya4sZQsL1XJd5%2BLVpCT37OW2mXvyKJtr6aOPkiC9%2BNWy7m7b3P9W7e8g%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74e82f049a1372f0-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.barscreative1.com/sb/au/b6/cf/48/b6cf48ca3e8ab4bdbcfaa2279b0fb2bc/1613726822.html

45.133.44.3

200 OK

0 B

URL HTTP/2
cdn.barscreative1.com/sb/au/b6/cf/48/b6cf48ca3e8ab4bdbcfaa2279b0fb2bc/1613726822.html
IP
45.133.44.3:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /sb/au/b6/cf/48/b6cf48ca3e8ab4bdbcfaa2279b0fb2bc/1613726822.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anotepad.com
Connection: keep-alive
Referer: https://anotepad.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 22 Sep 2022 04:09:13 GMT
content-type: text/html; charset=utf-8
server: nginx/1.17.6
last-modified: Fri, 19 Feb 2021 09:27:09 GMT
etag: W/"602f846d-4fa"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Thu, 22 Sep 2022 05:09:13 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2

cdn.anotepad.com/bundles/site-css?v=A7BcNioZ7gHnb7Yxnif3W0WdBTQKnRFddLcogYeCxew1

143.204.55.18

200 OK

0 B

URL HTTP/2
cdn.anotepad.com/bundles/site-css?v=A7BcNioZ7gHnb7Yxnif3W0WdBTQKnRFddLcogYeCxew1
IP
143.204.55.18:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /bundles/site-css?v=A7BcNioZ7gHnb7Yxnif3W0WdBTQKnRFddLcogYeCxew1 HTTP/1.1
Host: cdn.anotepad.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anotepad.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
cache-control: public
expires: Thu, 14 Sep 2023 06:10:50 GMT
last-modified: Wed, 14 Sep 2022 06:10:50 GMT
server: Microsoft-IIS/8.5
x-frame-options: SAMEORIGIN
date: Wed, 14 Sep 2022 06:10:49 GMT
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: PeAvEMwjU9F_nPbBOONDVOa43_A8arzxSEfnbzeuQTYPqVHB2Z84HA==
age: 683903
X-Firefox-Spdy: h2

cdn.anotepad.com/bundles/site-js?v=4JJ_WrZ4oNYh261zftqULRw8l8nIXYjyZV-KxGfEAxE1

143.204.55.18

200 OK

0 B

URL HTTP/2
cdn.anotepad.com/bundles/site-js?v=4JJ_WrZ4oNYh261zftqULRw8l8nIXYjyZV-KxGfEAxE1
IP
143.204.55.18:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /bundles/site-js?v=4JJ_WrZ4oNYh261zftqULRw8l8nIXYjyZV-KxGfEAxE1 HTTP/1.1
Host: cdn.anotepad.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anotepad.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
cache-control: public
expires: Thu, 14 Sep 2023 06:10:39 GMT
last-modified: Wed, 14 Sep 2022 06:10:39 GMT
server: Microsoft-IIS/8.5
x-frame-options: SAMEORIGIN
date: Wed, 14 Sep 2022 06:10:38 GMT
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Oem0amnOLSi4gAUmxA4ArhfoQW9gM7jE69zjz7n8qUDat_R4OHX4xw==
age: 683914
X-Firefox-Spdy: h2

cdn.anotepad.com/images/anotepad.svg

143.204.55.18

200 OK

0 B

URL HTTP/2
cdn.anotepad.com/images/anotepad.svg
IP
143.204.55.18:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /images/anotepad.svg HTTP/1.1
Host: cdn.anotepad.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anotepad.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
cache-control: max-age=604800
last-modified: Sat, 13 Feb 2021 21:52:25 GMT
etag: W/"8fdbe283522d71:0"
server: Microsoft-IIS/8.5
x-frame-options: SAMEORIGIN
date: Thu, 15 Sep 2022 16:01:01 GMT
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: AOU2mtvDZ4NCYecMklmjs4ur5xN7jpOOEioqRkRCmh5zijG7EFFgVg==
age: 562093
X-Firefox-Spdy: h2

cdn.sb4you1.com/sb/ssp/utility/social-media/facebook/css/style.css

172.64.201.2

200 OK

0 B

URL HTTP/2
cdn.sb4you1.com/sb/ssp/utility/social-media/facebook/css/style.css
IP
172.64.201.2:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sb/ssp/utility/social-media/facebook/css/style.css HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anotepad.com
Connection: keep-alive
Referer: https://anotepad.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 22 Sep 2022 04:09:13 GMT
content-type: text/css
last-modified: Fri, 27 Aug 2021 12:19:14 GMT
etag: W/"6128d842-18be"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 246567
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=42SpFb7S4xHDayU4NMfe2055iBCITrESwyggBb8AbTDRfTMPgTQxH3pl85qRpYMycZKhJmAeGR3dPq2cCtoKB8SQ7mzW1T67SGSDxN34dOz2GTxabtybbau6uU0HvSZ7HPc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74e82f147f48d16c-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (21)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations