firefox.settings.services.mozilla.com/v1/
143.204.55.27200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 91dd975a7b17b2922dd23c0e49314e40
57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sat, 10 Sep 2022 06:06:26 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: YknDBV9-smzxxExy64fzgf4-c0eVhIE6-F2ngz0RX1SODFj7wmtXIQ==
Age: 3166
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f55e483f32b3fd50b1a2414aaada9b61
9d6b22edb98866e002e3b1ace44dfb0f8d00935f
4b09e1d2b887ded061e4ec5f82ec70ce699eeed428acc6b4fd3ef10ed9233c89
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4B09E1D2B887DED061E4EC5F82EC70CE699EEED428ACC6B4FD3EF10ED9233C89"
Last-Modified: Thu, 08 Sep 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4266
Expires: Sat, 10 Sep 2022 08:10:18 GMT
Date: Sat, 10 Sep 2022 06:59:12 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.49200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.49:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
date: Fri, 09 Sep 2022 07:17:12 GMT
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
etag: "742edb4038f38bc533514982f3d2e861"
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 8bieSres35yjqDHlGVO1bPay_fQkW8t28HtlDEtcdOBqibSm4kPE5Q==
age: 85321
X-Firefox-Spdy: h2
anotepad.com/notes/668a5mii
207.244.104.157301 Moved Permanently 158 B URL HTTP/1.1 anotepad.com/notes/668a5mii
IP 207.244.104.157:0
ASN #30633 LEASEWEB-USA-WDC
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 5c7ce7453823c381d60f4b6ba4c719c7
b0d93f71855d4bf6ff5fe5040548d6e06d81d5e5
e966be3b4fa5b8f19a1c39531943560949c584455a0c4eb7df5b5e2b98b12008
GET /notes/668a5mii HTTP/1.1
Host: anotepad.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
Location: https://anotepad.com/notes/668a5mii
Server: Microsoft-IIS/8.5
X-Frame-Options: SAMEORIGIN
Date: Sat, 10 Sep 2022 06:59:12 GMT
Content-Length: 158
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 10 Sep 2022 06:59:12 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.27200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sat, 10 Sep 2022 06:56:07 GMT
Cache-Control: max-age=3600
Expires: Sat, 10 Sep 2022 07:53:04 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: IVZNAwrxPXXh9JwK6BuPxEp9syRodm4yuUrfH1z5lXR3iSSydLpDyw==
Age: 185
anotepad.com/notes/668a5mii
207.244.104.157200 OK 5.6 kB URL HTTP/1.1 anotepad.com/notes/668a5mii
IP 207.244.104.157:0
ASN #30633 LEASEWEB-USA-WDC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2337), with CRLF line terminators
Hash b81177ecb51a96bd1e1ca930afbc4176
73b6c8163f33eceacacb1a1b010bb42611d6f901
4d4859119fb8ae05d3d60ab09ee7181574f524a7455ff27e909538f095104ddf
GET /notes/668a5mii HTTP/1.1
Host: anotepad.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Frame-Options: SAMEORIGIN
Date: Sat, 10 Sep 2022 06:59:13 GMT
Content-Length: 5573
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d0c56e0b2955a5dd7f37ba4bbf5727b4
f435bd1f6fb8ec931f1817fe4b91e6b86a7cb14b
99f7da9dca677db8e9cec5491c0d6d8a86b9c5e907907c2fdd30973c747f4282
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6588
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 06:59:13 GMT
Last-Modified: Sat, 10 Sep 2022 05:09:25 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.4.1/css/bootstrap.min.css
104.17.25.14200 OK 16 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.4.1/css/bootstrap.min.css
IP 104.17.25.14:0
File type ASCII text, with very long lines (65369)
Hash d3a47d1d66fc94ed3f89d9e77cd1a122
92b01371dd02a4157abb9cfdfb6c63b9c7a4eee9
3b1897163caeb1738a1bc8d6ec7db9b903b3fc21d91b586714e19fedd46a3d5d
GET /ajax/libs/twitter-bootstrap/3.4.1/css/bootstrap.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anotepad.com
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 10 Sep 2022 06:59:13 GMT
content-type: text/css; charset=utf-8
content-length: 16120
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb04010-1da71"
last-modified: Mon, 04 May 2020 16:17:20 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 134379
expires: Thu, 31 Aug 2023 06:59:13 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QWSlfzk4nO%2B%2FmLCQBeG3DyG9ZpQkzgjWWlTDqXMn5t4olNrPcKI4mPKFSE%2B9hYEAthj1l%2FFoIzQaRg3OCkNsAiJFfyJbhUb1jc3FGqC9nF18M0n%2BeIbdG16EsbmQD1mkOrLjGXSR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 748647983cdbb4fa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/jqueryui/1.12.1/jquery-ui.min.js
104.17.25.14200 OK 57 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jqueryui/1.12.1/jquery-ui.min.js
IP 104.17.25.14:0
File type ASCII text, with very long lines (32074)
Hash 8486da289409cd85cf8b6fd169c721c4
72d46568b1412639c71f218761c4e637773c4bfc
552f8314a7e6f840ab958f4a71ee38b747deb74634ea9797806f38c95b48c3ef
GET /ajax/libs/jqueryui/1.12.1/jquery-ui.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anotepad.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 10 Sep 2022 06:59:13 GMT
content-type: application/javascript; charset=utf-8
content-length: 57137
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-3dee5"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 8233602
expires: Thu, 31 Aug 2023 06:59:13 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=efsmpuBqGYT1K44KlWEezLfBmmV%2Bxs0V7onNqm5MLmJgD5lLQrCWFpwU15rJOby3eWAnPoPQdPJcAp2RYOuQt58dluuFZJvUvt8MnSE7t4UnPLaYB%2FZ4oh8nKrLqmt%2FsyNBpUFG0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 748647985cfbb4fa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js
104.17.25.14200 OK 30 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js
IP 104.17.25.14:0
File type ASCII text, with very long lines (32077)
Hash 5e4764d3c94d1a1db8c3d0890278b6d1
e5171f2f46e16d32df5f634ba21e47256fa9689c
5077e8927721a6a3ae5d78b456b7041230d627774a0a319beebacc88290b8328
GET /ajax/libs/jquery/1.12.4/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anotepad.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 10 Sep 2022 06:59:13 GMT
content-type: application/javascript; charset=utf-8
content-length: 30360
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-17b8b"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 137307
expires: Thu, 31 Aug 2023 06:59:13 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6RVQmSJUc1XzbDh%2BoeZ8Mjv9IlEZOtLgieaY6%2Bg6PjOuuUhCSuSXmcUPpspV37fi96rrCF95L%2FrWA8CPbFkkWSurKtDkS5nQ3GsfS%2BQQazcGQ7oR70tZv8yoEA7RJ1U8y%2FRB%2BGtS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 748647986d01b4fa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f8d4710e8d9efc59480e7a5b754d7534
7dce3ecea113a5fb2391c5a632e1dfb5a0eb77ee
fbf214f8c3a82c07b128679f898006aba69a2e6e75bf261ab1ca28c86ac3b7f7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FBF214F8C3A82C07B128679F898006ABA69A2E6E75BF261AB1CA28C86AC3B7F7"
Last-Modified: Wed, 07 Sep 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2150
Expires: Sat, 10 Sep 2022 07:35:03 GMT
Date: Sat, 10 Sep 2022 06:59:13 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash a4ae55dbf8e22a357ee36e37fafa37af
18d33f606a8bc692802cfaa3a22ceb4a5eedca8c
8343a46c0a87b15be71cab0ae84912ed07d3104d4b621c55e3cd69367f58ebb6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 06:59:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-NQC99C3
142.250.74.72200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-NQC99C3
IP 142.250.74.72:0
File type ASCII text, with very long lines (1615)
Hash bfe23233c965e4df9a73ad93600b5437
8789feddfe715bbfc15cbfe05aa805c7f76fbe63
57a8d65acc9749ed6c92505f8d51be19d4276616ca4812127289333e36fd1bbb
GET /gtm.js?id=GTM-NQC99C3 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anotepad.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 10 Sep 2022 06:59:13 GMT
expires: Sat, 10 Sep 2022 06:59:13 GMT
cache-control: private, max-age=900
last-modified: Sat, 10 Sep 2022 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44160
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash a4ae55dbf8e22a357ee36e37fafa37af
18d33f606a8bc692802cfaa3a22ceb4a5eedca8c
8343a46c0a87b15be71cab0ae84912ed07d3104d4b621c55e3cd69367f58ebb6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 06:59:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash 1891f5b5d3486cc8608b3b431568569c
95558560c5dd9e1e2b6818d5ecab49cf4bf2979f
9bd42dd211b9d70b9cbcb28b3daebf8412296f3d3614629909c3aa265ff7aa5d
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sat, 10 Sep 2022 06:59:13 GMT
Etag: "631b5d84-1d7"
Last-Modified: Sat, 10 Sep 2022 06:43:15 GMT
Server: ECS (dcb/7F3A)
X-Cache: Miss from cloudfront
Via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: pnjw3-gXPSY4815wGYHUJDSq4qBgcrWFZApHnYnZX8Thzlfg3CUWVg==
Age: 959
cdn.anotepad.com/images/badge_applestore.png
143.204.55.59200 OK 3.1 kB URL HTTP/2 cdn.anotepad.com/images/badge_applestore.png
IP 143.204.55.59:0
File type PNG image data, 239 x 80, 8-bit colormap, non-interlaced\012- data
Hash 4e97ce0a8ea4025ed15e9c19079ca4b6
948efc3776eb186349cf0cec535a82833c56cd6f
7f9164a13476744c911fea7dbab9a2924750f69f82ec1d51d2a09e64638952c0
GET /images/badge_applestore.png HTTP/1.1
Host: cdn.anotepad.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anotepad.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 3050
last-modified: Sun, 12 Jan 2020 18:32:03 GMT
accept-ranges: bytes
server: Microsoft-IIS/8.5
x-frame-options: SAMEORIGIN
cache-control: max-age=604800
date: Sun, 04 Sep 2022 05:47:55 GMT
etag: "82bdb9576c9d51:0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: frSCtPx74T1RGQTnQZMOlInt_UuV9qI5oPvBNon8nXXELNukL-JhJA==
age: 522678
X-Firefox-Spdy: h2
cdn.anotepad.com/images/badge_playstore.png
143.204.55.59200 OK 3.7 kB URL HTTP/2 cdn.anotepad.com/images/badge_playstore.png
IP 143.204.55.59:0
File type PNG image data, 270 x 80, 8-bit colormap, non-interlaced\012- data
Hash d4ce4d823f6777f6c4997ad89d50d8fc
3c61260e346bb30109d29009fb90b0625cb1be60
f45f42097ab97da2bd3034f5f7331e2283a38f7147638825cd71912fe8dcbbb6
GET /images/badge_playstore.png HTTP/1.1
Host: cdn.anotepad.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anotepad.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 3709
last-modified: Sun, 12 Jan 2020 18:32:03 GMT
accept-ranges: bytes
server: Microsoft-IIS/8.5
x-frame-options: SAMEORIGIN
cache-control: max-age=604800
date: Fri, 09 Sep 2022 14:20:22 GMT
etag: "bf8eda9576c9d51:0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: V7avzmJFaFjjKcgSnNkYr7P4NF8rHZPKVWHiLrdgWv9Z6pr96aMpoA==
age: 59936
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f1fa8224847ea7d9b4dc8e598fae4142
cb703a2944e58d97dd48a7e56ee9f4510ced78b4
920094aad2886535e2ba9e38d4731f63fbde93038d92b38f0030b0a0f47c2ac8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 06:59:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
52.42.74.230101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.42.74.230:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 4nxc9oYUUIZ415yPj34MHw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 5+MdmuXcycZsfs7PSjJTD7MUUIY=
cdn.anotepad.com/Images/icons/icon_language_light.png
143.204.55.59200 OK 2.8 kB URL HTTP/2 cdn.anotepad.com/Images/icons/icon_language_light.png
IP 143.204.55.59:0
File type PNG image data, 96 x 96, 8-bit/color RGBA, non-interlaced\012- data
Hash 41246beeea403683c91ce0c8f754bd8c
d89c21eb936491b8ba00b09fd9351813643961cd
84d8eb6af559cc3d679dcbbdc021f2bcd43b699edaf99c7443b0e30c1e65e205
GET /Images/icons/icon_language_light.png HTTP/1.1
Host: cdn.anotepad.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.anotepad.com/bundles/site-css?v=Kj7M4AcVxzqOYDFhgQEAv7XjqjytoufAx9Fh_BQYbso1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 2752
last-modified: Thu, 16 Dec 2021 08:59:54 GMT
accept-ranges: bytes
server: Microsoft-IIS/8.5
x-frame-options: SAMEORIGIN
cache-control: max-age=604800
date: Sun, 04 Sep 2022 20:09:59 GMT
etag: "061b44a5bf2d71:0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Wqw05UCdlHk_2dOEKmH7QLMrODPQ8mJEyuKAJrYw9nih-WzDcWD1kg==
age: 470955
X-Firefox-Spdy: h2
cdn.anotepad.com/Images/icon_sprites.png?v1
143.204.55.59200 OK 15 kB URL HTTP/2 cdn.anotepad.com/Images/icon_sprites.png?v1
IP 143.204.55.59:0
File type PNG image data, 1824 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash f32de01b6b72a3232f70853b25b9ca75
f97632426ea1e1c9b8031cd67e4c903d3cf94661
f01231a50ecc9c14b80f5f743ed5aeeec39f27867fb70b9b8e79f836f4af078f
GET /Images/icon_sprites.png?v1 HTTP/1.1
Host: cdn.anotepad.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.anotepad.com/bundles/site-css?v=Kj7M4AcVxzqOYDFhgQEAv7XjqjytoufAx9Fh_BQYbso1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 14982
last-modified: Sat, 13 Nov 2021 20:56:42 GMT
accept-ranges: bytes
server: Microsoft-IIS/8.5
x-frame-options: SAMEORIGIN
date: Fri, 09 Sep 2022 18:01:25 GMT
cache-control: max-age=604800
etag: "47835cf6d0d8d71:0"
x-cache: Hit from cloudfront
via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: U5p6aEW_pC_5x8bJrlA5dkn1W0bPuI4TdGuK-UUHkNG_2k0Pppk6PQ==
age: 185129
X-Firefox-Spdy: h2
m.media-amazon.com/images/I/61CKAfyRmpL._UX569_.jpg
143.204.53.204200 OK 18 kB URL HTTP/2 m.media-amazon.com/images/I/61CKAfyRmpL._UX569_.jpg
IP 143.204.53.204:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 569x569, components 3\012- data
Hash 2fc01414931d4c563a38880c82b5f703
33fc85391a976f5d416d9841be6a5a9f7ba2b312
ca2667b845d7af3b6bd962599206b9726f960b814e6690e9ba7c5d3f70d7036d
GET /images/I/61CKAfyRmpL._UX569_.jpg HTTP/1.1
Host: m.media-amazon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anotepad.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 18291
server: Server
date: Sat, 10 Sep 2022 06:59:13 GMT
x-amz-ir-id: b35f6e69-be39-4da2-b9ed-8db8e8d5184e
expires: Fri, 05 Sep 2042 06:59:13 GMT
cache-control: max-age=630720000,public
surrogate-key: x-cache-031 /images/I/61CKAfyRmpL
timing-allow-origin: https://www.amazon.in, https://www.amazon.com
edge-cache-tag: x-cache-031,/images/I/61CKAfyRmpL
access-control-allow-origin: *
last-modified: Mon, 16 Sep 2019 03:12:48 GMT
x-nginx-cache-status: MISS
accept-ranges: bytes
x-cache: Miss from cloudfront
via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: oYo8A3t51NKK_IP7Qu6bDf6rkVOhJ-PR8DzMYMcHuBG27UzhNvX2Xw==
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Lato:wght@700&display=swap
142.250.74.10200 OK 816 B URL HTTP/2 fonts.googleapis.com/css2?family=Lato:wght@700&display=swap
IP 142.250.74.10:0
Hash f30e620995ea7d19d8585ce4f1e7d39d
ef6242ec469480e69679ece2b029df8f3f1aef3c
0d4e51bcd42026d325b91818c538a932dcbb101beb081952e5dcd6bc44f2c2a6
GET /css2?family=Lato:wght@700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.anotepad.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 10 Sep 2022 06:59:13 GMT
date: Sat, 10 Sep 2022 06:59:13 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ebc205cf750164c31d1fce2318d1636b
9309949107d69193b1c5156d45fbcc91e20a0fe4
4ab7f53d17c5d642e17a3e78aa93dc133c4713e44ccccb849f04fdcca62be8b6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 06:59:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
142.250.74.163200 OK 23 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 23040, version 1.0\012- data
Hash de69cf9e514df447d1b0bb16f49d2457
2ac78601179c3a63ba3f3f3081556b12ddcaf655
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
GET /s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://anotepad.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23040
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Sep 2022 17:10:21 GMT
expires: Wed, 06 Sep 2023 17:10:21 GMT
cache-control: public, max-age=31536000
age: 308932
last-modified: Tue, 26 Apr 2022 15:56:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ebc205cf750164c31d1fce2318d1636b
9309949107d69193b1c5156d45fbcc91e20a0fe4
4ab7f53d17c5d642e17a3e78aa93dc133c4713e44ccccb849f04fdcca62be8b6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 06:59:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash 1891f5b5d3486cc8608b3b431568569c
95558560c5dd9e1e2b6818d5ecab49cf4bf2979f
9bd42dd211b9d70b9cbcb28b3daebf8412296f3d3614629909c3aa265ff7aa5d
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Sat, 10 Sep 2022 06:59:13 GMT
Server: ECS (dcb/7F83)
X-Cache: Miss from cloudfront
Via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: eYYuBF524FmOKLJFrjClUv2TFGfi8N4yS7bEKzuABf5tvZFaz3XQSw==
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5d9b07d3f293c8eb49e0af9881d13a96
027ad53686950d9d25d2b587d8d72b21faa19fcd
1b10b671558f5624d79ace9f14108a3837d932e68336f922f824f9dcaf79f9b8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1B10B671558F5624D79ACE9F14108A3837D932E68336F922F824F9DCAF79F9B8"
Last-Modified: Fri, 09 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17678
Expires: Sat, 10 Sep 2022 11:53:51 GMT
Date: Sat, 10 Sep 2022 06:59:13 GMT
Connection: keep-alive
anotepad.com/note/loadcomment
207.244.104.157200 OK 360 B URL HTTP/1.1 anotepad.com/note/loadcomment
IP 207.244.104.157:0
ASN #30633 LEASEWEB-USA-WDC
File type ASCII text, with CRLF line terminators
Hash 69e62c5f90ce8a3578aae9ea26cb5221
d53f0f16cc1878e6065ef412c63df58e39d47b3a
f185010745652a05abd30200b26d0203cd9b2604646f7f585f9977fcdd214402
POST /note/loadcomment HTTP/1.1
Host: anotepad.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 19
Origin: https://anotepad.com
Connection: keep-alive
Referer: https://anotepad.com/notes/668a5mii
Cookie: _ga_6PG3MM86KX=GS1.1.1662793144.1.0.1662793144.0.0.0; _ga=GA1.1.19812372.1662793144
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Frame-Options: SAMEORIGIN
Date: Sat, 10 Sep 2022 06:59:13 GMT
Content-Length: 360
pl16023739.revenuenetworkcpm.com/a1/38/54/a1385457843ed7b58df9deca74af31e9.js
192.243.59.20200 OK 17 kB URL HTTP/1.1 pl16023739.revenuenetworkcpm.com/a1/38/54/a1385457843ed7b58df9deca74af31e9.js
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (53717), with no line terminators
Hash 42d1cdf1795262e809125ee0d6be1379
a881adf31b01184e6ddff8596fb2626e5fc3cde4
4a19a01500f2b9b1c25087b4b3d5d0c99fc0050600ba95c6a2f50a8e7ebb0673
GET /a1/38/54/a1385457843ed7b58df9deca74af31e9.js HTTP/1.1
Host: pl16023739.revenuenetworkcpm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anotepad.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Sat, 10 Sep 2022 06:59:13 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: cd853c8fb2b585b6464c3d5639b1caae
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
cdn.shopify.com/s/files/1/1616/5497/products/FullCarbonSunglasses-PolarisedMidnightBlack.png?v=1594983060
104.16.255.71200 OK 39 kB URL HTTP/2 cdn.shopify.com/s/files/1/1616/5497/products/FullCarbonSunglasses-PolarisedMidnightBlack.png?v=1594983060
IP 104.16.255.71:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 6a1d79ebf572320014c73b5042dd50b7
0913ab1f80da82818dc30223e41b943e45e1880a
ca614450e1dad8984a00977fe73dee6582c0a25442f8e8e5f612eb1fb6ac4d68
GET /s/files/1/1616/5497/products/FullCarbonSunglasses-PolarisedMidnightBlack.png?v=1594983060 HTTP/1.1
Host: cdn.shopify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anotepad.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Sep 2022 06:59:14 GMT
content-type: image/webp
content-length: 39320
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
link: <https://cdn.shopify.com/s/files/1/1616/5497/products/FullCarbonSunglasses-PolarisedMidnightBlack.png>; rel="canonical"
server-timing: imagery;dur=455.223, imageryFetch;dur=94.478, imageryProcess;dur=359.256;desc="image"
timing-allow-origin: *
vary: Accept, Accept-Encoding
x-content-type-options: nosniff
x-request-id: 17b5cf43-18f3-40a1-b48a-a0acdf9a7b2d
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-dc: gcp-us-east1,us-east1
last-modified: Sat, 10 Sep 2022 06:59:13 GMT
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9eRk3b%2FAXzbdR5REoWPpM4h5FFxP%2BJZcT7JN18YqZsOFStF4GUOQjq5JWncS7yCAFYCpHjKrC7RW1sifI4xiQveV6NRE%2FjPcmqq1RZfMP%2FJo7ykLNr8JKtWAp%2B%2B0WWw5Rg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74864798ae16b512-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.anotepad.com/favicon-16x16.png
143.204.55.59200 OK 827 B URL HTTP/2 cdn.anotepad.com/favicon-16x16.png
IP 143.204.55.59:0
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash 0469e563461e628f5c7ac9fba30e3134
ce38ece54cf70a32de17b05f2d29f17d95ff5891
25f14abbbf54617b6dc3438702bc5453a81bc841acf24600c40d06b5cdcc3629
GET /favicon-16x16.png HTTP/1.1
Host: cdn.anotepad.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anotepad.com/
Cookie: _ga_6PG3MM86KX=GS1.1.1662793144.1.0.1662793144.0.0.0; _ga=GA1.1.19812372.1662793144
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 827
last-modified: Sat, 13 Feb 2021 22:46:18 GMT
accept-ranges: bytes
server: Microsoft-IIS/8.5
x-frame-options: SAMEORIGIN
date: Sat, 10 Sep 2022 06:14:26 GMT
etag: "693427b5a2d71:0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: vY3V0rcEi1gME9To6cEWDPdxt9RXM0IvgVU_uK9uO-qehlNpGFx5xA==
age: 9877
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash eef7b878313532413d2e904a3a038772
9a2ad77b9950bf7307b930361fc838eff9d0eaf4
e75355f9c1847499acbee18281bd946af98db1827fa1cbdabc6b0860554a3bc0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E75355F9C1847499ACBEE18281BD946AF98DB1827FA1CBDABC6B0860554A3BC0"
Last-Modified: Sat, 10 Sep 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10598
Expires: Sat, 10 Sep 2022 09:55:52 GMT
Date: Sat, 10 Sep 2022 06:59:14 GMT
Connection: keep-alive
s7.addthis.com/js/300/addthis_widget.js
23.38.200.123200 OK 116 kB URL HTTP/2 s7.addthis.com/js/300/addthis_widget.js
IP 23.38.200.123:0
File type ASCII text, with very long lines (54602)
Size 116 kB (116325 bytes)
Hash ff4671f71c958029bbf6d9694284da70
7535744f2dbaf99902a54fc529e760b08a73f265
123f781673b2e45e18df36b64984674f489a5f3541c69e295f01f554b8d3c738
GET /js/300/addthis_widget.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anotepad.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/javascript
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-5834c"
cache-control: public, max-age=600
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 116325
date: Sat, 10 Sep 2022 06:59:14 GMT
vary: Accept-Encoding
x-distribution: 99
x-host: s7.addthis.com
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 56f5d7f608e25d64207135f045f988cb
901eb59372ae330ae85e1384da93479b21ae1082
1910daea79e5a9d04829a91e432dfa56f45a80a3e14a8cf667fec73af9fd3d29
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anotepad.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20006
date: Sat, 10 Sep 2022 06:41:12 GMT
expires: Sat, 10 Sep 2022 08:41:12 GMT
cache-control: public, max-age=7200
age: 1082
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash cb260f695580f58c6e36d3b8079c85cd
2f38fcf0b1ce3460a59fa60f3d458f71397db491
512582d966d42131bc95e57e129eb31306f3d198f9bce10ccd46e34fd9afb88b
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "512582D966D42131BC95E57E129EB31306F3D198F9BCE10CCD46E34FD9AFB88B"
Last-Modified: Wed, 07 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5210
Expires: Sat, 10 Sep 2022 08:26:04 GMT
Date: Sat, 10 Sep 2022 06:59:14 GMT
Connection: keep-alive
region1.google-analytics.com/g/collect?v=2&tid=G-6PG3MM86KX>m=2oe970&_p=993566161&cid=19812372.1662793144&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1662793144&sct=1&seg=0&dl=https%3A%2F%2Fanotepad.com%2Fnotes%2F668a5mii&dt=Advantages%20of%20wearing%20the%20titanium%20sunglasses%20-%20Online%20Notepad&en=page_view&_fv=1&_nsi=1&_ss=1
216.239.34.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-6PG3MM86KX>m=2oe970&_p=993566161&cid=19812372.1662793144&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1662793144&sct=1&seg=0&dl=https%3A%2F%2Fanotepad.com%2Fnotes%2F668a5mii&dt=Advantages%20of%20wearing%20the%20titanium%20sunglasses%20-%20Online%20Notepad&en=page_view&_fv=1&_nsi=1&_ss=1
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-6PG3MM86KX>m=2oe970&_p=993566161&cid=19812372.1662793144&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1662793144&sct=1&seg=0&dl=https%3A%2F%2Fanotepad.com%2Fnotes%2F668a5mii&dt=Advantages%20of%20wearing%20the%20titanium%20sunglasses%20-%20Online%20Notepad&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anotepad.com
Connection: keep-alive
Referer: https://anotepad.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://anotepad.com
date: Sat, 10 Sep 2022 06:59:14 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
addresseepaper.com/sfp.js
104.21.234.254200 OK 23 kB URL HTTP/2 addresseepaper.com/sfp.js
IP 104.21.234.254:0
File type Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Hash dfb09b6ee6de11ff7293c21eb2db0a28
3b0da5d295599ff9eae3a001ad8663bb4c07155c
cd8b771b6d5a933d6d21cf95b8c44731bce5d63d8fb617b083ca3cd7221516c7
GET /sfp.js HTTP/1.1
Host: addresseepaper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anotepad.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 10 Sep 2022 06:59:14 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: b84cd5bac4d926e11b40720dbaf4fc13
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Sat, 10 Sep 2022 06:59:14 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yg373%2FwyrjtZmkPbYJ%2FmHJIWDpbIOoo%2FX0PdXbxSEKyFRJ4bBJoI5mlWykNJVk5xOlIWrweBN5P1t22qycX2iUY1GNH9R7hLyDrjZMc9Q%2FX2sB6hrK6Vjn1lcZ1Y45FxR50g7Os%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7486479d3a0175c5-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
z.moatads.com/addthismoatframe568911941483/moatframe.js
23.38.201.146200 OK 948 B URL HTTP/2 z.moatads.com/addthismoatframe568911941483/moatframe.js
IP 23.38.201.146:0
File type ASCII text, with very long lines (523)
Hash f14b4e1f799b14f798a195f43cf58376
b6fd3b3d407fb4c0a00fb8a31862235e2a6e0a86
92ed3e9fda5fa4d738ff4d9023846b56633617363dda6a750cacb4fba53241ac
GET /addthismoatframe568911941483/moatframe.js HTTP/1.1
Host: z.moatads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anotepad.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: e0HboiVQpjIDEK8WTxqU5+8G8wOtu9bNCFY72alTHLP0/Yb+qoiTOxu6fad89ebRofzHxENxOOg=
x-amz-request-id: 61EC92F13BB22DD4
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
etag: "f14b4e1f799b14f798a195f43cf58376"
content-encoding: gzip
accept-ranges: bytes
content-type: application/x-javascript
content-length: 948
server: AmazonS3
vary: Accept-Encoding
cache-control: max-age=64742
date: Sat, 10 Sep 2022 06:59:14 GMT
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5062a86b01f1f8de3654dfde17be1b32
263ae6891668d021b3812d08f074899962d280a8
f19e99b8535ff842faee82c41ecc91dcb3204e73d05f9199162f3f2fb7effae4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F19E99B8535FF842FAEE82C41ECC91DCB3204E73D05F9199162F3F2FB7EFFAE4"
Last-Modified: Fri, 09 Sep 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4642
Expires: Sat, 10 Sep 2022 08:16:36 GMT
Date: Sat, 10 Sep 2022 06:59:14 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 97e5566c275b9fe27464690811145846
fa8973c8004db59d9a8fd46e9743fb6c9a8d3efd
e77cd1a4510c736e628aa10719f7694d7c7fef15adf1a449d800f90cde76fb88
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 06:59:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-8870545-1&cid=19812372.1662793144&jid=1260669138&gjid=1390912330&_gid=578899408.1662793145&_u=YADAAEAAAAAAAC~&z=1572127230
142.251.1.155200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-8870545-1&cid=19812372.1662793144&jid=1260669138&gjid=1390912330&_gid=578899408.1662793145&_u=YADAAEAAAAAAAC~&z=1572127230
IP 142.251.1.155:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-8870545-1&cid=19812372.1662793144&jid=1260669138&gjid=1390912330&_gid=578899408.1662793145&_u=YADAAEAAAAAAAC~&z=1572127230 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://anotepad.com
Connection: keep-alive
Referer: https://anotepad.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://anotepad.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 10 Sep 2022 06:59:14 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 97e5566c275b9fe27464690811145846
fa8973c8004db59d9a8fd46e9743fb6c9a8d3efd
e77cd1a4510c736e628aa10719f7694d7c7fef15adf1a449d800f90cde76fb88
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 06:59:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18042
Expires: Sat, 10 Sep 2022 11:59:56 GMT
Date: Sat, 10 Sep 2022 06:59:14 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18042
Expires: Sat, 10 Sep 2022 11:59:56 GMT
Date: Sat, 10 Sep 2022 06:59:14 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18042
Expires: Sat, 10 Sep 2022 11:59:56 GMT
Date: Sat, 10 Sep 2022 06:59:14 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18042
Expires: Sat, 10 Sep 2022 11:59:56 GMT
Date: Sat, 10 Sep 2022 06:59:14 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a798806-4378-4646-89ee-e50837809910.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a798806-4378-4646-89ee-e50837809910.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1abac18a85802f38f08561ac64020b55
afbc7666fa0b2093ef0c5d9a955d54d139c09b30
eae7f28dd178293939ecd81082ab68ae6098bb3cb1f1fe9411c38314ddb0f944
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a798806-4378-4646-89ee-e50837809910.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9610
x-amzn-requestid: 34102145-abda-4987-a68d-9069496366ea
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YNj0oF7loAMF6zg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631bb350-52aee64214c814812c03262e;Sampled=0
x-amzn-remapped-date: Fri, 09 Sep 2022 21:42:40 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 91AsC8-zVFCOPHFb2qnlTev2aXzdCEDYtc68JtYYsQSKS7OFF4QzgQ==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Sep 2022 21:59:50 GMT
age: 32364
etag: "afbc7666fa0b2093ef0c5d9a955d54d139c09b30"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5e72c2e9-6d47-42ac-9514-316cd8f8f6c5.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5e72c2e9-6d47-42ac-9514-316cd8f8f6c5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e8f11aeba65478b039cfb4100aa23435
88db17a82ea0207ccb4826c2961875c5106b427a
6f6ec5922ec54d824e7f933de87608c5a763da119ae9461d99c6525649b1a9af
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5e72c2e9-6d47-42ac-9514-316cd8f8f6c5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8676
x-amzn-requestid: 64a58aa8-8321-4c91-98fe-dbf97996c513
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YNiuZEjnIAMFRFg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631bb18f-77b635593b202d7d3cd0ac84;Sampled=0
x-amzn-remapped-date: Fri, 09 Sep 2022 21:35:11 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: VWwNSpFvcDq3nrn91QvYjrJX5hLjp96vrKgZzR-pOdrdHx7MlcagGQ==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 d1d67b07408bba8c682597d8303642e2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Sep 2022 22:13:43 GMT
age: 31531
etag: "88db17a82ea0207ccb4826c2961875c5106b427a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa03f5a55-72fc-42e1-bf3b-1c427237302d.webp
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa03f5a55-72fc-42e1-bf3b-1c427237302d.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 412441a2a064555c5d7f1400c2741360
7532d9543b93248891324e07e8edff10a36d174d
421b3e9db572f1077abd4ef2748696b38a4117e33db6ae0b5fa46841afa2693f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa03f5a55-72fc-42e1-bf3b-1c427237302d.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14312
x-amzn-requestid: 4d301754-9ed3-401f-9ad5-1862533d7559
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YNj5wGowIAMF4WA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631bb371-7729383d0bc0f729231ad5b8;Sampled=0
x-amzn-remapped-date: Fri, 09 Sep 2022 21:43:13 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: QWNGLaXe2lZ7niw6TU6KUOuMnWi-Ml3hkw6WLB8vD_jWsg5YMuFWbw==
via: 1.1 d0387b833e3ca8cb748a1296b4b4bf2a.cloudfront.net (CloudFront), 1.1 c21a0d27ceec21e266c9f962d0349438.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Sep 2022 21:54:57 GMT
age: 32657
etag: "7532d9543b93248891324e07e8edff10a36d174d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2402aa1c-c5d5-475b-abd9-db6b8ca99270.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2402aa1c-c5d5-475b-abd9-db6b8ca99270.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 572d8ed935df86fde22138e8bfddfd9f
3b25ffe66a762ea032c05b149a29fe0d6faa3687
866c2b16919ab311f906c4e8a074fd93b46f74408c9e2c9a4c30310afa08f047
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2402aa1c-c5d5-475b-abd9-db6b8ca99270.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9981
x-amzn-requestid: 1a34423c-b2d9-4ae3-a437-eb5717334372
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YNkiSGjloAMFYuw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631bb474-00c79a927f7f7d5d70791b68;Sampled=0
x-amzn-remapped-date: Fri, 09 Sep 2022 21:47:32 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: jwkD86lz1SUQE__IGBv9RINc-LON017wkTpW7g0ePcMtssqd_POtpQ==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 7d01bcfcfe27ce0b8979cf621dd081de.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Sep 2022 22:13:41 GMT
age: 31533
etag: "3b25ffe66a762ea032c05b149a29fe0d6faa3687"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6b740bb-cd50-42b6-b38f-dd47e55c168b.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6b740bb-cd50-42b6-b38f-dd47e55c168b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e2ed199f1cb98d32690c0b5c1fa90643
96f3088f1361a8c7a62e36f99b4c58c49a750f95
b2e52fa2d41478c8a23892bed1051bcde3c4a937350b149e65a35ef37cf7c4bd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6b740bb-cd50-42b6-b38f-dd47e55c168b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8675
x-amzn-requestid: a28b0b64-d536-4bc2-b659-f8255e9f73b0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XfXe8HEUIAMFiag=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6309392c-032fdc54025b8fbe21987a57;Sampled=0
x-amzn-remapped-date: Fri, 26 Aug 2022 21:20:44 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: wPBavm-n6W61qqQYyw1bFmh6eqPnVeCDfE3MS-yUB0phzf9wujSghA==
via: 1.1 34f8ef0e4c880df0650a814412a26ea6.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Sep 2022 06:32:41 GMT
age: 1593
etag: "96f3088f1361a8c7a62e36f99b4c58c49a750f95"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdde1c872-426a-4aec-b295-a2cac8b36edf.webp
34.120.237.76200 OK 4.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdde1c872-426a-4aec-b295-a2cac8b36edf.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 71bafbee3867c04c3712ff98a123d52c
ccf471cd30f5aa96f4e5fdb9e0fbbcdbb475a0bf
58ff1700e0b125caefb73719e2b3d734b2fbcc5ed1aabe5a11bb73b43edab831
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdde1c872-426a-4aec-b295-a2cac8b36edf.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4477
x-amzn-requestid: bbdca46e-5628-4faf-a0fe-ea1b5b39ac2a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YNjzaHrIoAMF-iA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631bb348-567e946e7cf77f2e11c17c97;Sampled=0
x-amzn-remapped-date: Fri, 09 Sep 2022 21:42:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: a0AyKhmYA7WPwciU2nTXwyChZV_riw1QsqI_giBIcdZhi3Nz4jM0Sw==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Sep 2022 21:59:11 GMT
age: 32403
etag: "ccf471cd30f5aa96f4e5fdb9e0fbbcdbb475a0bf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 18d9c80e93810b52880aab445613e4b7
ca08ea7190fac815eae23eb6022d7f524694a518
6ed2db33b116fbb84b14f8509886515c5b9d8277437c8ac00b5735712f7f662f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 06:59:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash e66743a6c60c1181d7f47c7f748ddfa3
97e333fac41fce213aeda4a42c79b0c5077e26c0
498cbdcbc5fed75df7e4974b21f3be66580dd169b8c82e76c69a823567e27ab6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 06:59:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-8870545-1&cid=19812372.1662793144&jid=1260669138&_u=YADAAEAAAAAAAC~&z=686667853
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-8870545-1&cid=19812372.1662793144&jid=1260669138&_u=YADAAEAAAAAAAC~&z=686667853
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-8870545-1&cid=19812372.1662793144&jid=1260669138&_u=YADAAEAAAAAAAC~&z=686667853 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anotepad.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 10 Sep 2022 06:59:14 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-8870545-1&cid=19812372.1662793144&jid=1260669138&_u=YADAAEAAAAAAAC~&z=686667853
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-8870545-1&cid=19812372.1662793144&jid=1260669138&_u=YADAAEAAAAAAAC~&z=686667853
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-8870545-1&cid=19812372.1662793144&jid=1260669138&_u=YADAAEAAAAAAAC~&z=686667853 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anotepad.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 10 Sep 2022 06:59:14 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 18d9c80e93810b52880aab445613e4b7
ca08ea7190fac815eae23eb6022d7f524694a518
6ed2db33b116fbb84b14f8509886515c5b9d8277437c8ac00b5735712f7f662f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 06:59:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 90af7f9fc306540e02535db3d00dca64
9e05b003b35ed57277b6b295adde93add7c41b0b
64abd990305ef3f25ffb3fb2ccae04b76e178375752ecb2020411df8f7974fcf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 06:59:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
forgerylimit.com/b3/7d/2f/b37d2f9324506eb3d8dc9b0489d7878c.js
192.243.59.13200 OK 13 kB URL HTTP/1.1 forgerylimit.com/b3/7d/2f/b37d2f9324506eb3d8dc9b0489d7878c.js
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (37104), with no line terminators
Hash 9da7ae75b4a7deb3ac6d374409fa8db4
6f0103b0bed59044ace8e88c86b7d6a7297f4999
ee2936b776e5dbe634a2cfd12a9722a6a9359c77f495ad90e2a49a391411227f
Analyzer Verdict Alert quad9 Sinkholed
GET /b3/7d/2f/b37d2f9324506eb3d8dc9b0489d7878c.js HTTP/1.1
Host: forgerylimit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anotepad.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sat, 10 Sep 2022 06:59:14 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ba5d1ca3ed745c8ee653b5f8b3ebcb18
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash 180750f63aa7b3ca11be257a1837e7a4
2bdea9b6f133b088143fd6fdcd5eccb4c29a1e53
1c44497894377a85da8493a8da6b8ec59f02ebf9408c0b2a6d6e72b5d7637519
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sat, 10 Sep 2022 06:59:14 GMT
Last-Modified: Sat, 10 Sep 2022 05:25:34 GMT
Server: ECS (nyb/1D1A)
X-Cache: Miss from cloudfront
Via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: IISvt-Rc4jVn1kJnX0O52z18kLCdaDuCs2MgPrBt0DX1sct9ubnFxA==
Age: 5620
simplewebanalysis.com/stats
52.28.172.243200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 52.28.172.243:0
File type ASCII text, with no line terminators
Hash 90dce2121854e40f5570b292913cc440
2d88cf536d6aee9baf65d90a5b256ff93c2f3468
f01643ee9e020a6172c1d06999e65aa32cbc18a7d5aa0ac14f66bd454b95d70f
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anotepad.com
Connection: keep-alive
Referer: https://anotepad.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 10 Sep 2022 06:59:15 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://anotepad.com
access-control-allow-credentials: true
set-cookie: uid_id2=8f0007d9-027e-43b5-909a-c97f8077f8e3:1:1; expires=Tue, 07 Sep 2032 06:59:15 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
23.38.200.123200 OK 26 kB URL HTTP/2 s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
IP 23.38.200.123:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (63757)
Hash 707317ccaabe08d32d1bd781754e6871
bb82dcd3e044c960e0861c2ce878f5504e628f78
d0a164ece41c61aec26517fb645646f5ba91f72ea5448eff1ee6c393b7c53051
GET /static/sh.f48a1a04fe8dbf021b4cda1d.html HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anotepad.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: text/html
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-11adc"
timing-allow-origin: *
cache-control: public, max-age=86313600
p3p: CP="NON ADM OUR DEV IND COM STA"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 26421
date: Sat, 10 Sep 2022 06:59:15 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2
v1.addthisedge.com/live/boost/ra-56846750fb16a611/_ate.track.config_resp
23.38.200.123200 OK 154 B URL HTTP/2 v1.addthisedge.com/live/boost/ra-56846750fb16a611/_ate.track.config_resp
IP 23.38.200.123:0
File type ASCII text, with no line terminators
Hash 1798455c51e19a1de93e52339a502e8d
a0457d200050e575fe5fce342ef18826773a19a2
3f695eaf6f5245ffc8385edd6ed3d174509a3faedc9b9e14e4bffb1f0a881fb0
GET /live/boost/ra-56846750fb16a611/_ate.track.config_resp HTTP/1.1
Host: v1.addthisedge.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anotepad.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
etag: 659743217
content-disposition: attachment; filename=1.txt
content-encoding: gzip
content-length: 154
cache-control: public, max-age=7, s-maxage=86400
date: Sat, 10 Sep 2022 06:59:15 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
creepingbrings.com/sfp.js
104.21.234.233200 OK 23 kB URL HTTP/2 creepingbrings.com/sfp.js
IP 104.21.234.233:0
File type Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Hash 2a3529cdc585755435e09d38169474c4
1384129d14eb246e940513624a876fffa8cbb836
2f9f7498fdb6253a2a5b357e5d27152af54ad0f68b576ef70f3bbbc6f8ec8a18
GET /sfp.js HTTP/1.1
Host: creepingbrings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anotepad.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 10 Sep 2022 06:59:15 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 6a1458a7394d78475defa171ecdbd932
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Sat, 10 Sep 2022 06:59:14 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NfwSUO3yrxiWYmFeDjQxGkS2A4%2B57CTuOeHggHEWJ9LumNZoGbKEJOz0L15NviR0ZxOmaZW6QNefubqgbHmd%2BlRc9JSdBCg7HLJRFWoarePoYLdvtqceW8uKOblp%2BsF6FpH9CV0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 748647a22ae88885-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1fe0327a01f21c54fc9bfc3efc87c68c
11e6ecf4707288032f021916e04ed93a46434da1
6fcc309bb04b920a7f738685e528507aeb74a0d37b935caf4c387d665c40b6de
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6FCC309BB04B920A7F738685E528507AEB74A0D37B935CAF4C387D665C40B6DE"
Last-Modified: Thu, 08 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15304
Expires: Sat, 10 Sep 2022 11:14:19 GMT
Date: Sat, 10 Sep 2022 06:59:15 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d48f198d88d137119adc51c8da2f398a
2eeab0a581a7f899201fbec3f8e309332a7b4b34
79e789ece961100679838654a3e2c2eaefaaad0481686d44b96ed83c94386b83
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "79E789ECE961100679838654A3E2C2EAEFAAAD0481686D44B96ED83C94386B83"
Last-Modified: Fri, 09 Sep 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7305
Expires: Sat, 10 Sep 2022 09:01:00 GMT
Date: Sat, 10 Sep 2022 06:59:15 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1fe0327a01f21c54fc9bfc3efc87c68c
11e6ecf4707288032f021916e04ed93a46434da1
6fcc309bb04b920a7f738685e528507aeb74a0d37b935caf4c387d665c40b6de
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6FCC309BB04B920A7F738685E528507AEB74A0D37B935CAF4C387D665C40B6DE"
Last-Modified: Thu, 08 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15304
Expires: Sat, 10 Sep 2022 11:14:19 GMT
Date: Sat, 10 Sep 2022 06:59:15 GMT
Connection: keep-alive
unseenreport.com/pxf.gif?uuid=8f0007d9-027e-43b5-909a-c97f8077f8e3&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=a1385457843ed7b58df9deca74af31e9&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=6
192.243.59.13200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=8f0007d9-027e-43b5-909a-c97f8077f8e3&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=a1385457843ed7b58df9deca74af31e9&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=6
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=8f0007d9-027e-43b5-909a-c97f8077f8e3&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=a1385457843ed7b58df9deca74af31e9&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=6 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anotepad.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sat, 10 Sep 2022 06:59:15 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 767a358c4955e018a4d697d88b294604
Strict-Transport-Security: max-age=0; includeSubdomains
unseenreport.com/pxf.gif?uuid=8f0007d9-027e-43b5-909a-c97f8077f8e3&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=b37d2f9324506eb3d8dc9b0489d7878c&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=6
192.243.59.13200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=8f0007d9-027e-43b5-909a-c97f8077f8e3&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=b37d2f9324506eb3d8dc9b0489d7878c&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=6
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=8f0007d9-027e-43b5-909a-c97f8077f8e3&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=b37d2f9324506eb3d8dc9b0489d7878c&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=6 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anotepad.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sat, 10 Sep 2022 06:59:15 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: fb2392d93249c3edc0e3bceeda87b259
Strict-Transport-Security: max-age=0; includeSubdomains
reapinject.com/sbar.json?key=b37d2f9324506eb3d8dc9b0489d7878c&uuid=8f0007d9-027e-43b5-909a-c97f8077f8e3%3A1%3A1
173.233.137.44200 OK 4.4 kB URL HTTP/1.1 reapinject.com/sbar.json?key=b37d2f9324506eb3d8dc9b0489d7878c&uuid=8f0007d9-027e-43b5-909a-c97f8077f8e3%3A1%3A1
IP 173.233.137.44:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (6184), with no line terminators
Hash c63f989bf4adf35dcef6870d443d04fb
3e6789ab8fc832e7dc2183331439f13266301da6
82b052e857cfd377aa6ddf29c71509c6a055445f529236313ea332c24a4b5b33
Analyzer Verdict Alert quad9 Sinkholed
GET /sbar.json?key=b37d2f9324506eb3d8dc9b0489d7878c&uuid=8f0007d9-027e-43b5-909a-c97f8077f8e3%3A1%3A1 HTTP/1.1
Host: reapinject.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anotepad.com
Connection: keep-alive
Referer: https://anotepad.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 10 Sep 2022 06:59:16 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://anotepad.com
Access-Control-Allow-Origin: https://anotepad.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=15950569; expires=Sun, 11 Sep 2022 06:59:15 GMT; secure; SameSite=None
uid_id2=8f0007d9-027e-43b5-909a-c97f8077f8e3:1:1; expires=Sat, 17 Sep 2022 06:59:15 GMT; secure; SameSite=None
pdhtkv=true; expires=Sun, 11 Sep 2022 06:59:16 GMT; secure; SameSite=None
uncs=1; expires=Sun, 11 Sep 2022 06:59:16 GMT; secure; SameSite=None
pdhtkv29=true; expires=Sun, 11 Sep 2022 06:59:16 GMT; secure; SameSite=None
uncs29=1; expires=Sun, 11 Sep 2022 06:59:16 GMT; secure; SameSite=None
slecb37d2f9324506eb3d8dc9b0489d7878c=[3520333]; expires=Sat, 10 Sep 2022 06:59:21 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e08af1ad3379e1dc1d788a2a80d90a23
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
reapinject.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scxR%2BtTha%2BX%2FGkBEWIYQ45KLiz3T0%2FutscgjGuBDc%2FTBS9SXVV9aTc6q6mqnt6sqfFoATxMIJ%2FQM%2Bb3SzqIupFLwadXRBcEHY87cE9K3pbyMWLzGRx9QPF51W9V%2FA%2Br%2BqDUXlIXJT04PJVvSaVokudptt47m3Pu9BYkVk5aAzC7jvd9oWG6b8YdZvu841XBVvVS77rua7neo1laUSiB0szEjLfjrxm5DbbftPrtDEw%2F93b0oGlDnj%2FkDwJyacLu84ZSDZBln55WdjVQucvvJKWihbaoM%2B33sxWM11lSE9gYhwk2daxGtruLz%2BAzjbndqH7%2FwhjOSXOjw8QZ1vHJhH3N%2BY%2BYwWRIeaPo%2BpPINQEkk7A9F1Ivk8AxnHtOrL0%2FjVtKnrnEUtn7JQsPDyCrKZk4dczyNIvLik5aNzSqiykziwGSQ05mED2JsjLHRRrpyCrHbDiPUj%2BM1l6uIIs3bhulYbkB%2BfDxHXdgEeLrh%2BIxXYr7ixGbkQXWRQkoRsESSha84CknEAmEygxBLUOytmSDsrEQZk7SPlBg3meF7icUTeMGGvxQMRd7no0SDzqud0QJZvNMESRD8HUEMysIzfrWJVDmPJ72Ns1LHdgC4I%2Br1EJgsoSVJSgkgRVQVD1602urG%2Fr%2B1zZMvaOu3%2FcW%2FVYF70R3dRFT2RklB%2BSJ%2BbBHcW%2FY1UcNOJWwP0kavntjtsVcYuHnEWx2w4jHoRByGBlDWlPzcdck1Py1P%2B3kcspWfjfJ4jpDqzaAZOnQMtnQatx4Lugt8ft0MVatk0zXYic8ibTKbiukRcLKO44I3VInpn76HxzFYLtXfzhj%2FfPffv6n2CmRm5qvCt3CXrq3vimrsjGTV1Z8tX1vJCpXKOzx71V0EKc%2Fuw1cafShl%2B5bIefvsRmxAxuvyFssUIzLrOeJZ9fkpwLs6wNE%2BS7K%2FYtEd8o7e1LpcnKfOXGy8tX0twIa6XOJqBy334EJqfkMarnv%2Fbs0x9CmglMWSMt98hxQeodsHwdNj9xb%2FVpGHWiiXMHVVmPjR%2BfHCo5Jf7RT1Bi7%2BLX66O%2Ffts9DxrXsOJfF0%2FwyN5Dz5wDLe4iS2v0TY2%2BqkHVELY8PS5ys3fxl9a8ECtnHCvjbMTKqI8fxWvlQSNotVzajTpeEFARxG0%2FTLoep9Rvd%2F1ul7ZQ2Ck729n9GwAA%2F%2F8BAAD%2F%2FyqlM8uEBAAA
173.233.137.44200 OK 7 B URL HTTP/1.1 reapinject.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scxR%2BtTha%2BX%2FGkBEWIYQ45KLiz3T0%2FutscgjGuBDc%2FTBS9SXVV9aTc6q6mqnt6sqfFoATxMIJ%2FQM%2Bb3SzqIupFLwadXRBcEHY87cE9K3pbyMWLzGRx9QPF51W9V%2FA%2Br%2BqDUXlIXJT04PJVvSaVokudptt47m3Pu9BYkVk5aAzC7jvd9oWG6b8YdZvu841XBVvVS77rua7neo1laUSiB0szEjLfjrxm5DbbftPrtDEw%2F93b0oGlDnj%2FkDwJyacLu84ZSDZBln55WdjVQucvvJKWihbaoM%2B33sxWM11lSE9gYhwk2daxGtruLz%2BAzjbndqH7%2FwhjOSXOjw8QZ1vHJhH3N%2BY%2BYwWRIeaPo%2BpPINQEkk7A9F1Ivk8AxnHtOrL0%2FjVtKnrnEUtn7JQsPDyCrKZk4dczyNIvLik5aNzSqiykziwGSQ05mED2JsjLHRRrpyCrHbDiPUj%2BM1l6uIIs3bhulYbkB%2BfDxHXdgEeLrh%2BIxXYr7ixGbkQXWRQkoRsESSha84CknEAmEygxBLUOytmSDsrEQZk7SPlBg3meF7icUTeMGGvxQMRd7no0SDzqud0QJZvNMESRD8HUEMysIzfrWJVDmPJ72Ns1LHdgC4I%2Br1EJgsoSVJSgkgRVQVD1602urG%2Fr%2B1zZMvaOu3%2FcW%2FVYF70R3dRFT2RklB%2BSJ%2BbBHcW%2FY1UcNOJWwP0kavntjtsVcYuHnEWx2w4jHoRByGBlDWlPzcdck1Py1P%2B3kcspWfjfJ4jpDqzaAZOnQMtnQatx4Lugt8ft0MVatk0zXYic8ibTKbiukRcLKO44I3VInpn76HxzFYLtXfzhj%2FfPffv6n2CmRm5qvCt3CXrq3vimrsjGTV1Z8tX1vJCpXKOzx71V0EKc%2Fuw1cafShl%2B5bIefvsRmxAxuvyFssUIzLrOeJZ9fkpwLs6wNE%2BS7K%2FYtEd8o7e1LpcnKfOXGy8tX0twIa6XOJqBy334EJqfkMarnv%2Fbs0x9CmglMWSMt98hxQeodsHwdNj9xb%2FVpGHWiiXMHVVmPjR%2BfHCo5Jf7RT1Bi7%2BLX66O%2Ffts9DxrXsOJfF0%2FwyN5Dz5wDLe4iS2v0TY2%2BqkHVELY8PS5ys3fxl9a8ECtnHCvjbMTKqI8fxWvlQSNotVzajTpeEFARxG0%2FTLoep9Rvd%2F1ul7ZQ2Ck729n9GwAA%2F%2F8BAAD%2F%2FyqlM8uEBAAA
IP 173.233.137.44:0
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scxR%2BtTha%2BX%2FGkBEWIYQ45KLiz3T0%2FutscgjGuBDc%2FTBS9SXVV9aTc6q6mqnt6sqfFoATxMIJ%2FQM%2Bb3SzqIupFLwadXRBcEHY87cE9K3pbyMWLzGRx9QPF51W9V%2FA%2Br%2BqDUXlIXJT04PJVvSaVokudptt47m3Pu9BYkVk5aAzC7jvd9oWG6b8YdZvu841XBVvVS77rua7neo1laUSiB0szEjLfjrxm5DbbftPrtDEw%2F93b0oGlDnj%2FkDwJyacLu84ZSDZBln55WdjVQucvvJKWihbaoM%2B33sxWM11lSE9gYhwk2daxGtruLz%2BAzjbndqH7%2FwhjOSXOjw8QZ1vHJhH3N%2BY%2BYwWRIeaPo%2BpPINQEkk7A9F1Ivk8AxnHtOrL0%2FjVtKnrnEUtn7JQsPDyCrKZk4dczyNIvLik5aNzSqiykziwGSQ05mED2JsjLHRRrpyCrHbDiPUj%2BM1l6uIIs3bhulYbkB%2BfDxHXdgEeLrh%2BIxXYr7ixGbkQXWRQkoRsESSha84CknEAmEygxBLUOytmSDsrEQZk7SPlBg3meF7icUTeMGGvxQMRd7no0SDzqud0QJZvNMESRD8HUEMysIzfrWJVDmPJ72Ns1LHdgC4I%2Br1EJgsoSVJSgkgRVQVD1602urG%2Fr%2B1zZMvaOu3%2FcW%2FVYF70R3dRFT2RklB%2BSJ%2BbBHcW%2FY1UcNOJWwP0kavntjtsVcYuHnEWx2w4jHoRByGBlDWlPzcdck1Py1P%2B3kcspWfjfJ4jpDqzaAZOnQMtnQatx4Lugt8ft0MVatk0zXYic8ibTKbiukRcLKO44I3VInpn76HxzFYLtXfzhj%2FfPffv6n2CmRm5qvCt3CXrq3vimrsjGTV1Z8tX1vJCpXKOzx71V0EKc%2Fuw1cafShl%2B5bIefvsRmxAxuvyFssUIzLrOeJZ9fkpwLs6wNE%2BS7K%2FYtEd8o7e1LpcnKfOXGy8tX0twIa6XOJqBy334EJqfkMarnv%2Fbs0x9CmglMWSMt98hxQeodsHwdNj9xb%2FVpGHWiiXMHVVmPjR%2BfHCo5Jf7RT1Bi7%2BLX66O%2Ffts9DxrXsOJfF0%2FwyN5Dz5wDLe4iS2v0TY2%2BqkHVELY8PS5ys3fxl9a8ECtnHCvjbMTKqI8fxWvlQSNotVzajTpeEFARxG0%2FTLoep9Rvd%2F1ul7ZQ2Ck729n9GwAA%2F%2F8BAAD%2F%2FyqlM8uEBAAA HTTP/1.1
Host: reapinject.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anotepad.com/
Cookie: u_pl=15950569; uid_id2=8f0007d9-027e-43b5-909a-c97f8077f8e3:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecb37d2f9324506eb3d8dc9b0489d7878c=[3520333]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 10 Sep 2022 06:59:16 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 094ee28a50cf0ab914d0d9cde2596677
Strict-Transport-Security: max-age=0; includeSubdomains
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 142f92ab885d0446b4ac2b40619a6456
28535d1e4a2d387da2c4b2f69b8e330a3c5509f9
4cd8de918d644d5206bab46fd255d3967bb28445c9e5de29cba85675d88176de
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4CD8DE918D644D5206BAB46FD255D3967BB28445C9E5DE29CBA85675D88176DE"
Last-Modified: Sat, 10 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15442
Expires: Sat, 10 Sep 2022 11:16:38 GMT
Date: Sat, 10 Sep 2022 06:59:16 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 344 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 11a62de4541037ab66a1ee3a198916bd
767beb0fd7d3ef086d2dff0a984f54f6b6f9d0e4
1f6a4b80a80691e041057bf8a0a5beb9440df1a1a9af8d2447af252055850d1a
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "1F6A4B80A80691E041057BF8A0A5BEB9440DF1A1A9AF8D2447AF252055850D1A"
Last-Modified: Sat, 10 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4530
Expires: Sat, 10 Sep 2022 08:14:46 GMT
Date: Sat, 10 Sep 2022 06:59:16 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 344 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 11a62de4541037ab66a1ee3a198916bd
767beb0fd7d3ef086d2dff0a984f54f6b6f9d0e4
1f6a4b80a80691e041057bf8a0a5beb9440df1a1a9af8d2447af252055850d1a
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "1F6A4B80A80691E041057BF8A0A5BEB9440DF1A1A9AF8D2447AF252055850D1A"
Last-Modified: Sat, 10 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4530
Expires: Sat, 10 Sep 2022 08:14:46 GMT
Date: Sat, 10 Sep 2022 06:59:16 GMT
Connection: keep-alive
cdn.barscreative1.com/sb/au/5d/1e/66/5d1e6654b79f5bf053b789353432e45e/1613739250.html
45.133.44.4200 OK 693 B URL HTTP/2 cdn.barscreative1.com/sb/au/5d/1e/66/5d1e6654b79f5bf053b789353432e45e/1613739250.html
IP 45.133.44.4:0
ASN #39572 DataWeb Global Group B.V.
Hash a8ca8f4bf8fcbefb048c757964c1e9b2
d643afd282ac2ad91df8672f9f2878047107d987
402c2a84bc70c6fa1cf867b2f6c3dea9f73f4417a2fa69dde13bfa9baec78f71
Analyzer Verdict Alert fortinet Phishing
GET /sb/au/5d/1e/66/5d1e6654b79f5bf053b789353432e45e/1613739250.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anotepad.com
Connection: keep-alive
Referer: https://anotepad.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 10 Sep 2022 06:59:16 GMT
content-type: text/html; charset=utf-8
server: nginx/1.17.6
last-modified: Fri, 19 Feb 2021 12:54:16 GMT
etag: W/"602fb4f8-4fa"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Sat, 10 Sep 2022 07:59:16 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2
cdn.sb4you1.com/sb/ssp/utility/social-media/whatsapp/img/close.svg
172.67.183.56200 OK 929 B URL HTTP/2 cdn.sb4you1.com/sb/ssp/utility/social-media/whatsapp/img/close.svg
IP 172.67.183.56:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash eb5076cb28ee7a57535e763bdb7a0b59
173335149d37337e9f97863cb63ea63d94bf16d6
1d9a79658465773649be775c13d7e1dd691b2d0b5adff4cc0b29696f6b29e388
GET /sb/ssp/utility/social-media/whatsapp/img/close.svg HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Sep 2022 06:59:16 GMT
content-type: image/svg+xml
last-modified: Thu, 11 Feb 2021 15:19:43 GMT
etag: W/"60254b0f-52a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 3272092
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=82ChLtAL6CXOQCcEnmer9dVrQ005NuzM6EJp1KyrlRwryWz9rk86hc4XBpS9%2B%2BBdQfZJ6HjRRB%2BKwdaBB%2BP3dcDSYcOUptpo5U7KhRNLDr%2Bq8jfZNQVXiYGUzLvqbZyLBN4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 748647ad0a73b4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 1.2 kB IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
File type gzip compressed data, max compression\012- data
Hash 0cac9a497c9442f62704561508c38ef8
3daf66905828d4d3c3a41a772d4a97f4121c2348
fefe342b5c82ae190b938ace8670b56c431410670a84d6e1d958409001d42790
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "46FA93A75D4BB081E5F0E3C098D97E5B9364364D29F6B1C814AE582DC675C110"
Last-Modified: Fri, 09 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4863
Expires: Sat, 10 Sep 2022 08:20:19 GMT
Date: Sat, 10 Sep 2022 06:59:16 GMT
Connection: keep-alive
cdn.cloudimagesb.com/si/5a/64/23/5a6423eabb734da73b97371ea67be959/1658144657.jpg
45.133.44.10200 OK 17 kB URL HTTP/2 cdn.cloudimagesb.com/si/5a/64/23/5a6423eabb734da73b97371ea67be959/1658144657.jpg
IP 45.133.44.10:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\012- data
Hash c22ff55c863b2414205b04cc3747edfb
5490b3da882c95fa66913143eb4d472457c0e045
b3f3ebb3a107d88eb97d98ef637c97f2315f1186b52a38fd3a10af6868c8452b
GET /si/5a/64/23/5a6423eabb734da73b97371ea67be959/1658144657.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 10 Sep 2022 06:59:16 GMT
content-type: image/jpeg
content-length: 16979
server: nginx/1.17.6
last-modified: Mon, 18 Jul 2022 11:44:25 GMT
etag: "62d54799-4253"
expires: Mon, 12 Sep 2022 06:59:16 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.sb4you1.com/sb/ssp/utility/social-media/whatsapp/css/animate.css
172.67.183.56200 OK 5.0 kB URL HTTP/2 cdn.sb4you1.com/sb/ssp/utility/social-media/whatsapp/css/animate.css
IP 172.67.183.56:0
Hash cc5ad29d14968afd704f7d2dea376348
2d52547b7da3d8101cb826b2811b21d4fcec0ae7
1b6df77f4a8e9c6f4726e2f85fa157a5ebb4e1e7706f9d7f766566b44dfbf4cd
GET /sb/ssp/utility/social-media/whatsapp/css/animate.css HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anotepad.com
Connection: keep-alive
Referer: https://anotepad.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 10 Sep 2022 06:59:16 GMT
content-type: text/css
last-modified: Sat, 20 Feb 2021 08:44:40 GMT
etag: W/"6030cbf8-1358d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qz2UqEcEoSymOEEHntzYAiOdzWDPNrCtLXZqg7FN1blpSWB9dIywdb9HnbLFZwB2nbhTCwODO8O7RRj12LtCkEEVSJI4h5fZ2S5LDM9DnUW7PKQj8u5JAD4CcfmFe65zl0w%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 748647acaa02b4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://anotepad.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Sep 2022 19:34:08 GMT
expires: Thu, 07 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 213909
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://anotepad.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Sep 2022 19:34:08 GMT
expires: Thu, 07 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 213909
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
reapinject.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fssp%2Futility%2Fsocial-media%2Fwhatsapp%2Fjs%2Fscript.js&l=444&fd=336
173.233.137.44502 Bad Gateway 157 B URL HTTP/1.1 reapinject.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fssp%2Futility%2Fsocial-media%2Fwhatsapp%2Fjs%2Fscript.js&l=444&fd=336
IP 173.233.137.44:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash d41a93f6d3a61aa8e32d7a0afcfbb2d0
77718bef53accc9fd03bea992dc25e4086a17d50
3f72ba697c379550b6005be4ed325a33b228eea31e056a4dfa1150c6ace3f6cd
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fssp%2Futility%2Fsocial-media%2Fwhatsapp%2Fjs%2Fscript.js&l=444&fd=336 HTTP/1.1
Host: reapinject.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anotepad.com/
Cookie: u_pl=15950569; uid_id2=8f0007d9-027e-43b5-909a-c97f8077f8e3:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecb37d2f9324506eb3d8dc9b0489d7878c=[3520333]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 502 Bad Gateway
Server: nginx/1.19.5
Date: Sat, 10 Sep 2022 06:59:17 GMT
Content-Type: text/html
Content-Length: 157
Connection: keep-alive
cdn.sb4you1.com/sb/ssp/utility/social-media/whatsapp/css/style.css
172.67.183.56200 OK 1.6 kB URL HTTP/2 cdn.sb4you1.com/sb/ssp/utility/social-media/whatsapp/css/style.css
IP 172.67.183.56:0
Hash 505fcd91c4cf95f4e33531c1aedc2f0e
c2da69c3eb969ab2701b6041ddc52c9eafe6352d
247a553e60a5c59df153d288645d90854aa98aa8ae5065a2fdc2ce82ae2cc787
GET /sb/ssp/utility/social-media/whatsapp/css/style.css HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anotepad.com
Connection: keep-alive
Referer: https://anotepad.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 10 Sep 2022 06:59:16 GMT
content-type: text/css
last-modified: Fri, 27 Aug 2021 12:30:40 GMT
etag: W/"6128daf0-18be"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sRup8ZIBBgChvBkKVc1nGQPuHg0SxsmrzstyIVb0iqD2IsABDXvHx58LqI2LEqea6ZM8t7EeWis2YpyK%2Fa%2FFwfEBcltRuDosX89ic8vOr4Bcom1pZnmuoyFHgOgDpSEcFzs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 748647acaa06b4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
reapinject.com/pixel/sbs?c=1
173.233.137.44502 Bad Gateway 157 B URL HTTP/1.1 reapinject.com/pixel/sbs?c=1
IP 173.233.137.44:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash d41a93f6d3a61aa8e32d7a0afcfbb2d0
77718bef53accc9fd03bea992dc25e4086a17d50
3f72ba697c379550b6005be4ed325a33b228eea31e056a4dfa1150c6ace3f6cd
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbs?c=1 HTTP/1.1
Host: reapinject.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anotepad.com/
Cookie: u_pl=15950569; uid_id2=8f0007d9-027e-43b5-909a-c97f8077f8e3:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecb37d2f9324506eb3d8dc9b0489d7878c=[3520333]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 502 Bad Gateway
Server: nginx/1.19.5
Date: Sat, 10 Sep 2022 06:59:17 GMT
Content-Type: text/html
Content-Length: 157
Connection: keep-alive
cdn.sb4you1.com/sb/ssp/utility/social-media/whatsapp/js/script.js
172.67.183.56200 OK 217 B URL HTTP/2 cdn.sb4you1.com/sb/ssp/utility/social-media/whatsapp/js/script.js
IP 172.67.183.56:0
Hash deb27aa1dead3cceaea4742cfe879320
75536a9c2ff3289d861284903349f1607c1b6a8e
caa6c6869f34a13df5944d3702ad34300f50b34c5a6b6dac24124d55f27ba296
GET /sb/ssp/utility/social-media/whatsapp/js/script.js HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anotepad.com
Connection: keep-alive
Referer: https://anotepad.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 10 Sep 2022 06:59:16 GMT
content-type: application/javascript
last-modified: Sat, 20 Feb 2021 08:47:14 GMT
etag: W/"6030cc92-1bc"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RignqbtrG6tVaoIxC0WxXYtzWCpYsW5G9NZ5LtOmbHK93%2Bs7pQNy45IoWlAq3AUucx%2FQZCLPljHtIe%2B9fzenho2c0svvnhEbmDz%2FaoZq9jGWDsVI%2FO9BtvFFt3WoghIC7j4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 748647acaa07b4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff87d6b48-0caf-49d8-be21-3ec24e24374f.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff87d6b48-0caf-49d8-be21-3ec24e24374f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 478caf1cbdbafefa1b73c4e1a21e027c
90dd5e86857e7f6313bbb053baa8c1d4784d3089
0c845efdea74e5b1245ca00ea33a0b8220551d156ca34620e3d90ccb4de345dc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff87d6b48-0caf-49d8-be21-3ec24e24374f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 8706
x-amzn-requestid: 37d04670-7b5a-4cbb-ad4c-46615c604bc2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YNjzcG2moAMF30g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631bb349-5351f9c15ad587ae3c807d48;Sampled=0
x-amzn-remapped-date: Fri, 09 Sep 2022 21:42:33 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: lcckuCebVvSAYgrOAQaGKSp9Bg7RMpdpgIr_3rlRjKgn6iuIQYDHVg==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 76dcc62b68091cc715d50b5017be77fc.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Sep 2022 22:13:43 GMT
age: 31538
etag: "90dd5e86857e7f6313bbb053baa8c1d4784d3089"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
a.pub.network/core/pubfig/cls.css
104.26.1.139200 OK 0 B URL HTTP/2 a.pub.network/core/pubfig/cls.css
IP 104.26.1.139:0
GET /core/pubfig/cls.css HTTP/1.1
Host: a.pub.network
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anotepad.com
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 10 Sep 2022 06:59:13 GMT
content-type: text/css
x-guploader-uploadid: ADPycdu5cQs0MqmxMk9WexLsN-qY1u2ASg5ej6n9c-25CXtpgxe1_GpfcZ-bVW0DU5U28shU_k-bVxdYdSrdRqclXdJ6HD3wH7BT
x-goog-generation: 1620765108454625
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1752
x-goog-hash: crc32c=kjwd8A==, md5=KtQsmezne0blpCqFIHo3UA==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: *
expires: Sat, 10 Sep 2022 06:52:27 GMT
cache-control: public, max-age=3600
age: 1698
last-modified: Tue, 11 May 2021 20:31:48 GMT
etag: W/"2ad42c99ece77b46e5a42a85207a3750"
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ah1BAu%2Fh5t4mJq0wRns6yeEo92SQQBrzcOBzKslVAWFTGH0DTgi6epEIOR%2F%2FcgyG8VYxmgo%2FZAojLCK6YNrSlx6wzjfqxwEGFWEknhYnShqrVh7D%2FrStKIydGXBHFvA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 748647987dc0b512-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn.anotepad.com/bundles/site-css?v=Kj7M4AcVxzqOYDFhgQEAv7XjqjytoufAx9Fh_BQYbso1
143.204.55.59200 OK 0 B URL HTTP/2 cdn.anotepad.com/bundles/site-css?v=Kj7M4AcVxzqOYDFhgQEAv7XjqjytoufAx9Fh_BQYbso1
IP 143.204.55.59:0
GET /bundles/site-css?v=Kj7M4AcVxzqOYDFhgQEAv7XjqjytoufAx9Fh_BQYbso1 HTTP/1.1
Host: cdn.anotepad.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anotepad.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
cache-control: public
expires: Thu, 31 Aug 2023 00:13:33 GMT
last-modified: Wed, 31 Aug 2022 00:13:33 GMT
server: Microsoft-IIS/8.5
x-frame-options: SAMEORIGIN
date: Wed, 31 Aug 2022 00:13:33 GMT
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: cEAFgTACWwzpNL-zAC2VgbTNJBUOrFyho1BFPJBlvN1Didkqe1worg==
age: 888343
X-Firefox-Spdy: h2
cdn.anotepad.com/images/anotepad.svg
143.204.55.59200 OK 0 B URL HTTP/2 cdn.anotepad.com/images/anotepad.svg
IP 143.204.55.59:0
GET /images/anotepad.svg HTTP/1.1
Host: cdn.anotepad.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anotepad.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
cache-control: max-age=604800
last-modified: Sat, 13 Feb 2021 21:52:25 GMT
etag: W/"8fdbe283522d71:0"
server: Microsoft-IIS/8.5
x-frame-options: SAMEORIGIN
date: Wed, 07 Sep 2022 01:42:27 GMT
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: G5jf2Ip_9lCimdVelMYW5RjZKFKZ-t-NZDY_E_JQaKPpbTFp18__vA==
age: 278209
X-Firefox-Spdy: h2
cdn.anotepad.com/bundles/site-js?v=2gpBaaiz-7wQWwSFJEQ-e93pzFq7ieSwgnyTcQSMZ_w1
143.204.55.59200 OK 0 B URL HTTP/2 cdn.anotepad.com/bundles/site-js?v=2gpBaaiz-7wQWwSFJEQ-e93pzFq7ieSwgnyTcQSMZ_w1
IP 143.204.55.59:0
GET /bundles/site-js?v=2gpBaaiz-7wQWwSFJEQ-e93pzFq7ieSwgnyTcQSMZ_w1 HTTP/1.1
Host: cdn.anotepad.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anotepad.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
cache-control: public
expires: Thu, 31 Aug 2023 00:13:46 GMT
last-modified: Wed, 31 Aug 2022 00:13:46 GMT
server: Microsoft-IIS/8.5
x-frame-options: SAMEORIGIN
date: Wed, 31 Aug 2022 00:13:46 GMT
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Zh6AERhy6JdoXjSc-o4q6Ti7fHa0aPVjLYq7BIh5jum80-jBTNaQXQ==
age: 888330
X-Firefox-Spdy: h2