Report - anotepad.com/notes/668a5mii

Report Overview

Submitted URL
anotepad.com/notes/668a5mii
IP
207.244.104.157
ASN
#30633 LEASEWEB-USA-WDC
Submitted
2022-09-10 06:59:23
Access
public
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
16

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-17T06:30:00Z	1.4 kB	58 kB	142.250.74.163
reapinject.com	unknown	2022-08-25T15:04:49Z	2023-01-29T18:54:07Z	3.5 kB	7.3 kB	173.233.137.44
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-17T05:10:36Z	401 B	5.8 kB	143.204.55.49
www.google.com	7	2015-05-10T13:11:19Z	2023-03-17T08:02:13Z	495 B	694 B	142.250.74.164
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-17T05:10:35Z	321 B	229 B	34.117.237.239
cdn.barscreative1.com	25648	2021-09-16T13:14:42Z	2023-03-17T05:59:00Z	431 B	1.1 kB	45.133.44.4
cdn.sb4you1.com	22321	2021-09-16T13:26:58Z	2023-03-11T09:53:19Z	1.6 kB	11 kB	172.67.183.56
cdn.cloudimagesb.com	23099	2021-02-12T17:15:41Z	2023-03-17T05:59:00Z	389 B	17 kB	45.133.44.10
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-17T05:09:02Z	4.6 kB	13 kB	23.36.77.32
cdnjs.cloudflare.com	235	2015-04-17T22:46:33Z	2023-03-17T08:05:25Z	1.2 kB	107 kB	104.17.25.14
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-17T05:09:22Z	3.6 kB	7.7 kB	142.250.74.3
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-17T05:09:15Z	3.7 kB	72 kB	34.120.237.76
simplewebanalysis.com	unknown	2022-02-25T05:06:25Z	2023-03-17T05:54:55Z	373 B	405 B	52.28.172.243
creepingbrings.com	unknown	2022-05-27T16:56:26Z	2023-03-16T06:53:00Z	345 B	24 kB	104.21.234.233
a.pub.network	6324	2017-06-15T22:12:43Z	2023-03-17T09:12:05Z	362 B	1.1 kB	104.26.1.139
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-17T08:37:51Z	329 B	737 B	93.184.220.29
ocsp.sca1b.amazontrust.com	1015	2017-03-03T16:20:51Z	2019-03-27T05:05:54Z	1.0 kB	2.8 kB	143.204.42.165
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-17T05:10:36Z	594 B	127 B	52.42.74.230
m.media-amazon.com	580	2018-06-22T13:41:03Z	2023-03-17T06:21:38Z	406 B	19 kB	143.204.53.204
pl16023739.revenuenetworkcpm.com	unknown	2022-06-05T07:46:07Z	2023-01-23T14:42:44Z	397 B	18 kB	192.243.59.20
s7.addthis.com	1504	2012-05-21T05:34:04Z	2023-03-17T05:09:11Z	860 B	144 kB	23.38.200.123
region1.google-analytics.com	unknown	2022-03-17T12:26:33Z	2023-03-17T05:09:38Z	704 B	559 B	216.239.34.36
addresseepaper.com	18169	2021-11-01T22:11:31Z	2023-03-17T05:54:55Z	345 B	24 kB	104.21.234.254
www.googletagmanager.com	75	2013-05-22T04:07:37Z	2023-03-17T08:44:25Z	366 B	45 kB	142.250.74.72
z.moatads.com	374	2014-02-11T17:19:47Z	2023-03-17T05:09:11Z	375 B	1.4 kB	23.38.201.146
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-17T09:12:35Z	397 B	1.6 kB	142.250.74.10
www.google.no	25607	2016-04-05T21:50:59Z	2023-03-17T06:32:14Z	494 B	694 B	142.250.74.3
forgerylimit.com	unknown	2022-08-13T04:34:51Z	2023-02-06T13:07:31Z	381 B	14 kB	192.243.59.13
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-17T05:09:04Z	758 B	2.7 kB	143.204.55.27
cdn.anotepad.com	724042	2018-06-20T04:52:44Z	2023-03-09T07:23:15Z	3.4 kB	30 kB	143.204.55.59
cdn.shopify.com	2327	2012-06-22T20:37:14Z	2023-03-17T05:13:56Z	460 B	41 kB	104.16.255.71
www.google-analytics.com	40	2012-10-03T03:04:21Z	2023-03-17T09:19:11Z	357 B	21 kB	142.250.74.174
e1.o.lencr.org	6159	2021-08-20T09:36:30Z	2023-03-16T23:06:49Z	978 B	2.2 kB	23.36.77.32
stats.g.doubleclick.net	96	2013-06-10T22:21:11Z	2023-03-17T09:41:21Z	582 B	707 B	142.251.1.155
v1.addthisedge.com	1721	2019-05-22T20:56:22Z	2023-03-16T18:19:33Z	406 B	462 B	23.38.200.123
unseenreport.com	unknown	2022-03-30T16:33:17Z	2023-03-17T05:59:00Z	1.4 kB	846 B	192.243.59.13
anotepad.com	192286	2012-11-19T04:40:56Z	2023-03-10T08:54:07Z	1.4 kB	6.8 kB	207.244.104.157

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-09-10	medium	cdn.barscreative1.com/sb/au/5d/1e/66/5d1e6654b79f5bf053b789353432e45e/1613739250.html	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-09-09	medium	forgerylimit.com	Sinkholed
2022-09-10	medium	unseenreport.com	Sinkholed
2022-09-10	medium	unseenreport.com	Sinkholed
2022-09-09	medium	reapinject.com	Sinkholed
2022-09-09	medium	reapinject.com	Sinkholed
2022-09-09	medium	reapinject.com	Sinkholed
2022-09-09	medium	reapinject.com	Sinkholed

Files detected

URL
r3.o.lencr.org/
IP
23.36.77.32
ASN
#20940 Akamai International B.V.

File type
gzip compressed data, max compression\012- data
Size
1.2 kB (1163 bytes)
Hash
0cac9a497c9442f62704561508c38ef8
3daf66905828d4d3c3a41a772d4a97f4121c2348
fefe342b5c82ae190b938ace8670b56c431410670a84d6e1d958409001d42790

Detections

Analyzer	Verdict	Alert
VirusTotal	0/0

JavaScript (21)

	URL	Size	First Seen	Last Seen
	anotepad.com/notes/668a5mii	166 B	2023-03-17	2023-03-17
Pretty URL anotepad.com/notes/668a5mii IP 207.244.104.157 ASN #30633 LEASEWEB-USA-WDC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-17 11:40:14 Last Seen2023-03-17 11:40:14 Times Seen1 Hash 6d9c630a1be3cfd2ed248ef26a385a0d 0acb744696dbe8a882e4d8e8280e8eacf82a801c 126943652e63dbbbf2cdb2adefd6d7bcf7da705b66ea4cbe5efe6240584ff251 Loading...

	anotepad.com/notes/668a5mii	706 B	2023-03-07	2023-11-25
Pretty URL anotepad.com/notes/668a5mii IP 207.244.104.157 ASN #30633 LEASEWEB-USA-WDC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:33:42 Last Seen2023-11-25 02:48:30 Times Seen27 Hash 5d7aff84c39145baf56b3b1623a9996f 95424fdc21c6e3fe19a059d35fb23868b809a46e 0f2ddc50af3d0990a3d4596b8f99d8d1ceb3d1a3f35cecc3b39c387c56fea05d Loading...

	anotepad.com/notes/668a5mii	337 B	2023-03-07	2023-11-25
Pretty URL anotepad.com/notes/668a5mii IP 207.244.104.157 ASN #30633 LEASEWEB-USA-WDC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:33:42 Last Seen2023-11-25 02:48:30 Times Seen27 Hash 7ed8d094acd4ca41435478d71d181ff3 a8c5a39c74ed6f55d3d160f6fab48ae8ed8d06d6 5daf8f0671a577e7b3e7ed96c134a1cdfd026fa344d72a58722b402d03366068 Loading...

	unknown	0 B	2023-03-07	2024-04-24
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-24 00:57:08 Times Seen37028186 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	pl16023739.revenuenetworkcpm.com/a1/38/54/a1385457843ed7b58df9deca74af31e9.js	54 kB	2023-03-17	2023-03-17
Pretty URL pl16023739.revenuenetworkcpm.com/a1/38/54/a1385457843ed7b58df9deca74af31e9.js IP 192.243.59.20 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-17 11:40:14 Last Seen2023-03-17 11:40:14 Times Seen1 Hash 1147c0ce4d3b54caa85b7c781b6a9411 90cb38b75c3d0f335c4e90a89393deea2a8588d4 424e46d38a39001d4ecbb6ebbc19088510b69983dc1c17d6fb11e8a74df1f622 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-07	2024-04-18
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.174 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-04-18 21:14:10 Times Seen840 Hash d40531c5e99a6f84e42535859476fe35 a901817d77b2fe5259c298c91bc65c54d7f8a1a9 a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210 Loading...

	s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html#rand=0.8673361116323359&iit=1662793145600&tmr=load%3D1662793144605%26core%3D1662793144617%26main%3D1662793145598%26ifr%3D1662793145602&cb=0&cdn=0&md=0&kw=&ab=-&dh=anotepad.com&dr=&du=https%3A%2F%2Fanotepad.com%2Fnotes%2F668a5mii&href=https%3A%2F%2Fanotepad.com%2Fnotes%2F668a5mii&dt=Advantages%20of%20wearing%20the%20titanium%20sunglasses%20-%20Online%20Notepad&dbg=0&cap=tc%3D0%26ab%3D0&inst=1&jsl=1&prod=undefined&lng=en&ogt=&pc=men&pub=ra-56846750fb16a611&ssl=1&sid=631c35b8966e7b1b&srf=0.01&ver=300&xck=0&xtr=0&og=&csi=undefined&rev=v8.28.8-wp&ct=0&xld=1&xd=1	72 kB	2023-03-07	2023-05-06
Pretty URL s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html#rand=0.8673361116323359&iit=1662793145600&tmr=load%3D1662793144605%26core%3D1662793144617%26main%3D1662793145598%26ifr%3D1662793145602&cb=0&cdn=0&md=0&kw=&ab=-&dh=anotepad.com&dr=&du=https%3A%2F%2Fanotepad.com%2Fnotes%2F668a5mii&href=https%3A%2F%2Fanotepad.com%2Fnotes%2F668a5mii&dt=Advantages%20of%20wearing%20the%20titanium%20sunglasses%20-%20Online%20Notepad&dbg=0&cap=tc%3D0%26ab%3D0&inst=1&jsl=1&prod=undefined&lng=en&ogt=&pc=men&pub=ra-56846750fb16a611&ssl=1&sid=631c35b8966e7b1b&srf=0.01&ver=300&xck=0&xtr=0&og=&csi=undefined&rev=v8.28.8-wp&ct=0&xld=1&xd=1 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:57 Last Seen2023-05-06 01:05:13 Times Seen3063 Hash 7d5b5e32745c7b2e10b41554f0dc4142 2fe0a408b06fb8a44f7c1b54ad4f1b70204584ab 7eae26867a4cf6c29d2fbc4cbf3a222058ba71a9ceb7ff0d6d96c3cfb462cc81 Loading...

	www.googletagmanager.com/gtm.js?id=GTM-NQC99C3	114 kB	2023-03-17	2023-03-17
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-NQC99C3 IP 142.250.74.72 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-17 11:40:14 Last Seen2023-03-17 11:40:14 Times Seen1 Hash 8d193c73695458ffb35642766a6fe574 989349fcd510863d810dbc81af0847a83d0b012b 2d1cacfbe302643186d52eb5c6a34479babacd6c0440d3cacff0bb0818873dd8 Loading...

	www.googletagmanager.com/gtag/js?id=G-6PG3MM86KX&l=dataLayer&cx=c	214 kB	2023-03-17	2023-03-17
Pretty URL www.googletagmanager.com/gtag/js?id=G-6PG3MM86KX&l=dataLayer&cx=c IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-17 11:40:14 Last Seen2023-03-17 11:40:14 Times Seen1 Hash b73d78f7c3b8e5991bf8284f05824db7 930554a35536f48956b8bfeb0af425a33a462221 03b0bbdddd94a50e1358d8c19ef945a3b78e7007e659fcda18c67b8ff2b9d18a Loading...

	cdn.anotepad.com/bundles/site-js?v=2gpBaaiz-7wQWwSFJEQ-e93pzFq7ieSwgnyTcQSMZ_w1	19 kB	2023-03-07	2023-03-17
Pretty URL cdn.anotepad.com/bundles/site-js?v=2gpBaaiz-7wQWwSFJEQ-e93pzFq7ieSwgnyTcQSMZ_w1 IP 143.204.55.59 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:33:42 Last Seen2023-03-17 11:40:14 Times Seen1 Hash 9d7a46f8b5f8efd9ba34d4de71a0b267 6e1681746f8ee8b4835007736f6407a716d882a2 228ea2591704287cd6fda37ce63dc499e232de05886ce840f8e25fbb40552024 Loading...

	z.moatads.com/addthismoatframe568911941483/moatframe.js	1.7 kB	2023-03-07	2023-11-01
Pretty URL z.moatads.com/addthismoatframe568911941483/moatframe.js IP 23.38.201.146 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:57 Last Seen2023-11-01 14:42:28 Times Seen4278 Hash dd1a19cb8d13e4571d2b293c0a0d2ccf 18070dd5c894930a8aef7117bf8d49bd4922a723 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd Loading...

	forgerylimit.com/b3/7d/2f/b37d2f9324506eb3d8dc9b0489d7878c.js	37 kB	2023-03-17	2023-03-17
Pretty URL forgerylimit.com/b3/7d/2f/b37d2f9324506eb3d8dc9b0489d7878c.js IP 192.243.59.13 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-17 11:40:14 Last Seen2023-03-17 11:40:14 Times Seen1 Hash 23054d860d64f54c88640e6463e3676b 95b7a92bce73f09d496aefb46c23f03340dccef1 1ab30a31e28975340b0533c569fc782634edff82ba512255276ff79d5f38fb83 Loading...

	http:blank	659 B	2023-03-07	2023-03-17
Pretty URL http:blank IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 21:42:07 Last Seen2023-03-17 11:40:14 Times Seen1 Hash 75fc8e1b2ede9448b2e6ecdf2e824bc7 2d61bc3c87171fc848fe1a87c51afd3c6e97100c 82079cb7930624716fcb67c1a72e879a06d62f6076a4b45aff70d16996d8e43e Loading...

	cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js	97 kB	2023-03-07	2024-04-23
Pretty URL cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-04-23 22:40:37 Times Seen118642 Hash 4f252523d4af0b478c810c2547a63e19 5a9dcfbef655a2668e78baebeaa8dc6f41d8dabb 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404 Loading...

	cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.4.1/js/bootstrap.min.js	40 kB	2023-03-07	2024-04-23
Pretty URL cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.4.1/js/bootstrap.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-04-23 23:40:54 Times Seen12181 Hash 2f34b630ffe30ba2ff2b91e3f3c322a1 b16fd8226bd6bfb08e568f1b1d0a21d60247cefb 9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe Loading...

	anotepad.com/notes/668a5mii	83 B	2023-03-07	2023-11-25
Pretty URL anotepad.com/notes/668a5mii IP 207.244.104.157 ASN #30633 LEASEWEB-USA-WDC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:33:42 Last Seen2023-11-25 02:48:30 Times Seen27 Hash 5b9ba8c7336bc03b70ee825d67293d70 14ce9f2b7ef27b4595ce6d501388cef99ba66867 71625044733d0cbc032c032fa1f5a1ce246dd700a717165fde28dc7cf23f892a Loading...

	s7.addthis.com/js/300/addthis_widget.js#pubid=ra-56846750fb16a611	361 kB	2023-03-07	2023-11-23
Pretty URL s7.addthis.com/js/300/addthis_widget.js#pubid=ra-56846750fb16a611 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:57 Last Seen2023-11-23 23:37:41 Times Seen4632 Hash 61dcfa8958e6a7cc3f23b3b4758ee178 c4313cf29a2c056422ab798a2d088743c0972e97 acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403 Loading...

	v1.addthisedge.com/live/boost/ra-56846750fb16a611/_ate.track.config_resp	166 B	2023-03-07	2023-05-05
Pretty URL v1.addthisedge.com/live/boost/ra-56846750fb16a611/_ate.track.config_resp IP 23.38.200.123 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:33:22 Last Seen2023-05-05 09:27:43 Times Seen156 Hash ce1e291468dd80d09650c7b039de0f29 940e37be1fa48f3664d60f4585e5b738eff25f06 4cf8b4da854cac70fb514c2d255e93904353bda1fcc7229de2f59d5971d83028 Loading...

	m.addthis.com/live/red_lojson/300lo.json?si=631c35b8966e7b1b&bkl=0&bl=1&pdt=856&sid=631c35b8966e7b1b&pub=ra-56846750fb16a611&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=anotepad.com&fp=notes%2F668a5mii&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=0&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1662793145606&jsl=1&uvs=631c35b8434910c0000&skipb=1&callback=addthis.cbs.jsonp__078905325169886350	90 B	2023-03-17	2023-03-17
Pretty URL m.addthis.com/live/red_lojson/300lo.json?si=631c35b8966e7b1b&bkl=0&bl=1&pdt=856&sid=631c35b8966e7b1b&pub=ra-56846750fb16a611&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=anotepad.com&fp=notes%2F668a5mii&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=0&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1662793145606&jsl=1&uvs=631c35b8434910c0000&skipb=1&callback=addthis.cbs.jsonp__078905325169886350 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-17 11:40:14 Last Seen2023-03-17 11:40:14 Times Seen1 Hash 20fbd8a0828ac39ea03580ed0a6d86ae c8157a5d87084be0342437171c434f94bfa14c2a 9f17948902b7fe073d7f810e54ab43094815118c4a4cf05930cdbef73ff05a4c Loading...

		Size	First Seen	Last Seen
	#1 Eval - 062687690045026856f53e20000732e7	8 B	2023-03-07	2024-04-14
Pretty Observations First Seen2023-03-07 01:02:58 Last Seen2024-04-14 19:52:56 Times Seen3365 Hash 062687690045026856f53e20000732e7 907a784295139ac62a25fed0fe9636c8a3a5b3af 3c4b9b06fe520e9d07b2150eebd412a59c91d789706d99a2b2dc9bf217604d1f Loading...

	#2 Eval - 449bf5704205ea90d9021bf85b4300cd	11 B	2023-03-07	2024-04-14
Pretty Observations First Seen2023-03-07 01:02:58 Last Seen2024-04-14 19:52:56 Times Seen3353 Hash 449bf5704205ea90d9021bf85b4300cd a8401782462f9e0afe2435dea38cb79ac66d83af 8ee784d797ce97ed9716bb42682346deb0c7ae8ff75d7ad8ae60508907054c16 Loading...

HTTP Transactions (92)

URL IP Response Size

firefox.settings.services.mozilla.com/v1/

143.204.55.27

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.27:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
91dd975a7b17b2922dd23c0e49314e40
57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sat, 10 Sep 2022 06:06:26 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: YknDBV9-smzxxExy64fzgf4-c0eVhIE6-F2ngz0RX1SODFj7wmtXIQ==
Age: 3166

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f55e483f32b3fd50b1a2414aaada9b61
9d6b22edb98866e002e3b1ace44dfb0f8d00935f
4b09e1d2b887ded061e4ec5f82ec70ce699eeed428acc6b4fd3ef10ed9233c89

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4B09E1D2B887DED061E4EC5F82EC70CE699EEED428ACC6B4FD3EF10ED9233C89"
Last-Modified: Thu, 08 Sep 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4266
Expires: Sat, 10 Sep 2022 08:10:18 GMT
Date: Sat, 10 Sep 2022 06:59:12 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain

143.204.55.49

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP
143.204.55.49:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
date: Fri, 09 Sep 2022 07:17:12 GMT
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
etag: "742edb4038f38bc533514982f3d2e861"
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 8bieSres35yjqDHlGVO1bPay_fQkW8t28HtlDEtcdOBqibSm4kPE5Q==
age: 85321
X-Firefox-Spdy: h2

anotepad.com/notes/668a5mii

207.244.104.157

301 Moved Permanently

158 B

URL HTTP/1.1
anotepad.com/notes/668a5mii
IP
207.244.104.157:0
ASN
#30633 LEASEWEB-USA-WDC

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text
Size
158 B (158 bytes)
Hash
5c7ce7453823c381d60f4b6ba4c719c7
b0d93f71855d4bf6ff5fe5040548d6e06d81d5e5
e966be3b4fa5b8f19a1c39531943560949c584455a0c4eb7df5b5e2b98b12008

HTTP Headers

GET /notes/668a5mii HTTP/1.1
Host: anotepad.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
Location: https://anotepad.com/notes/668a5mii
Server: Microsoft-IIS/8.5
X-Frame-Options: SAMEORIGIN
Date: Sat, 10 Sep 2022 06:59:12 GMT
Content-Length: 158

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 10 Sep 2022 06:59:12 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.27

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.27:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sat, 10 Sep 2022 06:56:07 GMT
Cache-Control: max-age=3600
Expires: Sat, 10 Sep 2022 07:53:04 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: IVZNAwrxPXXh9JwK6BuPxEp9syRodm4yuUrfH1z5lXR3iSSydLpDyw==
Age: 185

anotepad.com/notes/668a5mii

207.244.104.157

200 OK

5.6 kB

URL HTTP/1.1
anotepad.com/notes/668a5mii
IP
207.244.104.157:0
ASN
#30633 LEASEWEB-USA-WDC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2337), with CRLF line terminators
Size
5.6 kB (5573 bytes)
Hash
b81177ecb51a96bd1e1ca930afbc4176
73b6c8163f33eceacacb1a1b010bb42611d6f901
4d4859119fb8ae05d3d60ab09ee7181574f524a7455ff27e909538f095104ddf

HTTP Headers

GET /notes/668a5mii HTTP/1.1
Host: anotepad.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Frame-Options: SAMEORIGIN
Date: Sat, 10 Sep 2022 06:59:13 GMT
Content-Length: 5573

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
d0c56e0b2955a5dd7f37ba4bbf5727b4
f435bd1f6fb8ec931f1817fe4b91e6b86a7cb14b
99f7da9dca677db8e9cec5491c0d6d8a86b9c5e907907c2fdd30973c747f4282

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6588
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 06:59:13 GMT
Last-Modified: Sat, 10 Sep 2022 05:09:25 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471

cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.4.1/css/bootstrap.min.css

104.17.25.14

200 OK

16 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.4.1/css/bootstrap.min.css
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65369)
Size
16 kB (16120 bytes)
Hash
d3a47d1d66fc94ed3f89d9e77cd1a122
92b01371dd02a4157abb9cfdfb6c63b9c7a4eee9
3b1897163caeb1738a1bc8d6ec7db9b903b3fc21d91b586714e19fedd46a3d5d

HTTP Headers

GET /ajax/libs/twitter-bootstrap/3.4.1/css/bootstrap.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anotepad.com
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 10 Sep 2022 06:59:13 GMT
content-type: text/css; charset=utf-8
content-length: 16120
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb04010-1da71"
last-modified: Mon, 04 May 2020 16:17:20 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 134379
expires: Thu, 31 Aug 2023 06:59:13 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QWSlfzk4nO%2B%2FmLCQBeG3DyG9ZpQkzgjWWlTDqXMn5t4olNrPcKI4mPKFSE%2B9hYEAthj1l%2FFoIzQaRg3OCkNsAiJFfyJbhUb1jc3FGqC9nF18M0n%2BeIbdG16EsbmQD1mkOrLjGXSR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 748647983cdbb4fa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/jqueryui/1.12.1/jquery-ui.min.js

104.17.25.14

200 OK

57 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/jqueryui/1.12.1/jquery-ui.min.js
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (32074)
Size
57 kB (57137 bytes)
Hash
8486da289409cd85cf8b6fd169c721c4
72d46568b1412639c71f218761c4e637773c4bfc
552f8314a7e6f840ab958f4a71ee38b747deb74634ea9797806f38c95b48c3ef

HTTP Headers

GET /ajax/libs/jqueryui/1.12.1/jquery-ui.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anotepad.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 10 Sep 2022 06:59:13 GMT
content-type: application/javascript; charset=utf-8
content-length: 57137
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-3dee5"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 8233602
expires: Thu, 31 Aug 2023 06:59:13 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=efsmpuBqGYT1K44KlWEezLfBmmV%2Bxs0V7onNqm5MLmJgD5lLQrCWFpwU15rJOby3eWAnPoPQdPJcAp2RYOuQt58dluuFZJvUvt8MnSE7t4UnPLaYB%2FZ4oh8nKrLqmt%2FsyNBpUFG0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 748647985cfbb4fa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js

104.17.25.14

200 OK

30 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (32077)
Size
30 kB (30360 bytes)
Hash
5e4764d3c94d1a1db8c3d0890278b6d1
e5171f2f46e16d32df5f634ba21e47256fa9689c
5077e8927721a6a3ae5d78b456b7041230d627774a0a319beebacc88290b8328

HTTP Headers

GET /ajax/libs/jquery/1.12.4/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anotepad.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 10 Sep 2022 06:59:13 GMT
content-type: application/javascript; charset=utf-8
content-length: 30360
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-17b8b"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 137307
expires: Thu, 31 Aug 2023 06:59:13 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6RVQmSJUc1XzbDh%2BoeZ8Mjv9IlEZOtLgieaY6%2Bg6PjOuuUhCSuSXmcUPpspV37fi96rrCF95L%2FrWA8CPbFkkWSurKtDkS5nQ3GsfS%2BQQazcGQ7oR70tZv8yoEA7RJ1U8y%2FRB%2BGtS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 748647986d01b4fa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f8d4710e8d9efc59480e7a5b754d7534
7dce3ecea113a5fb2391c5a632e1dfb5a0eb77ee
fbf214f8c3a82c07b128679f898006aba69a2e6e75bf261ab1ca28c86ac3b7f7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FBF214F8C3A82C07B128679F898006ABA69A2E6E75BF261AB1CA28C86AC3B7F7"
Last-Modified: Wed, 07 Sep 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2150
Expires: Sat, 10 Sep 2022 07:35:03 GMT
Date: Sat, 10 Sep 2022 06:59:13 GMT
Connection: keep-alive

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
a4ae55dbf8e22a357ee36e37fafa37af
18d33f606a8bc692802cfaa3a22ceb4a5eedca8c
8343a46c0a87b15be71cab0ae84912ed07d3104d4b621c55e3cd69367f58ebb6

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 06:59:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googletagmanager.com/gtm.js?id=GTM-NQC99C3

142.250.74.72

200 OK

44 kB

URL HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-NQC99C3
IP
142.250.74.72:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1615)
Size
44 kB (44160 bytes)
Hash
bfe23233c965e4df9a73ad93600b5437
8789feddfe715bbfc15cbfe05aa805c7f76fbe63
57a8d65acc9749ed6c92505f8d51be19d4276616ca4812127289333e36fd1bbb

HTTP Headers

GET /gtm.js?id=GTM-NQC99C3 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anotepad.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 10 Sep 2022 06:59:13 GMT
expires: Sat, 10 Sep 2022 06:59:13 GMT
cache-control: private, max-age=900
last-modified: Sat, 10 Sep 2022 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44160
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
a4ae55dbf8e22a357ee36e37fafa37af
18d33f606a8bc692802cfaa3a22ceb4a5eedca8c
8343a46c0a87b15be71cab0ae84912ed07d3104d4b621c55e3cd69367f58ebb6

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 06:59:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.sca1b.amazontrust.com/

143.204.42.165

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.165:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
1891f5b5d3486cc8608b3b431568569c
95558560c5dd9e1e2b6818d5ecab49cf4bf2979f
9bd42dd211b9d70b9cbcb28b3daebf8412296f3d3614629909c3aa265ff7aa5d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sat, 10 Sep 2022 06:59:13 GMT
Etag: "631b5d84-1d7"
Last-Modified: Sat, 10 Sep 2022 06:43:15 GMT
Server: ECS (dcb/7F3A)
X-Cache: Miss from cloudfront
Via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: pnjw3-gXPSY4815wGYHUJDSq4qBgcrWFZApHnYnZX8Thzlfg3CUWVg==
Age: 959

cdn.anotepad.com/images/badge_applestore.png

143.204.55.59

200 OK

3.1 kB

URL HTTP/2
cdn.anotepad.com/images/badge_applestore.png
IP
143.204.55.59:0
ASN
#16509 AMAZON-02

File type
PNG image data, 239 x 80, 8-bit colormap, non-interlaced\012- data
Size
3.1 kB (3050 bytes)
Hash
4e97ce0a8ea4025ed15e9c19079ca4b6
948efc3776eb186349cf0cec535a82833c56cd6f
7f9164a13476744c911fea7dbab9a2924750f69f82ec1d51d2a09e64638952c0

HTTP Headers

GET /images/badge_applestore.png HTTP/1.1
Host: cdn.anotepad.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anotepad.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 3050
last-modified: Sun, 12 Jan 2020 18:32:03 GMT
accept-ranges: bytes
server: Microsoft-IIS/8.5
x-frame-options: SAMEORIGIN
cache-control: max-age=604800
date: Sun, 04 Sep 2022 05:47:55 GMT
etag: "82bdb9576c9d51:0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: frSCtPx74T1RGQTnQZMOlInt_UuV9qI5oPvBNon8nXXELNukL-JhJA==
age: 522678
X-Firefox-Spdy: h2

cdn.anotepad.com/images/badge_playstore.png

143.204.55.59

200 OK

3.7 kB

URL HTTP/2
cdn.anotepad.com/images/badge_playstore.png
IP
143.204.55.59:0
ASN
#16509 AMAZON-02

File type
PNG image data, 270 x 80, 8-bit colormap, non-interlaced\012- data
Size
3.7 kB (3709 bytes)
Hash
d4ce4d823f6777f6c4997ad89d50d8fc
3c61260e346bb30109d29009fb90b0625cb1be60
f45f42097ab97da2bd3034f5f7331e2283a38f7147638825cd71912fe8dcbbb6

HTTP Headers

GET /images/badge_playstore.png HTTP/1.1
Host: cdn.anotepad.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anotepad.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 3709
last-modified: Sun, 12 Jan 2020 18:32:03 GMT
accept-ranges: bytes
server: Microsoft-IIS/8.5
x-frame-options: SAMEORIGIN
cache-control: max-age=604800
date: Fri, 09 Sep 2022 14:20:22 GMT
etag: "bf8eda9576c9d51:0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: V7avzmJFaFjjKcgSnNkYr7P4NF8rHZPKVWHiLrdgWv9Z6pr96aMpoA==
age: 59936
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
f1fa8224847ea7d9b4dc8e598fae4142
cb703a2944e58d97dd48a7e56ee9f4510ced78b4
920094aad2886535e2ba9e38d4731f63fbde93038d92b38f0030b0a0f47c2ac8

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 06:59:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

push.services.mozilla.com/

52.42.74.230

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.42.74.230:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 4nxc9oYUUIZ415yPj34MHw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 5+MdmuXcycZsfs7PSjJTD7MUUIY=

cdn.anotepad.com/Images/icons/icon_language_light.png

143.204.55.59

200 OK

2.8 kB

URL HTTP/2
cdn.anotepad.com/Images/icons/icon_language_light.png
IP
143.204.55.59:0
ASN
#16509 AMAZON-02

File type
PNG image data, 96 x 96, 8-bit/color RGBA, non-interlaced\012- data
Size
2.8 kB (2752 bytes)
Hash
41246beeea403683c91ce0c8f754bd8c
d89c21eb936491b8ba00b09fd9351813643961cd
84d8eb6af559cc3d679dcbbdc021f2bcd43b699edaf99c7443b0e30c1e65e205

HTTP Headers

GET /Images/icons/icon_language_light.png HTTP/1.1
Host: cdn.anotepad.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.anotepad.com/bundles/site-css?v=Kj7M4AcVxzqOYDFhgQEAv7XjqjytoufAx9Fh_BQYbso1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 2752
last-modified: Thu, 16 Dec 2021 08:59:54 GMT
accept-ranges: bytes
server: Microsoft-IIS/8.5
x-frame-options: SAMEORIGIN
cache-control: max-age=604800
date: Sun, 04 Sep 2022 20:09:59 GMT
etag: "061b44a5bf2d71:0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Wqw05UCdlHk_2dOEKmH7QLMrODPQ8mJEyuKAJrYw9nih-WzDcWD1kg==
age: 470955
X-Firefox-Spdy: h2

cdn.anotepad.com/Images/icon_sprites.png?v1

143.204.55.59

200 OK

15 kB

URL HTTP/2
cdn.anotepad.com/Images/icon_sprites.png?v1
IP
143.204.55.59:0
ASN
#16509 AMAZON-02

File type
PNG image data, 1824 x 48, 8-bit/color RGBA, non-interlaced\012- data
Size
15 kB (14982 bytes)
Hash
f32de01b6b72a3232f70853b25b9ca75
f97632426ea1e1c9b8031cd67e4c903d3cf94661
f01231a50ecc9c14b80f5f743ed5aeeec39f27867fb70b9b8e79f836f4af078f

HTTP Headers

GET /Images/icon_sprites.png?v1 HTTP/1.1
Host: cdn.anotepad.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.anotepad.com/bundles/site-css?v=Kj7M4AcVxzqOYDFhgQEAv7XjqjytoufAx9Fh_BQYbso1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 14982
last-modified: Sat, 13 Nov 2021 20:56:42 GMT
accept-ranges: bytes
server: Microsoft-IIS/8.5
x-frame-options: SAMEORIGIN
date: Fri, 09 Sep 2022 18:01:25 GMT
cache-control: max-age=604800
etag: "47835cf6d0d8d71:0"
x-cache: Hit from cloudfront
via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: U5p6aEW_pC_5x8bJrlA5dkn1W0bPuI4TdGuK-UUHkNG_2k0Pppk6PQ==
age: 185129
X-Firefox-Spdy: h2

m.media-amazon.com/images/I/61CKAfyRmpL._UX569_.jpg

143.204.53.204

200 OK

18 kB

URL HTTP/2
m.media-amazon.com/images/I/61CKAfyRmpL._UX569_.jpg
IP
143.204.53.204:0
ASN
#16509 AMAZON-02

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 569x569, components 3\012- data
Size
18 kB (18291 bytes)
Hash
2fc01414931d4c563a38880c82b5f703
33fc85391a976f5d416d9841be6a5a9f7ba2b312
ca2667b845d7af3b6bd962599206b9726f960b814e6690e9ba7c5d3f70d7036d

HTTP Headers

GET /images/I/61CKAfyRmpL._UX569_.jpg HTTP/1.1
Host: m.media-amazon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anotepad.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
content-length: 18291
server: Server
date: Sat, 10 Sep 2022 06:59:13 GMT
x-amz-ir-id: b35f6e69-be39-4da2-b9ed-8db8e8d5184e
expires: Fri, 05 Sep 2042 06:59:13 GMT
cache-control: max-age=630720000,public
surrogate-key: x-cache-031 /images/I/61CKAfyRmpL
timing-allow-origin: https://www.amazon.in, https://www.amazon.com
edge-cache-tag: x-cache-031,/images/I/61CKAfyRmpL
access-control-allow-origin: *
last-modified: Mon, 16 Sep 2019 03:12:48 GMT
x-nginx-cache-status: MISS
accept-ranges: bytes
x-cache: Miss from cloudfront
via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: oYo8A3t51NKK_IP7Qu6bDf6rkVOhJ-PR8DzMYMcHuBG27UzhNvX2Xw==
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Lato:wght@700&display=swap

142.250.74.10

200 OK

816 B

URL HTTP/2
fonts.googleapis.com/css2?family=Lato:wght@700&display=swap
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type
data
Size
816 B (816 bytes)
Hash
f30e620995ea7d19d8585ce4f1e7d39d
ef6242ec469480e69679ece2b029df8f3f1aef3c
0d4e51bcd42026d325b91818c538a932dcbb101beb081952e5dcd6bc44f2c2a6

HTTP Headers

GET /css2?family=Lato:wght@700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.anotepad.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 10 Sep 2022 06:59:13 GMT
date: Sat, 10 Sep 2022 06:59:13 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
ebc205cf750164c31d1fce2318d1636b
9309949107d69193b1c5156d45fbcc91e20a0fe4
4ab7f53d17c5d642e17a3e78aa93dc133c4713e44ccccb849f04fdcca62be8b6

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 06:59:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2

142.250.74.163

200 OK

23 kB

URL HTTP/2
fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 23040, version 1.0\012- data
Size
23 kB (23040 bytes)
Hash
de69cf9e514df447d1b0bb16f49d2457
2ac78601179c3a63ba3f3f3081556b12ddcaf655
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

HTTP Headers

GET /s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://anotepad.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23040
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Sep 2022 17:10:21 GMT
expires: Wed, 06 Sep 2023 17:10:21 GMT
cache-control: public, max-age=31536000
age: 308932
last-modified: Tue, 26 Apr 2022 15:56:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
ebc205cf750164c31d1fce2318d1636b
9309949107d69193b1c5156d45fbcc91e20a0fe4
4ab7f53d17c5d642e17a3e78aa93dc133c4713e44ccccb849f04fdcca62be8b6

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 06:59:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.sca1b.amazontrust.com/

143.204.42.165

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.165:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
1891f5b5d3486cc8608b3b431568569c
95558560c5dd9e1e2b6818d5ecab49cf4bf2979f
9bd42dd211b9d70b9cbcb28b3daebf8412296f3d3614629909c3aa265ff7aa5d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Sat, 10 Sep 2022 06:59:13 GMT
Server: ECS (dcb/7F83)
X-Cache: Miss from cloudfront
Via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: eYYuBF524FmOKLJFrjClUv2TFGfi8N4yS7bEKzuABf5tvZFaz3XQSw==

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5d9b07d3f293c8eb49e0af9881d13a96
027ad53686950d9d25d2b587d8d72b21faa19fcd
1b10b671558f5624d79ace9f14108a3837d932e68336f922f824f9dcaf79f9b8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1B10B671558F5624D79ACE9F14108A3837D932E68336F922F824F9DCAF79F9B8"
Last-Modified: Fri, 09 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17678
Expires: Sat, 10 Sep 2022 11:53:51 GMT
Date: Sat, 10 Sep 2022 06:59:13 GMT
Connection: keep-alive

anotepad.com/note/loadcomment

207.244.104.157

200 OK

360 B

URL HTTP/1.1
anotepad.com/note/loadcomment
IP
207.244.104.157:0
ASN
#30633 LEASEWEB-USA-WDC

File type
ASCII text, with CRLF line terminators
Size
360 B (360 bytes)
Hash
69e62c5f90ce8a3578aae9ea26cb5221
d53f0f16cc1878e6065ef412c63df58e39d47b3a
f185010745652a05abd30200b26d0203cd9b2604646f7f585f9977fcdd214402

HTTP Headers

POST /note/loadcomment HTTP/1.1
Host: anotepad.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 19
Origin: https://anotepad.com
Connection: keep-alive
Referer: https://anotepad.com/notes/668a5mii
Cookie: _ga_6PG3MM86KX=GS1.1.1662793144.1.0.1662793144.0.0.0; _ga=GA1.1.19812372.1662793144
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Frame-Options: SAMEORIGIN
Date: Sat, 10 Sep 2022 06:59:13 GMT
Content-Length: 360

pl16023739.revenuenetworkcpm.com/a1/38/54/a1385457843ed7b58df9deca74af31e9.js

192.243.59.20

200 OK

17 kB

URL HTTP/1.1
pl16023739.revenuenetworkcpm.com/a1/38/54/a1385457843ed7b58df9deca74af31e9.js
IP
192.243.59.20:0
ASN
#39572 DataWeb Global Group B.V.

File type
ASCII text, with very long lines (53717), with no line terminators
Size
17 kB (17160 bytes)
Hash
42d1cdf1795262e809125ee0d6be1379
a881adf31b01184e6ddff8596fb2626e5fc3cde4
4a19a01500f2b9b1c25087b4b3d5d0c99fc0050600ba95c6a2f50a8e7ebb0673

HTTP Headers

GET /a1/38/54/a1385457843ed7b58df9deca74af31e9.js HTTP/1.1
Host: pl16023739.revenuenetworkcpm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anotepad.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Sat, 10 Sep 2022 06:59:13 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: cd853c8fb2b585b6464c3d5639b1caae
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

cdn.shopify.com/s/files/1/1616/5497/products/FullCarbonSunglasses-PolarisedMidnightBlack.png?v=1594983060

104.16.255.71

200 OK

39 kB

URL HTTP/2
cdn.shopify.com/s/files/1/1616/5497/products/FullCarbonSunglasses-PolarisedMidnightBlack.png?v=1594983060
IP
104.16.255.71:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
39 kB (39320 bytes)
Hash
6a1d79ebf572320014c73b5042dd50b7
0913ab1f80da82818dc30223e41b943e45e1880a
ca614450e1dad8984a00977fe73dee6582c0a25442f8e8e5f612eb1fb6ac4d68

HTTP Headers

GET /s/files/1/1616/5497/products/FullCarbonSunglasses-PolarisedMidnightBlack.png?v=1594983060 HTTP/1.1
Host: cdn.shopify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anotepad.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 10 Sep 2022 06:59:14 GMT
content-type: image/webp
content-length: 39320
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
link: <https://cdn.shopify.com/s/files/1/1616/5497/products/FullCarbonSunglasses-PolarisedMidnightBlack.png>; rel="canonical"
server-timing: imagery;dur=455.223, imageryFetch;dur=94.478, imageryProcess;dur=359.256;desc="image"
timing-allow-origin: *
vary: Accept, Accept-Encoding
x-content-type-options: nosniff
x-request-id: 17b5cf43-18f3-40a1-b48a-a0acdf9a7b2d
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-dc: gcp-us-east1,us-east1
last-modified: Sat, 10 Sep 2022 06:59:13 GMT
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9eRk3b%2FAXzbdR5REoWPpM4h5FFxP%2BJZcT7JN18YqZsOFStF4GUOQjq5JWncS7yCAFYCpHjKrC7RW1sifI4xiQveV6NRE%2FjPcmqq1RZfMP%2FJo7ykLNr8JKtWAp%2B%2B0WWw5Rg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74864798ae16b512-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.anotepad.com/favicon-16x16.png

143.204.55.59

200 OK

827 B

URL HTTP/2
cdn.anotepad.com/favicon-16x16.png
IP
143.204.55.59:0
ASN
#16509 AMAZON-02

File type
PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Size
827 B (827 bytes)
Hash
0469e563461e628f5c7ac9fba30e3134
ce38ece54cf70a32de17b05f2d29f17d95ff5891
25f14abbbf54617b6dc3438702bc5453a81bc841acf24600c40d06b5cdcc3629

HTTP Headers

GET /favicon-16x16.png HTTP/1.1
Host: cdn.anotepad.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anotepad.com/
Cookie: _ga_6PG3MM86KX=GS1.1.1662793144.1.0.1662793144.0.0.0; _ga=GA1.1.19812372.1662793144
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 827
last-modified: Sat, 13 Feb 2021 22:46:18 GMT
accept-ranges: bytes
server: Microsoft-IIS/8.5
x-frame-options: SAMEORIGIN
date: Sat, 10 Sep 2022 06:14:26 GMT
etag: "693427b5a2d71:0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: vY3V0rcEi1gME9To6cEWDPdxt9RXM0IvgVU_uK9uO-qehlNpGFx5xA==
age: 9877
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
eef7b878313532413d2e904a3a038772
9a2ad77b9950bf7307b930361fc838eff9d0eaf4
e75355f9c1847499acbee18281bd946af98db1827fa1cbdabc6b0860554a3bc0

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E75355F9C1847499ACBEE18281BD946AF98DB1827FA1CBDABC6B0860554A3BC0"
Last-Modified: Sat, 10 Sep 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10598
Expires: Sat, 10 Sep 2022 09:55:52 GMT
Date: Sat, 10 Sep 2022 06:59:14 GMT
Connection: keep-alive

s7.addthis.com/js/300/addthis_widget.js

23.38.200.123

200 OK

116 kB

URL HTTP/2
s7.addthis.com/js/300/addthis_widget.js
IP
23.38.200.123:0
ASN
#16625 AKAMAI-AS

File type
ASCII text, with very long lines (54602)
Size
116 kB (116325 bytes)
Hash
ff4671f71c958029bbf6d9694284da70
7535744f2dbaf99902a54fc529e760b08a73f265
123f781673b2e45e18df36b64984674f489a5f3541c69e295f01f554b8d3c738

HTTP Headers

GET /js/300/addthis_widget.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anotepad.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/javascript
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-5834c"
cache-control: public, max-age=600
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 116325
date: Sat, 10 Sep 2022 06:59:14 GMT
vary: Accept-Encoding
x-distribution: 99
x-host: s7.addthis.com
X-Firefox-Spdy: h2

www.google-analytics.com/analytics.js

142.250.74.174

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1325)
Size
20 kB (20006 bytes)
Hash
56f5d7f608e25d64207135f045f988cb
901eb59372ae330ae85e1384da93479b21ae1082
1910daea79e5a9d04829a91e432dfa56f45a80a3e14a8cf667fec73af9fd3d29

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anotepad.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20006
date: Sat, 10 Sep 2022 06:41:12 GMT
expires: Sat, 10 Sep 2022 08:41:12 GMT
cache-control: public, max-age=7200
age: 1082
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.77.32

200 OK

346 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
346 B (346 bytes)
Hash
cb260f695580f58c6e36d3b8079c85cd
2f38fcf0b1ce3460a59fa60f3d458f71397db491
512582d966d42131bc95e57e129eb31306f3d198f9bce10ccd46e34fd9afb88b

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "512582D966D42131BC95E57E129EB31306F3D198F9BCE10CCD46E34FD9AFB88B"
Last-Modified: Wed, 07 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5210
Expires: Sat, 10 Sep 2022 08:26:04 GMT
Date: Sat, 10 Sep 2022 06:59:14 GMT
Connection: keep-alive

region1.google-analytics.com/g/collect?v=2&tid=G-6PG3MM86KX&gtm=2oe970&_p=993566161&cid=19812372.1662793144&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1662793144&sct=1&seg=0&dl=https%3A%2F%2Fanotepad.com%2Fnotes%2F668a5mii&dt=Advantages%20of%20wearing%20the%20titanium%20sunglasses%20-%20Online%20Notepad&en=page_view&_fv=1&_nsi=1&_ss=1

216.239.34.36

204 No Content

0 B

URL HTTP/2
region1.google-analytics.com/g/collect?v=2&tid=G-6PG3MM86KX&gtm=2oe970&_p=993566161&cid=19812372.1662793144&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1662793144&sct=1&seg=0&dl=https%3A%2F%2Fanotepad.com%2Fnotes%2F668a5mii&dt=Advantages%20of%20wearing%20the%20titanium%20sunglasses%20-%20Online%20Notepad&en=page_view&_fv=1&_nsi=1&_ss=1
IP
216.239.34.36:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-6PG3MM86KX&gtm=2oe970&_p=993566161&cid=19812372.1662793144&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1662793144&sct=1&seg=0&dl=https%3A%2F%2Fanotepad.com%2Fnotes%2F668a5mii&dt=Advantages%20of%20wearing%20the%20titanium%20sunglasses%20-%20Online%20Notepad&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anotepad.com
Connection: keep-alive
Referer: https://anotepad.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://anotepad.com
date: Sat, 10 Sep 2022 06:59:14 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

addresseepaper.com/sfp.js

104.21.234.254

200 OK

23 kB

URL HTTP/2
addresseepaper.com/sfp.js
IP
104.21.234.254:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Size
23 kB (23430 bytes)
Hash
dfb09b6ee6de11ff7293c21eb2db0a28
3b0da5d295599ff9eae3a001ad8663bb4c07155c
cd8b771b6d5a933d6d21cf95b8c44731bce5d63d8fb617b083ca3cd7221516c7

HTTP Headers

GET /sfp.js HTTP/1.1
Host: addresseepaper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anotepad.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 10 Sep 2022 06:59:14 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: b84cd5bac4d926e11b40720dbaf4fc13
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Sat, 10 Sep 2022 06:59:14 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yg373%2FwyrjtZmkPbYJ%2FmHJIWDpbIOoo%2FX0PdXbxSEKyFRJ4bBJoI5mlWykNJVk5xOlIWrweBN5P1t22qycX2iUY1GNH9R7hLyDrjZMc9Q%2FX2sB6hrK6Vjn1lcZ1Y45FxR50g7Os%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7486479d3a0175c5-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

z.moatads.com/addthismoatframe568911941483/moatframe.js

23.38.201.146

200 OK

948 B

URL HTTP/2
z.moatads.com/addthismoatframe568911941483/moatframe.js
IP
23.38.201.146:0
ASN
#16625 AKAMAI-AS

File type
ASCII text, with very long lines (523)
Size
948 B (948 bytes)
Hash
f14b4e1f799b14f798a195f43cf58376
b6fd3b3d407fb4c0a00fb8a31862235e2a6e0a86
92ed3e9fda5fa4d738ff4d9023846b56633617363dda6a750cacb4fba53241ac

HTTP Headers

GET /addthismoatframe568911941483/moatframe.js HTTP/1.1
Host: z.moatads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anotepad.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: e0HboiVQpjIDEK8WTxqU5+8G8wOtu9bNCFY72alTHLP0/Yb+qoiTOxu6fad89ebRofzHxENxOOg=
x-amz-request-id: 61EC92F13BB22DD4
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
etag: "f14b4e1f799b14f798a195f43cf58376"
content-encoding: gzip
accept-ranges: bytes
content-type: application/x-javascript
content-length: 948
server: AmazonS3
vary: Accept-Encoding
cache-control: max-age=64742
date: Sat, 10 Sep 2022 06:59:14 GMT
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5062a86b01f1f8de3654dfde17be1b32
263ae6891668d021b3812d08f074899962d280a8
f19e99b8535ff842faee82c41ecc91dcb3204e73d05f9199162f3f2fb7effae4

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F19E99B8535FF842FAEE82C41ECC91DCB3204E73D05F9199162F3F2FB7EFFAE4"
Last-Modified: Fri, 09 Sep 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4642
Expires: Sat, 10 Sep 2022 08:16:36 GMT
Date: Sat, 10 Sep 2022 06:59:14 GMT
Connection: keep-alive

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
97e5566c275b9fe27464690811145846
fa8973c8004db59d9a8fd46e9743fb6c9a8d3efd
e77cd1a4510c736e628aa10719f7694d7c7fef15adf1a449d800f90cde76fb88

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 06:59:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-8870545-1&cid=19812372.1662793144&jid=1260669138&gjid=1390912330&_gid=578899408.1662793145&_u=YADAAEAAAAAAAC~&z=1572127230

142.251.1.155

200 OK

4 B

URL HTTP/2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-8870545-1&cid=19812372.1662793144&jid=1260669138&gjid=1390912330&_gid=578899408.1662793145&_u=YADAAEAAAAAAAC~&z=1572127230
IP
142.251.1.155:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
4 B (4 bytes)
Hash
48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a

HTTP Headers

POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-8870545-1&cid=19812372.1662793144&jid=1260669138&gjid=1390912330&_gid=578899408.1662793145&_u=YADAAEAAAAAAAC~&z=1572127230 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://anotepad.com
Connection: keep-alive
Referer: https://anotepad.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: https://anotepad.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 10 Sep 2022 06:59:14 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
97e5566c275b9fe27464690811145846
fa8973c8004db59d9a8fd46e9743fb6c9a8d3efd
e77cd1a4510c736e628aa10719f7694d7c7fef15adf1a449d800f90cde76fb88

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 06:59:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18042
Expires: Sat, 10 Sep 2022 11:59:56 GMT
Date: Sat, 10 Sep 2022 06:59:14 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18042
Expires: Sat, 10 Sep 2022 11:59:56 GMT
Date: Sat, 10 Sep 2022 06:59:14 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18042
Expires: Sat, 10 Sep 2022 11:59:56 GMT
Date: Sat, 10 Sep 2022 06:59:14 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18042
Expires: Sat, 10 Sep 2022 11:59:56 GMT
Date: Sat, 10 Sep 2022 06:59:14 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a798806-4378-4646-89ee-e50837809910.jpeg

34.120.237.76

200 OK

9.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a798806-4378-4646-89ee-e50837809910.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.6 kB (9610 bytes)
Hash
1abac18a85802f38f08561ac64020b55
afbc7666fa0b2093ef0c5d9a955d54d139c09b30
eae7f28dd178293939ecd81082ab68ae6098bb3cb1f1fe9411c38314ddb0f944

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a798806-4378-4646-89ee-e50837809910.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9610
x-amzn-requestid: 34102145-abda-4987-a68d-9069496366ea
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YNj0oF7loAMF6zg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631bb350-52aee64214c814812c03262e;Sampled=0
x-amzn-remapped-date: Fri, 09 Sep 2022 21:42:40 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 91AsC8-zVFCOPHFb2qnlTev2aXzdCEDYtc68JtYYsQSKS7OFF4QzgQ==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Sep 2022 21:59:50 GMT
age: 32364
etag: "afbc7666fa0b2093ef0c5d9a955d54d139c09b30"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5e72c2e9-6d47-42ac-9514-316cd8f8f6c5.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.7 kB (8676 bytes)
Hash
e8f11aeba65478b039cfb4100aa23435
88db17a82ea0207ccb4826c2961875c5106b427a
6f6ec5922ec54d824e7f933de87608c5a763da119ae9461d99c6525649b1a9af

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5e72c2e9-6d47-42ac-9514-316cd8f8f6c5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8676
x-amzn-requestid: 64a58aa8-8321-4c91-98fe-dbf97996c513
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YNiuZEjnIAMFRFg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631bb18f-77b635593b202d7d3cd0ac84;Sampled=0
x-amzn-remapped-date: Fri, 09 Sep 2022 21:35:11 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: VWwNSpFvcDq3nrn91QvYjrJX5hLjp96vrKgZzR-pOdrdHx7MlcagGQ==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 d1d67b07408bba8c682597d8303642e2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Sep 2022 22:13:43 GMT
age: 31531
etag: "88db17a82ea0207ccb4826c2961875c5106b427a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

14 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa03f5a55-72fc-42e1-bf3b-1c427237302d.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
14 kB (14312 bytes)
Hash
412441a2a064555c5d7f1400c2741360
7532d9543b93248891324e07e8edff10a36d174d
421b3e9db572f1077abd4ef2748696b38a4117e33db6ae0b5fa46841afa2693f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa03f5a55-72fc-42e1-bf3b-1c427237302d.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 14312
x-amzn-requestid: 4d301754-9ed3-401f-9ad5-1862533d7559
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YNj5wGowIAMF4WA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631bb371-7729383d0bc0f729231ad5b8;Sampled=0
x-amzn-remapped-date: Fri, 09 Sep 2022 21:43:13 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: QWNGLaXe2lZ7niw6TU6KUOuMnWi-Ml3hkw6WLB8vD_jWsg5YMuFWbw==
via: 1.1 d0387b833e3ca8cb748a1296b4b4bf2a.cloudfront.net (CloudFront), 1.1 c21a0d27ceec21e266c9f962d0349438.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Sep 2022 21:54:57 GMT
age: 32657
etag: "7532d9543b93248891324e07e8edff10a36d174d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2402aa1c-c5d5-475b-abd9-db6b8ca99270.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (9981 bytes)
Hash
572d8ed935df86fde22138e8bfddfd9f
3b25ffe66a762ea032c05b149a29fe0d6faa3687
866c2b16919ab311f906c4e8a074fd93b46f74408c9e2c9a4c30310afa08f047

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2402aa1c-c5d5-475b-abd9-db6b8ca99270.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9981
x-amzn-requestid: 1a34423c-b2d9-4ae3-a437-eb5717334372
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YNkiSGjloAMFYuw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631bb474-00c79a927f7f7d5d70791b68;Sampled=0
x-amzn-remapped-date: Fri, 09 Sep 2022 21:47:32 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: jwkD86lz1SUQE__IGBv9RINc-LON017wkTpW7g0ePcMtssqd_POtpQ==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 7d01bcfcfe27ce0b8979cf621dd081de.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Sep 2022 22:13:41 GMT
age: 31533
etag: "3b25ffe66a762ea032c05b149a29fe0d6faa3687"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6b740bb-cd50-42b6-b38f-dd47e55c168b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.7 kB (8675 bytes)
Hash
e2ed199f1cb98d32690c0b5c1fa90643
96f3088f1361a8c7a62e36f99b4c58c49a750f95
b2e52fa2d41478c8a23892bed1051bcde3c4a937350b149e65a35ef37cf7c4bd

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6b740bb-cd50-42b6-b38f-dd47e55c168b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8675
x-amzn-requestid: a28b0b64-d536-4bc2-b659-f8255e9f73b0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XfXe8HEUIAMFiag=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6309392c-032fdc54025b8fbe21987a57;Sampled=0
x-amzn-remapped-date: Fri, 26 Aug 2022 21:20:44 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: wPBavm-n6W61qqQYyw1bFmh6eqPnVeCDfE3MS-yUB0phzf9wujSghA==
via: 1.1 34f8ef0e4c880df0650a814412a26ea6.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Sep 2022 06:32:41 GMT
age: 1593
etag: "96f3088f1361a8c7a62e36f99b4c58c49a750f95"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdde1c872-426a-4aec-b295-a2cac8b36edf.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.5 kB (4477 bytes)
Hash
71bafbee3867c04c3712ff98a123d52c
ccf471cd30f5aa96f4e5fdb9e0fbbcdbb475a0bf
58ff1700e0b125caefb73719e2b3d734b2fbcc5ed1aabe5a11bb73b43edab831

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdde1c872-426a-4aec-b295-a2cac8b36edf.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4477
x-amzn-requestid: bbdca46e-5628-4faf-a0fe-ea1b5b39ac2a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YNjzaHrIoAMF-iA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631bb348-567e946e7cf77f2e11c17c97;Sampled=0
x-amzn-remapped-date: Fri, 09 Sep 2022 21:42:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: a0AyKhmYA7WPwciU2nTXwyChZV_riw1QsqI_giBIcdZhi3Nz4jM0Sw==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Sep 2022 21:59:11 GMT
age: 32403
etag: "ccf471cd30f5aa96f4e5fdb9e0fbbcdbb475a0bf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
18d9c80e93810b52880aab445613e4b7
ca08ea7190fac815eae23eb6022d7f524694a518
6ed2db33b116fbb84b14f8509886515c5b9d8277437c8ac00b5735712f7f662f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 06:59:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
e66743a6c60c1181d7f47c7f748ddfa3
97e333fac41fce213aeda4a42c79b0c5077e26c0
498cbdcbc5fed75df7e4974b21f3be66580dd169b8c82e76c69a823567e27ab6

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 06:59:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-8870545-1&cid=19812372.1662793144&jid=1260669138&_u=YADAAEAAAAAAAC~&z=686667853

142.250.74.3

200 OK

42 B

URL HTTP/2
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-8870545-1&cid=19812372.1662793144&jid=1260669138&_u=YADAAEAAAAAAAC~&z=686667853
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-8870545-1&cid=19812372.1662793144&jid=1260669138&_u=YADAAEAAAAAAAC~&z=686667853 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anotepad.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 10 Sep 2022 06:59:14 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-8870545-1&cid=19812372.1662793144&jid=1260669138&_u=YADAAEAAAAAAAC~&z=686667853

142.250.74.164

200 OK

42 B

URL HTTP/2
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-8870545-1&cid=19812372.1662793144&jid=1260669138&_u=YADAAEAAAAAAAC~&z=686667853
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-8870545-1&cid=19812372.1662793144&jid=1260669138&_u=YADAAEAAAAAAAC~&z=686667853 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anotepad.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 10 Sep 2022 06:59:14 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
18d9c80e93810b52880aab445613e4b7
ca08ea7190fac815eae23eb6022d7f524694a518
6ed2db33b116fbb84b14f8509886515c5b9d8277437c8ac00b5735712f7f662f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 06:59:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
90af7f9fc306540e02535db3d00dca64
9e05b003b35ed57277b6b295adde93add7c41b0b
64abd990305ef3f25ffb3fb2ccae04b76e178375752ecb2020411df8f7974fcf

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 06:59:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

forgerylimit.com/b3/7d/2f/b37d2f9324506eb3d8dc9b0489d7878c.js

192.243.59.13

200 OK

13 kB

URL HTTP/1.1
forgerylimit.com/b3/7d/2f/b37d2f9324506eb3d8dc9b0489d7878c.js
IP
192.243.59.13:0
ASN
#39572 DataWeb Global Group B.V.

File type
ASCII text, with very long lines (37104), with no line terminators
Size
13 kB (13399 bytes)
Hash
9da7ae75b4a7deb3ac6d374409fa8db4
6f0103b0bed59044ace8e88c86b7d6a7297f4999
ee2936b776e5dbe634a2cfd12a9722a6a9359c77f495ad90e2a49a391411227f

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /b3/7d/2f/b37d2f9324506eb3d8dc9b0489d7878c.js HTTP/1.1
Host: forgerylimit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anotepad.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sat, 10 Sep 2022 06:59:14 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ba5d1ca3ed745c8ee653b5f8b3ebcb18
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

ocsp.sca1b.amazontrust.com/

143.204.42.165

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.165:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
180750f63aa7b3ca11be257a1837e7a4
2bdea9b6f133b088143fd6fdcd5eccb4c29a1e53
1c44497894377a85da8493a8da6b8ec59f02ebf9408c0b2a6d6e72b5d7637519

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sat, 10 Sep 2022 06:59:14 GMT
Last-Modified: Sat, 10 Sep 2022 05:25:34 GMT
Server: ECS (nyb/1D1A)
X-Cache: Miss from cloudfront
Via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: IISvt-Rc4jVn1kJnX0O52z18kLCdaDuCs2MgPrBt0DX1sct9ubnFxA==
Age: 5620

simplewebanalysis.com/stats

52.28.172.243

200 OK

40 B

URL HTTP/2
simplewebanalysis.com/stats
IP
52.28.172.243:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
90dce2121854e40f5570b292913cc440
2d88cf536d6aee9baf65d90a5b256ff93c2f3468
f01643ee9e020a6172c1d06999e65aa32cbc18a7d5aa0ac14f66bd454b95d70f

HTTP Headers

GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anotepad.com
Connection: keep-alive
Referer: https://anotepad.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 10 Sep 2022 06:59:15 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://anotepad.com
access-control-allow-credentials: true
set-cookie: uid_id2=8f0007d9-027e-43b5-909a-c97f8077f8e3:1:1; expires=Tue, 07 Sep 2032 06:59:15 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

23.38.200.123

200 OK

26 kB

URL HTTP/2
s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
IP
23.38.200.123:0
ASN
#16625 AKAMAI-AS

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (63757)
Size
26 kB (26421 bytes)
Hash
707317ccaabe08d32d1bd781754e6871
bb82dcd3e044c960e0861c2ce878f5504e628f78
d0a164ece41c61aec26517fb645646f5ba91f72ea5448eff1ee6c393b7c53051

HTTP Headers

GET /static/sh.f48a1a04fe8dbf021b4cda1d.html HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anotepad.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx/1.15.8
content-type: text/html
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-11adc"
timing-allow-origin: *
cache-control: public, max-age=86313600
p3p: CP="NON ADM OUR DEV IND COM STA"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 26421
date: Sat, 10 Sep 2022 06:59:15 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2

v1.addthisedge.com/live/boost/ra-56846750fb16a611/_ate.track.config_resp

23.38.200.123

200 OK

154 B

URL HTTP/2
v1.addthisedge.com/live/boost/ra-56846750fb16a611/_ate.track.config_resp
IP
23.38.200.123:0
ASN
#16625 AKAMAI-AS

File type
ASCII text, with no line terminators
Size
154 B (154 bytes)
Hash
1798455c51e19a1de93e52339a502e8d
a0457d200050e575fe5fce342ef18826773a19a2
3f695eaf6f5245ffc8385edd6ed3d174509a3faedc9b9e14e4bffb1f0a881fb0

HTTP Headers

GET /live/boost/ra-56846750fb16a611/_ate.track.config_resp HTTP/1.1
Host: v1.addthisedge.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anotepad.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
etag: 659743217
content-disposition: attachment; filename=1.txt
content-encoding: gzip
content-length: 154
cache-control: public, max-age=7, s-maxage=86400
date: Sat, 10 Sep 2022 06:59:15 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2

creepingbrings.com/sfp.js

104.21.234.233

200 OK

23 kB

URL HTTP/2
creepingbrings.com/sfp.js
IP
104.21.234.233:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Size
23 kB (23174 bytes)
Hash
2a3529cdc585755435e09d38169474c4
1384129d14eb246e940513624a876fffa8cbb836
2f9f7498fdb6253a2a5b357e5d27152af54ad0f68b576ef70f3bbbc6f8ec8a18

HTTP Headers

GET /sfp.js HTTP/1.1
Host: creepingbrings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anotepad.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 10 Sep 2022 06:59:15 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 6a1458a7394d78475defa171ecdbd932
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Sat, 10 Sep 2022 06:59:14 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NfwSUO3yrxiWYmFeDjQxGkS2A4%2B57CTuOeHggHEWJ9LumNZoGbKEJOz0L15NviR0ZxOmaZW6QNefubqgbHmd%2BlRc9JSdBCg7HLJRFWoarePoYLdvtqceW8uKOblp%2BsF6FpH9CV0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 748647a22ae88885-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1fe0327a01f21c54fc9bfc3efc87c68c
11e6ecf4707288032f021916e04ed93a46434da1
6fcc309bb04b920a7f738685e528507aeb74a0d37b935caf4c387d665c40b6de

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6FCC309BB04B920A7F738685E528507AEB74A0D37B935CAF4C387D665C40B6DE"
Last-Modified: Thu, 08 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15304
Expires: Sat, 10 Sep 2022 11:14:19 GMT
Date: Sat, 10 Sep 2022 06:59:15 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d48f198d88d137119adc51c8da2f398a
2eeab0a581a7f899201fbec3f8e309332a7b4b34
79e789ece961100679838654a3e2c2eaefaaad0481686d44b96ed83c94386b83

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "79E789ECE961100679838654A3E2C2EAEFAAAD0481686D44B96ED83C94386B83"
Last-Modified: Fri, 09 Sep 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7305
Expires: Sat, 10 Sep 2022 09:01:00 GMT
Date: Sat, 10 Sep 2022 06:59:15 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1fe0327a01f21c54fc9bfc3efc87c68c
11e6ecf4707288032f021916e04ed93a46434da1
6fcc309bb04b920a7f738685e528507aeb74a0d37b935caf4c387d665c40b6de

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6FCC309BB04B920A7F738685E528507AEB74A0D37B935CAF4C387D665C40B6DE"
Last-Modified: Thu, 08 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15304
Expires: Sat, 10 Sep 2022 11:14:19 GMT
Date: Sat, 10 Sep 2022 06:59:15 GMT
Connection: keep-alive

unseenreport.com/pxf.gif?uuid=8f0007d9-027e-43b5-909a-c97f8077f8e3&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=a1385457843ed7b58df9deca74af31e9&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=6

192.243.59.13

200 OK

1 B

URL HTTP/1.1
unseenreport.com/pxf.gif?uuid=8f0007d9-027e-43b5-909a-c97f8077f8e3&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=a1385457843ed7b58df9deca74af31e9&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=6
IP
192.243.59.13:0
ASN
#39572 DataWeb Global Group B.V.

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=8f0007d9-027e-43b5-909a-c97f8077f8e3&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=a1385457843ed7b58df9deca74af31e9&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=6 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anotepad.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sat, 10 Sep 2022 06:59:15 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 767a358c4955e018a4d697d88b294604
Strict-Transport-Security: max-age=0; includeSubdomains

unseenreport.com/pxf.gif?uuid=8f0007d9-027e-43b5-909a-c97f8077f8e3&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=b37d2f9324506eb3d8dc9b0489d7878c&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=6

192.243.59.13

200 OK

1 B

URL HTTP/1.1
unseenreport.com/pxf.gif?uuid=8f0007d9-027e-43b5-909a-c97f8077f8e3&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=b37d2f9324506eb3d8dc9b0489d7878c&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=6
IP
192.243.59.13:0
ASN
#39572 DataWeb Global Group B.V.

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=8f0007d9-027e-43b5-909a-c97f8077f8e3&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=b37d2f9324506eb3d8dc9b0489d7878c&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=6 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anotepad.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sat, 10 Sep 2022 06:59:15 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: fb2392d93249c3edc0e3bceeda87b259
Strict-Transport-Security: max-age=0; includeSubdomains

reapinject.com/sbar.json?key=b37d2f9324506eb3d8dc9b0489d7878c&uuid=8f0007d9-027e-43b5-909a-c97f8077f8e3%3A1%3A1

173.233.137.44

200 OK

4.4 kB

URL HTTP/1.1
reapinject.com/sbar.json?key=b37d2f9324506eb3d8dc9b0489d7878c&uuid=8f0007d9-027e-43b5-909a-c97f8077f8e3%3A1%3A1
IP
173.233.137.44:0
ASN
#7979 SERVERS-COM

File type
JSON data\012- , Unicode text, UTF-8 text, with very long lines (6184), with no line terminators
Size
4.4 kB (4433 bytes)
Hash
c63f989bf4adf35dcef6870d443d04fb
3e6789ab8fc832e7dc2183331439f13266301da6
82b052e857cfd377aa6ddf29c71509c6a055445f529236313ea332c24a4b5b33

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /sbar.json?key=b37d2f9324506eb3d8dc9b0489d7878c&uuid=8f0007d9-027e-43b5-909a-c97f8077f8e3%3A1%3A1 HTTP/1.1
Host: reapinject.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anotepad.com
Connection: keep-alive
Referer: https://anotepad.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 10 Sep 2022 06:59:16 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://anotepad.com
Access-Control-Allow-Origin: https://anotepad.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=15950569; expires=Sun, 11 Sep 2022 06:59:15 GMT; secure; SameSite=None
uid_id2=8f0007d9-027e-43b5-909a-c97f8077f8e3:1:1; expires=Sat, 17 Sep 2022 06:59:15 GMT; secure; SameSite=None
pdhtkv=true; expires=Sun, 11 Sep 2022 06:59:16 GMT; secure; SameSite=None
uncs=1; expires=Sun, 11 Sep 2022 06:59:16 GMT; secure; SameSite=None
pdhtkv29=true; expires=Sun, 11 Sep 2022 06:59:16 GMT; secure; SameSite=None
uncs29=1; expires=Sun, 11 Sep 2022 06:59:16 GMT; secure; SameSite=None
slecb37d2f9324506eb3d8dc9b0489d7878c=[3520333]; expires=Sat, 10 Sep 2022 06:59:21 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e08af1ad3379e1dc1d788a2a80d90a23
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

reapinject.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scxR%2BtTha%2BX%2FGkBEWIYQ45KLiz3T0%2FutscgjGuBDc%2FTBS9SXVV9aTc6q6mqnt6sqfFoATxMIJ%2FQM%2Bb3SzqIupFLwadXRBcEHY87cE9K3pbyMWLzGRx9QPF51W9V%2FA%2Br%2BqDUXlIXJT04PJVvSaVokudptt47m3Pu9BYkVk5aAzC7jvd9oWG6b8YdZvu841XBVvVS77rua7neo1laUSiB0szEjLfjrxm5DbbftPrtDEw%2F93b0oGlDnj%2FkDwJyacLu84ZSDZBln55WdjVQucvvJKWihbaoM%2B33sxWM11lSE9gYhwk2daxGtruLz%2BAzjbndqH7%2FwhjOSXOjw8QZ1vHJhH3N%2BY%2BYwWRIeaPo%2BpPINQEkk7A9F1Ivk8AxnHtOrL0%2FjVtKnrnEUtn7JQsPDyCrKZk4dczyNIvLik5aNzSqiykziwGSQ05mED2JsjLHRRrpyCrHbDiPUj%2BM1l6uIIs3bhulYbkB%2BfDxHXdgEeLrh%2BIxXYr7ixGbkQXWRQkoRsESSha84CknEAmEygxBLUOytmSDsrEQZk7SPlBg3meF7icUTeMGGvxQMRd7no0SDzqud0QJZvNMESRD8HUEMysIzfrWJVDmPJ72Ns1LHdgC4I%2Br1EJgsoSVJSgkgRVQVD1602urG%2Fr%2B1zZMvaOu3%2FcW%2FVYF70R3dRFT2RklB%2BSJ%2BbBHcW%2FY1UcNOJWwP0kavntjtsVcYuHnEWx2w4jHoRByGBlDWlPzcdck1Py1P%2B3kcspWfjfJ4jpDqzaAZOnQMtnQatx4Lugt8ft0MVatk0zXYic8ibTKbiukRcLKO44I3VInpn76HxzFYLtXfzhj%2FfPffv6n2CmRm5qvCt3CXrq3vimrsjGTV1Z8tX1vJCpXKOzx71V0EKc%2Fuw1cafShl%2B5bIefvsRmxAxuvyFssUIzLrOeJZ9fkpwLs6wNE%2BS7K%2FYtEd8o7e1LpcnKfOXGy8tX0twIa6XOJqBy334EJqfkMarnv%2Fbs0x9CmglMWSMt98hxQeodsHwdNj9xb%2FVpGHWiiXMHVVmPjR%2BfHCo5Jf7RT1Bi7%2BLX66O%2Ffts9DxrXsOJfF0%2FwyN5Dz5wDLe4iS2v0TY2%2BqkHVELY8PS5ys3fxl9a8ECtnHCvjbMTKqI8fxWvlQSNotVzajTpeEFARxG0%2FTLoep9Rvd%2F1ul7ZQ2Ck729n9GwAA%2F%2F8BAAD%2F%2FyqlM8uEBAAA

173.233.137.44

200 OK

7 B

URL HTTP/1.1
reapinject.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scxR%2BtTha%2BX%2FGkBEWIYQ45KLiz3T0%2FutscgjGuBDc%2FTBS9SXVV9aTc6q6mqnt6sqfFoATxMIJ%2FQM%2Bb3SzqIupFLwadXRBcEHY87cE9K3pbyMWLzGRx9QPF51W9V%2FA%2Br%2BqDUXlIXJT04PJVvSaVokudptt47m3Pu9BYkVk5aAzC7jvd9oWG6b8YdZvu841XBVvVS77rua7neo1laUSiB0szEjLfjrxm5DbbftPrtDEw%2F93b0oGlDnj%2FkDwJyacLu84ZSDZBln55WdjVQucvvJKWihbaoM%2B33sxWM11lSE9gYhwk2daxGtruLz%2BAzjbndqH7%2FwhjOSXOjw8QZ1vHJhH3N%2BY%2BYwWRIeaPo%2BpPINQEkk7A9F1Ivk8AxnHtOrL0%2FjVtKnrnEUtn7JQsPDyCrKZk4dczyNIvLik5aNzSqiykziwGSQ05mED2JsjLHRRrpyCrHbDiPUj%2BM1l6uIIs3bhulYbkB%2BfDxHXdgEeLrh%2BIxXYr7ixGbkQXWRQkoRsESSha84CknEAmEygxBLUOytmSDsrEQZk7SPlBg3meF7icUTeMGGvxQMRd7no0SDzqud0QJZvNMESRD8HUEMysIzfrWJVDmPJ72Ns1LHdgC4I%2Br1EJgsoSVJSgkgRVQVD1602urG%2Fr%2B1zZMvaOu3%2FcW%2FVYF70R3dRFT2RklB%2BSJ%2BbBHcW%2FY1UcNOJWwP0kavntjtsVcYuHnEWx2w4jHoRByGBlDWlPzcdck1Py1P%2B3kcspWfjfJ4jpDqzaAZOnQMtnQatx4Lugt8ft0MVatk0zXYic8ibTKbiukRcLKO44I3VInpn76HxzFYLtXfzhj%2FfPffv6n2CmRm5qvCt3CXrq3vimrsjGTV1Z8tX1vJCpXKOzx71V0EKc%2Fuw1cafShl%2B5bIefvsRmxAxuvyFssUIzLrOeJZ9fkpwLs6wNE%2BS7K%2FYtEd8o7e1LpcnKfOXGy8tX0twIa6XOJqBy334EJqfkMarnv%2Fbs0x9CmglMWSMt98hxQeodsHwdNj9xb%2FVpGHWiiXMHVVmPjR%2BfHCo5Jf7RT1Bi7%2BLX66O%2Ffts9DxrXsOJfF0%2FwyN5Dz5wDLe4iS2v0TY2%2BqkHVELY8PS5ys3fxl9a8ECtnHCvjbMTKqI8fxWvlQSNotVzajTpeEFARxG0%2FTLoep9Rvd%2F1ul7ZQ2Ck729n9GwAA%2F%2F8BAAD%2F%2FyqlM8uEBAAA
IP
173.233.137.44:0
ASN
#7979 SERVERS-COM

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scxR%2BtTha%2BX%2FGkBEWIYQ45KLiz3T0%2FutscgjGuBDc%2FTBS9SXVV9aTc6q6mqnt6sqfFoATxMIJ%2FQM%2Bb3SzqIupFLwadXRBcEHY87cE9K3pbyMWLzGRx9QPF51W9V%2FA%2Br%2BqDUXlIXJT04PJVvSaVokudptt47m3Pu9BYkVk5aAzC7jvd9oWG6b8YdZvu841XBVvVS77rua7neo1laUSiB0szEjLfjrxm5DbbftPrtDEw%2F93b0oGlDnj%2FkDwJyacLu84ZSDZBln55WdjVQucvvJKWihbaoM%2B33sxWM11lSE9gYhwk2daxGtruLz%2BAzjbndqH7%2FwhjOSXOjw8QZ1vHJhH3N%2BY%2BYwWRIeaPo%2BpPINQEkk7A9F1Ivk8AxnHtOrL0%2FjVtKnrnEUtn7JQsPDyCrKZk4dczyNIvLik5aNzSqiykziwGSQ05mED2JsjLHRRrpyCrHbDiPUj%2BM1l6uIIs3bhulYbkB%2BfDxHXdgEeLrh%2BIxXYr7ixGbkQXWRQkoRsESSha84CknEAmEygxBLUOytmSDsrEQZk7SPlBg3meF7icUTeMGGvxQMRd7no0SDzqud0QJZvNMESRD8HUEMysIzfrWJVDmPJ72Ns1LHdgC4I%2Br1EJgsoSVJSgkgRVQVD1602urG%2Fr%2B1zZMvaOu3%2FcW%2FVYF70R3dRFT2RklB%2BSJ%2BbBHcW%2FY1UcNOJWwP0kavntjtsVcYuHnEWx2w4jHoRByGBlDWlPzcdck1Py1P%2B3kcspWfjfJ4jpDqzaAZOnQMtnQatx4Lugt8ft0MVatk0zXYic8ibTKbiukRcLKO44I3VInpn76HxzFYLtXfzhj%2FfPffv6n2CmRm5qvCt3CXrq3vimrsjGTV1Z8tX1vJCpXKOzx71V0EKc%2Fuw1cafShl%2B5bIefvsRmxAxuvyFssUIzLrOeJZ9fkpwLs6wNE%2BS7K%2FYtEd8o7e1LpcnKfOXGy8tX0twIa6XOJqBy334EJqfkMarnv%2Fbs0x9CmglMWSMt98hxQeodsHwdNj9xb%2FVpGHWiiXMHVVmPjR%2BfHCo5Jf7RT1Bi7%2BLX66O%2Ffts9DxrXsOJfF0%2FwyN5Dz5wDLe4iS2v0TY2%2BqkHVELY8PS5ys3fxl9a8ECtnHCvjbMTKqI8fxWvlQSNotVzajTpeEFARxG0%2FTLoep9Rvd%2F1ul7ZQ2Ck729n9GwAA%2F%2F8BAAD%2F%2FyqlM8uEBAAA HTTP/1.1
Host: reapinject.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anotepad.com/
Cookie: u_pl=15950569; uid_id2=8f0007d9-027e-43b5-909a-c97f8077f8e3:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecb37d2f9324506eb3d8dc9b0489d7878c=[3520333]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 10 Sep 2022 06:59:16 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 094ee28a50cf0ab914d0d9cde2596677
Strict-Transport-Security: max-age=0; includeSubdomains

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
142f92ab885d0446b4ac2b40619a6456
28535d1e4a2d387da2c4b2f69b8e330a3c5509f9
4cd8de918d644d5206bab46fd255d3967bb28445c9e5de29cba85675d88176de

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4CD8DE918D644D5206BAB46FD255D3967BB28445C9E5DE29CBA85675D88176DE"
Last-Modified: Sat, 10 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15442
Expires: Sat, 10 Sep 2022 11:16:38 GMT
Date: Sat, 10 Sep 2022 06:59:16 GMT
Connection: keep-alive

e1.o.lencr.org/

23.36.77.32

200 OK

344 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
344 B (344 bytes)
Hash
11a62de4541037ab66a1ee3a198916bd
767beb0fd7d3ef086d2dff0a984f54f6b6f9d0e4
1f6a4b80a80691e041057bf8a0a5beb9440df1a1a9af8d2447af252055850d1a

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "1F6A4B80A80691E041057BF8A0A5BEB9440DF1A1A9AF8D2447AF252055850D1A"
Last-Modified: Sat, 10 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4530
Expires: Sat, 10 Sep 2022 08:14:46 GMT
Date: Sat, 10 Sep 2022 06:59:16 GMT
Connection: keep-alive

e1.o.lencr.org/

23.36.77.32

200 OK

344 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
344 B (344 bytes)
Hash
11a62de4541037ab66a1ee3a198916bd
767beb0fd7d3ef086d2dff0a984f54f6b6f9d0e4
1f6a4b80a80691e041057bf8a0a5beb9440df1a1a9af8d2447af252055850d1a

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "1F6A4B80A80691E041057BF8A0A5BEB9440DF1A1A9AF8D2447AF252055850D1A"
Last-Modified: Sat, 10 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4530
Expires: Sat, 10 Sep 2022 08:14:46 GMT
Date: Sat, 10 Sep 2022 06:59:16 GMT
Connection: keep-alive

cdn.barscreative1.com/sb/au/5d/1e/66/5d1e6654b79f5bf053b789353432e45e/1613739250.html

45.133.44.4

200 OK

693 B

URL HTTP/2
cdn.barscreative1.com/sb/au/5d/1e/66/5d1e6654b79f5bf053b789353432e45e/1613739250.html
IP
45.133.44.4:0
ASN
#39572 DataWeb Global Group B.V.

File type
data
Size
693 B (693 bytes)
Hash
a8ca8f4bf8fcbefb048c757964c1e9b2
d643afd282ac2ad91df8672f9f2878047107d987
402c2a84bc70c6fa1cf867b2f6c3dea9f73f4417a2fa69dde13bfa9baec78f71

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /sb/au/5d/1e/66/5d1e6654b79f5bf053b789353432e45e/1613739250.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anotepad.com
Connection: keep-alive
Referer: https://anotepad.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 10 Sep 2022 06:59:16 GMT
content-type: text/html; charset=utf-8
server: nginx/1.17.6
last-modified: Fri, 19 Feb 2021 12:54:16 GMT
etag: W/"602fb4f8-4fa"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Sat, 10 Sep 2022 07:59:16 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2

cdn.sb4you1.com/sb/ssp/utility/social-media/whatsapp/img/close.svg

172.67.183.56

200 OK

929 B

URL HTTP/2
cdn.sb4you1.com/sb/ssp/utility/social-media/whatsapp/img/close.svg
IP
172.67.183.56:0
ASN
#13335 CLOUDFLARENET

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
929 B (929 bytes)
Hash
eb5076cb28ee7a57535e763bdb7a0b59
173335149d37337e9f97863cb63ea63d94bf16d6
1d9a79658465773649be775c13d7e1dd691b2d0b5adff4cc0b29696f6b29e388

HTTP Headers

GET /sb/ssp/utility/social-media/whatsapp/img/close.svg HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 10 Sep 2022 06:59:16 GMT
content-type: image/svg+xml
last-modified: Thu, 11 Feb 2021 15:19:43 GMT
etag: W/"60254b0f-52a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 3272092
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=82ChLtAL6CXOQCcEnmer9dVrQ005NuzM6EJp1KyrlRwryWz9rk86hc4XBpS9%2B%2BBdQfZJ6HjRRB%2BKwdaBB%2BP3dcDSYcOUptpo5U7KhRNLDr%2Bq8jfZNQVXiYGUzLvqbZyLBN4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 748647ad0a73b4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

1.2 kB

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
gzip compressed data, max compression\012- data
Size
1.2 kB (1163 bytes)
Hash
0cac9a497c9442f62704561508c38ef8
3daf66905828d4d3c3a41a772d4a97f4121c2348
fefe342b5c82ae190b938ace8670b56c431410670a84d6e1d958409001d42790

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "46FA93A75D4BB081E5F0E3C098D97E5B9364364D29F6B1C814AE582DC675C110"
Last-Modified: Fri, 09 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4863
Expires: Sat, 10 Sep 2022 08:20:19 GMT
Date: Sat, 10 Sep 2022 06:59:16 GMT
Connection: keep-alive

cdn.cloudimagesb.com/si/5a/64/23/5a6423eabb734da73b97371ea67be959/1658144657.jpg

45.133.44.10

200 OK

17 kB

URL HTTP/2
cdn.cloudimagesb.com/si/5a/64/23/5a6423eabb734da73b97371ea67be959/1658144657.jpg
IP
45.133.44.10:0
ASN
#39572 DataWeb Global Group B.V.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\012- data
Size
17 kB (16979 bytes)
Hash
c22ff55c863b2414205b04cc3747edfb
5490b3da882c95fa66913143eb4d472457c0e045
b3f3ebb3a107d88eb97d98ef637c97f2315f1186b52a38fd3a10af6868c8452b

HTTP Headers

GET /si/5a/64/23/5a6423eabb734da73b97371ea67be959/1658144657.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 10 Sep 2022 06:59:16 GMT
content-type: image/jpeg
content-length: 16979
server: nginx/1.17.6
last-modified: Mon, 18 Jul 2022 11:44:25 GMT
etag: "62d54799-4253"
expires: Mon, 12 Sep 2022 06:59:16 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn.sb4you1.com/sb/ssp/utility/social-media/whatsapp/css/animate.css

172.67.183.56

200 OK

5.0 kB

URL HTTP/2
cdn.sb4you1.com/sb/ssp/utility/social-media/whatsapp/css/animate.css
IP
172.67.183.56:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
5.0 kB (4972 bytes)
Hash
cc5ad29d14968afd704f7d2dea376348
2d52547b7da3d8101cb826b2811b21d4fcec0ae7
1b6df77f4a8e9c6f4726e2f85fa157a5ebb4e1e7706f9d7f766566b44dfbf4cd

HTTP Headers

GET /sb/ssp/utility/social-media/whatsapp/css/animate.css HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anotepad.com
Connection: keep-alive
Referer: https://anotepad.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 10 Sep 2022 06:59:16 GMT
content-type: text/css
last-modified: Sat, 20 Feb 2021 08:44:40 GMT
etag: W/"6030cbf8-1358d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qz2UqEcEoSymOEEHntzYAiOdzWDPNrCtLXZqg7FN1blpSWB9dIywdb9HnbLFZwB2nbhTCwODO8O7RRj12LtCkEEVSJI4h5fZ2S5LDM9DnUW7PKQj8u5JAD4CcfmFe65zl0w%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 748647acaa02b4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

142.250.74.163

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Size
16 kB (15860 bytes)
Hash
e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://anotepad.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Sep 2022 19:34:08 GMT
expires: Thu, 07 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 213909
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

142.250.74.163

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://anotepad.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Sep 2022 19:34:08 GMT
expires: Thu, 07 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 213909
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

reapinject.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fssp%2Futility%2Fsocial-media%2Fwhatsapp%2Fjs%2Fscript.js&l=444&fd=336

173.233.137.44

502 Bad Gateway

157 B

URL HTTP/1.1
reapinject.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fssp%2Futility%2Fsocial-media%2Fwhatsapp%2Fjs%2Fscript.js&l=444&fd=336
IP
173.233.137.44:0
ASN
#7979 SERVERS-COM

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
157 B (157 bytes)
Hash
d41a93f6d3a61aa8e32d7a0afcfbb2d0
77718bef53accc9fd03bea992dc25e4086a17d50
3f72ba697c379550b6005be4ed325a33b228eea31e056a4dfa1150c6ace3f6cd

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fssp%2Futility%2Fsocial-media%2Fwhatsapp%2Fjs%2Fscript.js&l=444&fd=336 HTTP/1.1
Host: reapinject.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anotepad.com/
Cookie: u_pl=15950569; uid_id2=8f0007d9-027e-43b5-909a-c97f8077f8e3:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecb37d2f9324506eb3d8dc9b0489d7878c=[3520333]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 502 Bad Gateway
Server: nginx/1.19.5
Date: Sat, 10 Sep 2022 06:59:17 GMT
Content-Type: text/html
Content-Length: 157
Connection: keep-alive

cdn.sb4you1.com/sb/ssp/utility/social-media/whatsapp/css/style.css

172.67.183.56

200 OK

1.6 kB

URL HTTP/2
cdn.sb4you1.com/sb/ssp/utility/social-media/whatsapp/css/style.css
IP
172.67.183.56:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
1.6 kB (1646 bytes)
Hash
505fcd91c4cf95f4e33531c1aedc2f0e
c2da69c3eb969ab2701b6041ddc52c9eafe6352d
247a553e60a5c59df153d288645d90854aa98aa8ae5065a2fdc2ce82ae2cc787

HTTP Headers

GET /sb/ssp/utility/social-media/whatsapp/css/style.css HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anotepad.com
Connection: keep-alive
Referer: https://anotepad.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 10 Sep 2022 06:59:16 GMT
content-type: text/css
last-modified: Fri, 27 Aug 2021 12:30:40 GMT
etag: W/"6128daf0-18be"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sRup8ZIBBgChvBkKVc1nGQPuHg0SxsmrzstyIVb0iqD2IsABDXvHx58LqI2LEqea6ZM8t7EeWis2YpyK%2Fa%2FFwfEBcltRuDosX89ic8vOr4Bcom1pZnmuoyFHgOgDpSEcFzs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 748647acaa06b4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

reapinject.com/pixel/sbs?c=1

173.233.137.44

502 Bad Gateway

157 B

URL HTTP/1.1
reapinject.com/pixel/sbs?c=1
IP
173.233.137.44:0
ASN
#7979 SERVERS-COM

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
157 B (157 bytes)
Hash
d41a93f6d3a61aa8e32d7a0afcfbb2d0
77718bef53accc9fd03bea992dc25e4086a17d50
3f72ba697c379550b6005be4ed325a33b228eea31e056a4dfa1150c6ace3f6cd

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pixel/sbs?c=1 HTTP/1.1
Host: reapinject.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anotepad.com/
Cookie: u_pl=15950569; uid_id2=8f0007d9-027e-43b5-909a-c97f8077f8e3:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecb37d2f9324506eb3d8dc9b0489d7878c=[3520333]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 502 Bad Gateway
Server: nginx/1.19.5
Date: Sat, 10 Sep 2022 06:59:17 GMT
Content-Type: text/html
Content-Length: 157
Connection: keep-alive

cdn.sb4you1.com/sb/ssp/utility/social-media/whatsapp/js/script.js

172.67.183.56

200 OK

217 B

URL HTTP/2
cdn.sb4you1.com/sb/ssp/utility/social-media/whatsapp/js/script.js
IP
172.67.183.56:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
217 B (217 bytes)
Hash
deb27aa1dead3cceaea4742cfe879320
75536a9c2ff3289d861284903349f1607c1b6a8e
caa6c6869f34a13df5944d3702ad34300f50b34c5a6b6dac24124d55f27ba296

HTTP Headers

GET /sb/ssp/utility/social-media/whatsapp/js/script.js HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anotepad.com
Connection: keep-alive
Referer: https://anotepad.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 10 Sep 2022 06:59:16 GMT
content-type: application/javascript
last-modified: Sat, 20 Feb 2021 08:47:14 GMT
etag: W/"6030cc92-1bc"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RignqbtrG6tVaoIxC0WxXYtzWCpYsW5G9NZ5LtOmbHK93%2Bs7pQNy45IoWlAq3AUucx%2FQZCLPljHtIe%2B9fzenho2c0svvnhEbmDz%2FaoZq9jGWDsVI%2FO9BtvFFt3WoghIC7j4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 748647acaa07b4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff87d6b48-0caf-49d8-be21-3ec24e24374f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.7 kB (8706 bytes)
Hash
478caf1cbdbafefa1b73c4e1a21e027c
90dd5e86857e7f6313bbb053baa8c1d4784d3089
0c845efdea74e5b1245ca00ea33a0b8220551d156ca34620e3d90ccb4de345dc

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff87d6b48-0caf-49d8-be21-3ec24e24374f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 8706
x-amzn-requestid: 37d04670-7b5a-4cbb-ad4c-46615c604bc2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YNjzcG2moAMF30g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631bb349-5351f9c15ad587ae3c807d48;Sampled=0
x-amzn-remapped-date: Fri, 09 Sep 2022 21:42:33 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: lcckuCebVvSAYgrOAQaGKSp9Bg7RMpdpgIr_3rlRjKgn6iuIQYDHVg==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 76dcc62b68091cc715d50b5017be77fc.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Sep 2022 22:13:43 GMT
age: 31538
etag: "90dd5e86857e7f6313bbb053baa8c1d4784d3089"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

a.pub.network/core/pubfig/cls.css

104.26.1.139

200 OK

0 B

URL HTTP/2
a.pub.network/core/pubfig/cls.css
IP
104.26.1.139:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /core/pubfig/cls.css HTTP/1.1
Host: a.pub.network
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anotepad.com
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 10 Sep 2022 06:59:13 GMT
content-type: text/css
x-guploader-uploadid: ADPycdu5cQs0MqmxMk9WexLsN-qY1u2ASg5ej6n9c-25CXtpgxe1_GpfcZ-bVW0DU5U28shU_k-bVxdYdSrdRqclXdJ6HD3wH7BT
x-goog-generation: 1620765108454625
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1752
x-goog-hash: crc32c=kjwd8A==, md5=KtQsmezne0blpCqFIHo3UA==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: *
expires: Sat, 10 Sep 2022 06:52:27 GMT
cache-control: public, max-age=3600
age: 1698
last-modified: Tue, 11 May 2021 20:31:48 GMT
etag: W/"2ad42c99ece77b46e5a42a85207a3750"
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ah1BAu%2Fh5t4mJq0wRns6yeEo92SQQBrzcOBzKslVAWFTGH0DTgi6epEIOR%2F%2FcgyG8VYxmgo%2FZAojLCK6YNrSlx6wzjfqxwEGFWEknhYnShqrVh7D%2FrStKIydGXBHFvA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 748647987dc0b512-OSL
content-encoding: br
X-Firefox-Spdy: h2

cdn.anotepad.com/bundles/site-css?v=Kj7M4AcVxzqOYDFhgQEAv7XjqjytoufAx9Fh_BQYbso1

143.204.55.59

200 OK

0 B

URL HTTP/2
cdn.anotepad.com/bundles/site-css?v=Kj7M4AcVxzqOYDFhgQEAv7XjqjytoufAx9Fh_BQYbso1
IP
143.204.55.59:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /bundles/site-css?v=Kj7M4AcVxzqOYDFhgQEAv7XjqjytoufAx9Fh_BQYbso1 HTTP/1.1
Host: cdn.anotepad.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anotepad.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
cache-control: public
expires: Thu, 31 Aug 2023 00:13:33 GMT
last-modified: Wed, 31 Aug 2022 00:13:33 GMT
server: Microsoft-IIS/8.5
x-frame-options: SAMEORIGIN
date: Wed, 31 Aug 2022 00:13:33 GMT
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: cEAFgTACWwzpNL-zAC2VgbTNJBUOrFyho1BFPJBlvN1Didkqe1worg==
age: 888343
X-Firefox-Spdy: h2

cdn.anotepad.com/images/anotepad.svg

143.204.55.59

200 OK

0 B

URL HTTP/2
cdn.anotepad.com/images/anotepad.svg
IP
143.204.55.59:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /images/anotepad.svg HTTP/1.1
Host: cdn.anotepad.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anotepad.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
cache-control: max-age=604800
last-modified: Sat, 13 Feb 2021 21:52:25 GMT
etag: W/"8fdbe283522d71:0"
server: Microsoft-IIS/8.5
x-frame-options: SAMEORIGIN
date: Wed, 07 Sep 2022 01:42:27 GMT
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: G5jf2Ip_9lCimdVelMYW5RjZKFKZ-t-NZDY_E_JQaKPpbTFp18__vA==
age: 278209
X-Firefox-Spdy: h2

cdn.anotepad.com/bundles/site-js?v=2gpBaaiz-7wQWwSFJEQ-e93pzFq7ieSwgnyTcQSMZ_w1

143.204.55.59

200 OK

0 B

URL HTTP/2
cdn.anotepad.com/bundles/site-js?v=2gpBaaiz-7wQWwSFJEQ-e93pzFq7ieSwgnyTcQSMZ_w1
IP
143.204.55.59:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /bundles/site-js?v=2gpBaaiz-7wQWwSFJEQ-e93pzFq7ieSwgnyTcQSMZ_w1 HTTP/1.1
Host: cdn.anotepad.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anotepad.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
cache-control: public
expires: Thu, 31 Aug 2023 00:13:46 GMT
last-modified: Wed, 31 Aug 2022 00:13:46 GMT
server: Microsoft-IIS/8.5
x-frame-options: SAMEORIGIN
date: Wed, 31 Aug 2022 00:13:46 GMT
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Zh6AERhy6JdoXjSc-o4q6Ti7fHa0aPVjLYq7BIh5jum80-jBTNaQXQ==
age: 888330
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files detected

URL

IP

ASN

File type

Size

Hash

Detections

JavaScript (21)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL