officialgifts.xyz/1/prizewheel/cash/southacash/index.html?domain=continuetosite.com&brand&bemobdata=c=f1dbc182-b83d-46b6-9f65-cae297399468..l=33a2289c-59ff-42d4-b277-ec55bda1086a..a=0..b=0..r=http://continuetosite.com
69.175.50.100 162 B URL officialgifts.xyz/1/prizewheel/cash/southacash/index.html?domain=continuetosite.com&brand&bemobdata=c=f1dbc182-b83d-46b6-9f65-cae297399468..l=33a2289c-59ff-42d4-b277-ec55bda1086a..a=0..b=0..r=http://continuetosite.com
IP 69.175.50.100:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /1/prizewheel/cash/southacash/index.html?domain=continuetosite.com&brand&bemobdata=c=f1dbc182-b83d-46b6-9f65-cae297399468..l=33a2289c-59ff-42d4-b277-ec55bda1086a..a=0..b=0..r=http://continuetosite.com HTTP/1.1
Host: officialgifts.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 30 Apr 2023 19:57:09 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://officialgifts.xyz/1/prizewheel/cash/southacash/index.html?domain=continuetosite.com&brand&bemobdata=c=f1dbc182-b83d-46b6-9f65-cae297399468..l=33a2289c-59ff-42d4-b277-ec55bda1086a..a=0..b=0..r=http://continuetosite.com
officialgifts.xyz/favicon.ico
69.175.50.100 1.2 kB URL officialgifts.xyz/favicon.ico
IP 69.175.50.100:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 91abe01116ab422c598e9c8af72cf4da
0f2815fe8e067d48537ad168225ab4674271fa27
b1d7aef06456fe7431124129a28f0138bb5fccfa4f4161e3087de23c005e5edc
GET /favicon.ico HTTP/1.1
Host: officialgifts.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://officialgifts.xyz/?utm_term=7227934448807837740&ver=4viyaptcjo&utm_content=e6c2c6dcd68fd49594fc9695a6a79597828bb8888e8d88bd87b3c5b1c3b7b484b8b3b889bfbfbeb982b380b386b5b4b4a2aaa8a9afafacada2a3a091a7979495868a868d9d8c8d9d87ce90938f8a859783fbc9f9fecdc8fdc0c7f0f1f6919599b9aec8c9ffcffdfffaf3c0f0f6f5f0c5dadbd8d9e9e9e8e9e5e6e3e5efefe0ed1e12101c73
Cookie: u=95da386ce04fd830a9db4dd64cc7e9e0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 30 Apr 2023 19:57:11 GMT
content-type: image/x-icon
content-length: 1150
last-modified: Wed, 31 Jul 2019 07:48:51 GMT
etag: "5d4147e3-47e"
expires: Mon, 01 May 2023 19:57:11 GMT
cache-control: max-age=86400
strict-transport-security: max-age=31536000; includeSubdomains
accept-ranges: bytes
X-Firefox-Spdy: h2
officialgifts.xyz/sw.js?v=1682884631808
69.175.50.100 776 B URL officialgifts.xyz/sw.js?v=1682884631808
IP 69.175.50.100:0
Hash 200b680044776234a193b6ea3fcab9e6
19ba53c8c2b75eefe7bc9bed6c7aab3828a80e0b
c53c2f36055f0dd3c15231552ff5071ab389b3598d0b7721c0616e5c81913b70
GET /sw.js?v=1682884631808 HTTP/1.1
Host: officialgifts.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: u=95da386ce04fd830a9db4dd64cc7e9e0
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 30 Apr 2023 19:57:11 GMT
content-type: application/javascript
content-length: 776
last-modified: Mon, 10 Apr 2023 09:19:34 GMT
vary: Accept-Encoding
etag: "6433d4a6-308"
content-encoding: gzip
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline';
X-Firefox-Spdy: h2
officialgifts.xyz/favicon.ico
69.175.50.100 1.2 kB URL officialgifts.xyz/favicon.ico
IP 69.175.50.100:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 91abe01116ab422c598e9c8af72cf4da
0f2815fe8e067d48537ad168225ab4674271fa27
b1d7aef06456fe7431124129a28f0138bb5fccfa4f4161e3087de23c005e5edc
GET /favicon.ico HTTP/1.1
Host: officialgifts.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://officialgifts.xyz/proc.php?35fabeabebc8f7730b691acc986ff3f3a65fdc04
Cookie: u=95da386ce04fd830a9db4dd64cc7e9e0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 30 Apr 2023 19:57:11 GMT
content-type: image/x-icon
content-length: 1150
last-modified: Wed, 31 Jul 2019 07:48:51 GMT
etag: "5d4147e3-47e"
expires: Mon, 01 May 2023 19:57:11 GMT
cache-control: max-age=86400
strict-transport-security: max-age=31536000; includeSubdomains
accept-ranges: bytes
X-Firefox-Spdy: h2
www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7227934448807837740&website=13371-2ced4a67&placement=13371&utm_content=e6c2c6dcd68fd49594fc9695a6a79597828bb8888e8d88bd87b3c5b1c3b7b484b8b3b889bfbfbeb982b380b086b5b4b4a2aaa8a9afafacada2a3a091a7979495868a868d9d8c8d9d87ce90938f8a859783fbc9f9fecdc8fdc0c7f0f1f6919599b9aec8c9ffcffdfffaf3c0f0f6f5f0c5dadbd8d9e9e9e8e9e5e6e3e5efefe0ed1e12101c70
51.68.81.31 5.2 kB URL www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7227934448807837740&website=13371-2ced4a67&placement=13371&utm_content=e6c2c6dcd68fd49594fc9695a6a79597828bb8888e8d88bd87b3c5b1c3b7b484b8b3b889bfbfbeb982b380b086b5b4b4a2aaa8a9afafacada2a3a091a7979495868a868d9d8c8d9d87ce90938f8a859783fbc9f9fecdc8fdc0c7f0f1f6919599b9aec8c9ffcffdfffaf3c0f0f6f5f0c5dadbd8d9e9e9e8e9e5e6e3e5efefe0ed1e12101c70
IP 51.68.81.31:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3760)
Hash 3ad1f2896ced5e4516da2b23cd43448b
b86d7239c391ac94e4fcf89e31a40cec3f41fab4
daa0d5bf6df6fb8b8389edf204d372b615e9d7cf100f3c746cdfe0729f42fdf0
GET /?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7227934448807837740&website=13371-2ced4a67&placement=13371&utm_content=e6c2c6dcd68fd49594fc9695a6a79597828bb8888e8d88bd87b3c5b1c3b7b484b8b3b889bfbfbeb982b380b086b5b4b4a2aaa8a9afafacada2a3a091a7979495868a868d9d8c8d9d87ce90938f8a859783fbc9f9fecdc8fdc0c7f0f1f6919599b9aec8c9ffcffdfffaf3c0f0f6f5f0c5dadbd8d9e9e9e8e9e5e6e3e5efefe0ed1e12101c70 HTTP/1.1
Host: www.turbotrck.art
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://officialgifts.xyz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 30 Apr 2023 19:57:11 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-transform
Accept-CH: Sec-CH-UA-Platform-Version
officialgifts.xyz/proc.php?35fabeabebc8f7730b691acc986ff3f3a65fdc04
69.175.50.100 1.5 kB URL officialgifts.xyz/proc.php?35fabeabebc8f7730b691acc986ff3f3a65fdc04
IP 69.175.50.100:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3588), with no line terminators
Hash 91548f2013fa54e3dd1a4a14da8bf1e9
beb1177f1734d44cd7b01158e6a3135fd3d9e9af
c2c8e7b98dfe4a4a25a7436e23a136f68ce2b3e671cb89de91edafcbcd946abe
GET /proc.php?35fabeabebc8f7730b691acc986ff3f3a65fdc04 HTTP/1.1
Host: officialgifts.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://officialgifts.xyz/?utm_term=7227934448807837740&ver=4viyaptcjo&utm_content=e6c2c6dcd68fd49594fc9695a6a79597828bb8888e8d88bd87b3c5b1c3b7b484b8b3b889bfbfbeb982b380b386b5b4b4a2aaa8a9afafacada2a3a091a7979495868a868d9d8c8d9d87ce90938f8a859783fbc9f9fecdc8fdc0c7f0f1f6919599b9aec8c9ffcffdfffaf3c0f0f6f5f0c5dadbd8d9e9e9e8e9e5e6e3e5efefe0ed1e12101c73
Cookie: u=95da386ce04fd830a9db4dd64cc7e9e0
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 30 Apr 2023 19:57:11 GMT
content-type: text/html; charset=UTF-8
location: https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7227934448807837740&website=13371-2ced4a67&placement=13371
vary: Accept-Encoding
x-powered-by: PHP/8.2.0
cache-control: no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubdomains
content-encoding: gzip
X-Firefox-Spdy: h2
www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7227934448807837740&website=13371-2ced4a67&placement=13371&utm_content=e6c2c6dcd68fd49594fc9695a6a79597828bb8888e8d88bd87b3c5b1c3b7b484b8b3b889bfbfbeb982b380b086b5b4b4a2aaa8a9afafacada2a3a091a7979495868a868d9d8c8d9d87ce90938f8a859783fbc9f9fecdc8fdc0c7f0f1f6919599b9aec8c9ffcffdfffaf3c0f0f6f5f0c5dadbd8d9e9e9e8e9e5e6e3e5efefe0ed1e12101c70&eyeg=3&eyer=0.4023137579995162&eyei=0&eyew=1280&eyeh=1024&eyetd=220&eyef=officialgifts.xyz
51.68.81.31 0 B URL www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7227934448807837740&website=13371-2ced4a67&placement=13371&utm_content=e6c2c6dcd68fd49594fc9695a6a79597828bb8888e8d88bd87b3c5b1c3b7b484b8b3b889bfbfbeb982b380b086b5b4b4a2aaa8a9afafacada2a3a091a7979495868a868d9d8c8d9d87ce90938f8a859783fbc9f9fecdc8fdc0c7f0f1f6919599b9aec8c9ffcffdfffaf3c0f0f6f5f0c5dadbd8d9e9e9e8e9e5e6e3e5efefe0ed1e12101c70&eyeg=3&eyer=0.4023137579995162&eyei=0&eyew=1280&eyeh=1024&eyetd=220&eyef=officialgifts.xyz
IP 51.68.81.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7227934448807837740&website=13371-2ced4a67&placement=13371&utm_content=e6c2c6dcd68fd49594fc9695a6a79597828bb8888e8d88bd87b3c5b1c3b7b484b8b3b889bfbfbeb982b380b086b5b4b4a2aaa8a9afafacada2a3a091a7979495868a868d9d8c8d9d87ce90938f8a859783fbc9f9fecdc8fdc0c7f0f1f6919599b9aec8c9ffcffdfffaf3c0f0f6f5f0c5dadbd8d9e9e9e8e9e5e6e3e5efefe0ed1e12101c70&eyeg=3&eyer=0.4023137579995162&eyei=0&eyew=1280&eyeh=1024&eyetd=220&eyef=officialgifts.xyz HTTP/1.1
Host: www.turbotrck.art
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Date: Sun, 30 Apr 2023 19:57:11 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-transform
Location: https://admoustache.media-412.com/sl?id=63ef5a2a8dec34873b6049c7&pid=503&sub1=330007d4e8cd354af8ba39f572c290485eb540430-202304-flb*5564921-b2be6*M7227934448807837740*sl_5564921-b2be6*028836d419d0954796059858a508c60b1f3672c5*13371-2ced4a67*13371
admoustache.media-412.com/sl?id=63ef5a2a8dec34873b6049c7&pid=503&sub1=330007d4e8cd354af8ba39f572c290485eb540430-202304-flb*5564921-b2be6*M7227934448807837740*sl_5564921-b2be6*028836d419d0954796059858a508c60b1f3672c5*13371-2ced4a67*13371
34.91.27.112 0 B URL admoustache.media-412.com/sl?id=63ef5a2a8dec34873b6049c7&pid=503&sub1=330007d4e8cd354af8ba39f572c290485eb540430-202304-flb*5564921-b2be6*M7227934448807837740*sl_5564921-b2be6*028836d419d0954796059858a508c60b1f3672c5*13371-2ced4a67*13371
IP 34.91.27.112:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sl?id=63ef5a2a8dec34873b6049c7&pid=503&sub1=330007d4e8cd354af8ba39f572c290485eb540430-202304-flb*5564921-b2be6*M7227934448807837740*sl_5564921-b2be6*028836d419d0954796059858a508c60b1f3672c5*13371-2ced4a67*13371 HTTP/1.1
Host: admoustache.media-412.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx
date: Sun, 30 Apr 2023 19:57:12 GMT
content-length: 0
location: https://yeah.achelous.mobi/rc/a91581ead4?affclick=644ec818dbc1df0001677aed&pubid=503
x-adjust-use-original-forwarded-for: 1
referer:
referrer-policy: no-referrer
set-cookie: afclick=644ec818dbc1df0001677aed; expires=Mon, 29 Apr 2024 19:57:12 GMT; secure; SameSite=None
access-control-allow-origin: *
X-Firefox-Spdy: h2
www.turbotrck.art/favicon.ico
51.68.81.31 0 B URL www.turbotrck.art/favicon.ico
IP 51.68.81.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: www.turbotrck.art
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 204 No Content
Date: Sun, 30 Apr 2023 19:57:12 GMT
Connection: keep-alive
yeah.achelous.mobi/rc/a91581ead4?affclick=644ec818dbc1df0001677aed&pubid=503
104.21.70.45 748 B URL yeah.achelous.mobi/rc/a91581ead4?affclick=644ec818dbc1df0001677aed&pubid=503
IP 104.21.70.45:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (385)
Hash ecc2ff1f796e03e622f8afe8986c29ff
87228d1a58964a63e7b2819f036e6fd1fc6b10c2
5ed47c83e3f13fc5ee5e42ea6305406c42d1f6458ccea18fb82980d46d828656
GET /rc/a91581ead4?affclick=644ec818dbc1df0001677aed&pubid=503 HTTP/1.1
Host: yeah.achelous.mobi
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 30 Apr 2023 19:57:12 GMT
content-type: text/html; charset=utf-8
set-cookie: AWSALB=W0O9MuCQv+S3Je1fZ/ptPXLFiJcY1Jvzs0tq7CIyv8MDV/U/+5cqSGbMi/zbxvxsGiWhmG2BlBbGKJRu0Km3axS0wrP0geoIkfOMdtQIpg1CTiAWzPFaMWC9I2H1; Expires=Sun, 07 May 2023 19:57:12 GMT; Path=/
AWSALBCORS=W0O9MuCQv+S3Je1fZ/ptPXLFiJcY1Jvzs0tq7CIyv8MDV/U/+5cqSGbMi/zbxvxsGiWhmG2BlBbGKJRu0Km3axS0wrP0geoIkfOMdtQIpg1CTiAWzPFaMWC9I2H1; Expires=Sun, 07 May 2023 19:57:12 GMT; Path=/; SameSite=None
vary: Accept-Encoding, Accept-Language, Cookie
content-language: en
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rURlqY8ZQ%2FXvJjZNH2t76qthImhl4JouBPBk31db3TWLZ64TJUxEyojuphYsXYDqGw7Jfl64wogn5NGa8w33Fn%2FW5Es9bwpsiAPh1EcJm1CFpgqx%2BZSoc1PoFMhuJtqPMaTbB7c%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c025a36ca591c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.cloudflareinsights.com/beacon.min.js/v52afc6f149f6479b8c77fa569edb01181681764108816
104.16.57.101 6.8 kB URL static.cloudflareinsights.com/beacon.min.js/v52afc6f149f6479b8c77fa569edb01181681764108816
IP 104.16.57.101:0
File type ASCII text, with very long lines (19927), with no line terminators
Hash 982e2a41ce42ac036b89fd411ad5a674
6e4487f7cd52ef35f1a47b8d2ae58fde2ece8839
ab18d62d7417d67b23b3f1825fe951eb7c19cf8e6067a06d08ff15a0760b5405
GET /beacon.min.js/v52afc6f149f6479b8c77fa569edb01181681764108816 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://yeah.achelous.mobi
Connection: keep-alive
Referer: https://yeah.achelous.mobi/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 30 Apr 2023 19:57:12 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/2023.4.2
last-modified: Mon, 17 Apr 2023 20:41:48 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c025a397dd4b4f1-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
c.adups.app/36399?click=pub12c5b2c506de455080d37e8119614669&pubid=f31e77b4
174.138.122.163 410 B URL c.adups.app/36399?click=pub12c5b2c506de455080d37e8119614669&pubid=f31e77b4
IP 174.138.122.163:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document, ASCII text, with very long lines (410), with no line terminators
Hash fb651ab3286dea075c99967e02ce0b7b
f4215e00be775633e6228aa1c995977115baee71
1b0b4583d63c826195e15a7144bf4df9411cade63282658b82fdd294d8156141
GET /36399?click=pub12c5b2c506de455080d37e8119614669&pubid=f31e77b4 HTTP/1.1
Host: c.adups.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://yeah.achelous.mobi/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
x-powered-by: Express
surrogate-control: no-store
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
pragma: no-cache
expires: 0
location: https://4680104.catchtheclick.com/?mob=ZE1o5_7iTZ85l3-QYxXlnLbGYTpmTJ-hojm6gkhLP5UDFVVz1-Uh0cA0IvAKYdcGHKZePq2lYxzxgBIkrpMzTg&clickid=23E01012713A036399029885PI33I&pubid=36399
vary: Accept, Accept-Encoding
content-type: text/html; charset=utf-8
content-length: 410
date: Sun, 30 Apr 2023 19:57:13 GMT
4680104.catchtheclick.com/?mob=ZE1o5_7iTZ85l3-QYxXlnLbGYTpmTJ-hojm6gkhLP5UDFVVz1-Uh0cA0IvAKYdcGHKZePq2lYxzxgBIkrpMzTg&clickid=23E01012713A036399029885PI33I&pubid=36399
116.202.159.170 897 B URL 4680104.catchtheclick.com/?mob=ZE1o5_7iTZ85l3-QYxXlnLbGYTpmTJ-hojm6gkhLP5UDFVVz1-Uh0cA0IvAKYdcGHKZePq2lYxzxgBIkrpMzTg&clickid=23E01012713A036399029885PI33I&pubid=36399
IP 116.202.159.170:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (813), with CRLF line terminators
Hash 49abc93935bc8ddf9b812f670a74d0cb
883e1c1783dd5ffd4f90e216397429659772fdae
de6944797f31cfbff36dfb1ea2dfbeaef1828cbcddf8bf198a8fa124ae77f833
GET /?mob=ZE1o5_7iTZ85l3-QYxXlnLbGYTpmTJ-hojm6gkhLP5UDFVVz1-Uh0cA0IvAKYdcGHKZePq2lYxzxgBIkrpMzTg&clickid=23E01012713A036399029885PI33I&pubid=36399 HTTP/1.1
Host: 4680104.catchtheclick.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://yeah.achelous.mobi/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.16.1 (Ubuntu)
Date: Sun, 30 Apr 2023 19:57:13 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
yeah.achelous.mobi/cdn-cgi/rum?
104.21.70.45 0 B URL yeah.achelous.mobi/cdn-cgi/rum?
IP 104.21.70.45:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cdn-cgi/rum? HTTP/1.1
Host: yeah.achelous.mobi
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 504
Origin: https://yeah.achelous.mobi
Alt-Used: yeah.achelous.mobi
Connection: keep-alive
Referer: https://yeah.achelous.mobi/rc/a91581ead4?affclick=644ec818dbc1df0001677aed&pubid=503
Cookie: AWSALB=W0O9MuCQv+S3Je1fZ/ptPXLFiJcY1Jvzs0tq7CIyv8MDV/U/+5cqSGbMi/zbxvxsGiWhmG2BlBbGKJRu0Km3axS0wrP0geoIkfOMdtQIpg1CTiAWzPFaMWC9I2H1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/3 204 No Content
date: Sun, 30 Apr 2023 19:57:13 GMT
access-control-allow-origin: https://yeah.achelous.mobi
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 7c025a405a69b509-OSL
x-frame-options: DENY
x-content-type-options: nosniff
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
104.17.25.14200 OK 5.6 kB URL GET HTTP/3 cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
IP 104.17.25.14:443
Requested by https://memorandum.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA9:11:71:07:07:92:48:7E:A9:3C:E8:32:25:3F:EB:AC:7D:51:7E:8F
ValidityWed, 03 Aug 2022 00:00:00 GMT - Wed, 02 Aug 2023 23:59:59 GMT
File type ASCII text, with very long lines (30837)
Hash 109d1ed85cd01f9cdab73a4cac5bf80d
d6c6498ad46de2d8e2008a8ff68e364ae7f16b32
8b3a74fe462f5b3c0635995fd721a60eb640e237680b0b532b96711f2823e8bc
GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://message.okaynotification.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 30 Apr 2023 19:57:14 GMT
content-type: text/css; charset=utf-8
content-length: 5631
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-7918"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1553745
expires: Fri, 19 Apr 2024 19:57:14 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PCZp9BNE6zEqjXwvMC4LLXb39GfiZP%2FrOH1uDmMv74MHsu8rHxlkR%2BlVLrGvfFMICENy10%2FD%2Bymvr9zQEZe0VcftRh4%2BTKcuBjVU%2FKN8hG7iOVqlC0emaxLsaxyT7gYbI0q63Bqq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7c025a42cbb40afa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
142.250.74.106200 OK 31 kB URL GET HTTP/3 ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP 142.250.74.106:443
Requested by https://letter.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint78:8B:BB:40:DD:1D:5B:E9:7B:AA:CC:94:45:44:7F:FD:56:6E:E4:60
ValidityMon, 03 Apr 2023 08:24:24 GMT - Mon, 26 Jun 2023 08:24:23 GMT
File type ASCII text, with very long lines (65451)
Hash 903bc7a7e510f87aa5d0201eb59a0832
ac9aa4dd94cde1bcba9037e94087138b127e41fc
41a7ac8150cc9f38421451d5143c1ffec7a1f1fafbf7a7fc0f51b98ad699cf8f
GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://message.okaynotification.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31021
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 29 Apr 2023 13:45:37 GMT
expires: Sun, 28 Apr 2024 13:45:37 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 108697
last-modified: Fri, 08 May 2020 07:05:03 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
specializedlink.com/c.php
46.4.25.9 0 B URL specializedlink.com/c.php
IP 46.4.25.9:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c.php HTTP/1.1
Host: specializedlink.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://message.okaynotification.com/
Origin: https://message.okaynotification.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 30 Apr 2023 19:57:14 GMT
Content-Type: application/octet-stream
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://message.okaynotification.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
mainstreamlp.s3-eu-west-1.amazonaws.com/cassandra/unnamed.gif
52.218.46.154200 OK 56 kB URL GET HTTP/1.1 mainstreamlp.s3-eu-west-1.amazonaws.com/cassandra/unnamed.gif
IP 52.218.46.154:443
Requested by https://news.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate IssuerAmazon
Subject*.s3-eu-west-1.amazonaws.com
Fingerprint65:68:E2:68:16:9C:A1:45:3E:AA:7F:E8:6C:8C:07:12:86:2D:DC:10
ValidityWed, 21 Sep 2022 00:00:00 GMT - Wed, 30 Aug 2023 23:59:59 GMT
File type GIF image data, version 89a, 250 x 200\012- data
Hash 426e71e4e8b69c27ca1530ad8ea0f337
25491dd7883395b030d8e57364878ce642834e37
29439e6057faf7858a2ebb5844b6f2751386bd4c39648ea3c2c60d5e1a3f17f1
GET /cassandra/unnamed.gif HTTP/1.1
Host: mainstreamlp.s3-eu-west-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://message.okaynotification.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: GPh1GXq1IAGxtR4M/5uxxzRxvR8YT9jsjrr9VqvuGkFmMgjEKYHF6vx4zIJ8zC5kwfWCoPnUq3E=
x-amz-request-id: 0A0R25XJ8C7AAYDC
Date: Sun, 30 Apr 2023 19:57:15 GMT
Last-Modified: Wed, 20 May 2020 16:12:00 GMT
ETag: "426e71e4e8b69c27ca1530ad8ea0f337"
Accept-Ranges: bytes
Content-Type: image/gif
Server: AmazonS3
Content-Length: 55495
mainstreamlp.s3-eu-west-1.amazonaws.com/cassandra/giphy.gif
52.218.46.154 25 kB URL GET mainstreamlp.s3-eu-west-1.amazonaws.com/cassandra/giphy.gif
IP 52.218.46.154:0
Requested by https://note.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate IssuerAmazon
Subject*.s3-eu-west-1.amazonaws.com
Fingerprint65:68:E2:68:16:9C:A1:45:3E:AA:7F:E8:6C:8C:07:12:86:2D:DC:10
ValidityWed, 21 Sep 2022 00:00:00 GMT - Wed, 30 Aug 2023 23:59:59 GMT
File type GIF image data, version 89a, 480 x 480\012- data
Hash 7e3fce0b52710d1cff60184ab6957570
44d0b8f01481a72a93da9a5b37898d15d33e6ad6
b0f4b9ef95abb8ac47aeea2bedfbcd0df609b82a1c6cb4f73497a3b061929074
GET /cassandra/giphy.gif HTTP/1.1
Host: mainstreamlp.s3-eu-west-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://message.okaynotification.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: faq7oTqFoN2FzEhxndubLiZk81Wuoo4l8tqWiJbRbHVap6yak9708LvC0QQCUtq8elIH4+CFjLw=
x-amz-request-id: 0A0PMAWREH7FJACW
Date: Sun, 30 Apr 2023 19:57:15 GMT
Last-Modified: Wed, 20 May 2020 16:30:23 GMT
ETag: "7e3fce0b52710d1cff60184ab6957570"
Accept-Ranges: bytes
Content-Type: image/gif
Server: AmazonS3
Content-Length: 24722
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
104.17.25.14200 OK 5.6 kB URL GET HTTP/3 cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
IP 104.17.25.14:443
Requested by https://memorandum.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA9:11:71:07:07:92:48:7E:A9:3C:E8:32:25:3F:EB:AC:7D:51:7E:8F
ValidityWed, 03 Aug 2022 00:00:00 GMT - Wed, 02 Aug 2023 23:59:59 GMT
File type ASCII text, with very long lines (30837)
Hash 109d1ed85cd01f9cdab73a4cac5bf80d
d6c6498ad46de2d8e2008a8ff68e364ae7f16b32
8b3a74fe462f5b3c0635995fd721a60eb640e237680b0b532b96711f2823e8bc
GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: cdnjs.cloudflare.com
Connection: keep-alive
Referer: https://sms.okaynotification.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 30 Apr 2023 19:57:14 GMT
content-type: text/css; charset=utf-8
content-length: 5631
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-7918"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1553745
expires: Fri, 19 Apr 2024 19:57:14 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YoV2s%2BGvKc%2FMs4Ls1EMSBPScXP8wvPro8mTj6kGnyY5MXbjo4n05J38APnxtUMOxmunnwA3NFmBO6TLDltfJA3dhcSLeDM57ymbRPXtvr9Cl4E1hvVo79AaufJJgHbxOb8Kj00uR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7c025a470ae3b4ed-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
142.250.74.106200 OK 31 kB URL GET HTTP/3 ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP 142.250.74.106:443
Requested by https://letter.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint78:8B:BB:40:DD:1D:5B:E9:7B:AA:CC:94:45:44:7F:FD:56:6E:E4:60
ValidityMon, 03 Apr 2023 08:24:24 GMT - Mon, 26 Jun 2023 08:24:23 GMT
File type ASCII text, with very long lines (65451)
Hash 903bc7a7e510f87aa5d0201eb59a0832
ac9aa4dd94cde1bcba9037e94087138b127e41fc
41a7ac8150cc9f38421451d5143c1ffec7a1f1fafbf7a7fc0f51b98ad699cf8f
GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: ajax.googleapis.com
Connection: keep-alive
Referer: https://sms.okaynotification.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31021
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 29 Apr 2023 13:45:37 GMT
expires: Sun, 28 Apr 2024 13:45:37 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 108697
last-modified: Fri, 08 May 2020 07:05:03 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
mainstreamlp.s3-eu-west-1.amazonaws.com/cassandra/giphy.gif
52.218.46.154 25 kB URL GET mainstreamlp.s3-eu-west-1.amazonaws.com/cassandra/giphy.gif
IP 52.218.46.154:0
Requested by https://note.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate IssuerAmazon
Subject*.s3-eu-west-1.amazonaws.com
Fingerprint65:68:E2:68:16:9C:A1:45:3E:AA:7F:E8:6C:8C:07:12:86:2D:DC:10
ValidityWed, 21 Sep 2022 00:00:00 GMT - Wed, 30 Aug 2023 23:59:59 GMT
File type GIF image data, version 89a, 480 x 480\012- data
Hash 7e3fce0b52710d1cff60184ab6957570
44d0b8f01481a72a93da9a5b37898d15d33e6ad6
b0f4b9ef95abb8ac47aeea2bedfbcd0df609b82a1c6cb4f73497a3b061929074
GET /cassandra/giphy.gif HTTP/1.1
Host: mainstreamlp.s3-eu-west-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sms.okaynotification.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: 5ZzrGoE49gXWo5dYBa7XwRNf/62wr2J2vQdTd0RmuiX28YzJZ3X1aDFmMagiXtd+w06QOp5Ku3E=
x-amz-request-id: 0A0X7WCCA63DBTKD
Date: Sun, 30 Apr 2023 19:57:15 GMT
Last-Modified: Wed, 20 May 2020 16:30:23 GMT
ETag: "7e3fce0b52710d1cff60184ab6957570"
Accept-Ranges: bytes
Content-Type: image/gif
Server: AmazonS3
Content-Length: 24722
mainstreamlp.s3-eu-west-1.amazonaws.com/cassandra/unnamed.gif
52.218.46.154200 OK 56 kB URL GET HTTP/1.1 mainstreamlp.s3-eu-west-1.amazonaws.com/cassandra/unnamed.gif
IP 52.218.46.154:443
Requested by https://news.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate IssuerAmazon
Subject*.s3-eu-west-1.amazonaws.com
Fingerprint65:68:E2:68:16:9C:A1:45:3E:AA:7F:E8:6C:8C:07:12:86:2D:DC:10
ValidityWed, 21 Sep 2022 00:00:00 GMT - Wed, 30 Aug 2023 23:59:59 GMT
File type GIF image data, version 89a, 250 x 200\012- data
Hash 426e71e4e8b69c27ca1530ad8ea0f337
25491dd7883395b030d8e57364878ce642834e37
29439e6057faf7858a2ebb5844b6f2751386bd4c39648ea3c2c60d5e1a3f17f1
GET /cassandra/unnamed.gif HTTP/1.1
Host: mainstreamlp.s3-eu-west-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sms.okaynotification.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: roWqYWDAuAxzO3sk/Dr7HDVWILH+Zkskn5MkZ+9nZ8eCGrxxAPhnIN+2HumIHgKm9OwGEhoD5+4=
x-amz-request-id: 0A0TDQ6CGBJS9NYS
Date: Sun, 30 Apr 2023 19:57:15 GMT
Last-Modified: Wed, 20 May 2020 16:12:00 GMT
ETag: "426e71e4e8b69c27ca1530ad8ea0f337"
Accept-Ranges: bytes
Content-Type: image/gif
Server: AmazonS3
Content-Length: 55495
cdn.addlnk.com/redirect.css
172.67.158.251 6.0 kB URL cdn.addlnk.com/redirect.css
IP 172.67.158.251:0
File type ASCII text, with very long lines (1242), with no line terminators
Hash e7f6196e538c17e20d67421bbbc3f16b
1e65700805607f61c8fe60869da36305f565573e
0e4892d75cb23961a4e7f062b7800e4e0a685f73eff012b55d735ed9c2c5b2b8
GET /redirect.css HTTP/1.1
Host: cdn.addlnk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://yeah.achelous.mobi/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 30 Apr 2023 19:57:12 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=1680
etag: W/"3ae56d32551602b41f9046c14d1cfde2"
last-modified: Wed, 13 Mar 2019 00:03:12 GMT
x-amz-id-2: hoKGF2DENF0Fxpfk9aX2Txj0orTMbszygnDmGFSC4SoL/4C3WQsM9k4Y5ZmrshXNgXN64qzAUMY=
x-amz-request-id: 9NDC432NBG524RW1
cf-cache-status: HIT
age: 2996
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yze3Bbq2%2Fjigtcaq%2B1Fc%2B%2FYhTdrSBOL2Qa9E2NTg2DXM%2FkM15fnjokkkXpGDdeliSAS0Q471xtMZxUkYHzdE1GDdKPj0nRyDqBJe17XULjwSSFWyt6dbTJzOLfbd1LDuYw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c025a397803b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
142.250.74.106200 OK 31 kB URL GET HTTP/3 ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP 142.250.74.106:443
Requested by https://letter.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint78:8B:BB:40:DD:1D:5B:E9:7B:AA:CC:94:45:44:7F:FD:56:6E:E4:60
ValidityMon, 03 Apr 2023 08:24:24 GMT - Mon, 26 Jun 2023 08:24:23 GMT
File type ASCII text, with very long lines (65451)
Hash 903bc7a7e510f87aa5d0201eb59a0832
ac9aa4dd94cde1bcba9037e94087138b127e41fc
41a7ac8150cc9f38421451d5143c1ffec7a1f1fafbf7a7fc0f51b98ad699cf8f
GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: ajax.googleapis.com
Connection: keep-alive
Referer: https://notice.okaynotification.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31021
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 29 Apr 2023 13:45:37 GMT
expires: Sun, 28 Apr 2024 13:45:37 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 108698
last-modified: Fri, 08 May 2020 07:05:03 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
mainstreamlp.s3-eu-west-1.amazonaws.com/cassandra/giphy.gif
52.218.46.154 25 kB URL GET mainstreamlp.s3-eu-west-1.amazonaws.com/cassandra/giphy.gif
IP 52.218.46.154:0
Requested by https://note.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate IssuerAmazon
Subject*.s3-eu-west-1.amazonaws.com
Fingerprint65:68:E2:68:16:9C:A1:45:3E:AA:7F:E8:6C:8C:07:12:86:2D:DC:10
ValidityWed, 21 Sep 2022 00:00:00 GMT - Wed, 30 Aug 2023 23:59:59 GMT
File type GIF image data, version 89a, 480 x 480\012- data
Hash 7e3fce0b52710d1cff60184ab6957570
44d0b8f01481a72a93da9a5b37898d15d33e6ad6
b0f4b9ef95abb8ac47aeea2bedfbcd0df609b82a1c6cb4f73497a3b061929074
GET /cassandra/giphy.gif HTTP/1.1
Host: mainstreamlp.s3-eu-west-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://notice.okaynotification.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: XJ5QIDxRlymSuDpCz7DpyM0AAvVvaz/VZ34vhk81EhAlKZOYI0v8TNhFIwkY/dZJI9SfuhEOjTk=
x-amz-request-id: 0J6HMDD54DG71HAK
Date: Sun, 30 Apr 2023 19:57:16 GMT
Last-Modified: Wed, 20 May 2020 16:30:23 GMT
ETag: "7e3fce0b52710d1cff60184ab6957570"
Accept-Ranges: bytes
Content-Type: image/gif
Server: AmazonS3
Content-Length: 24722
message.okaynotification.com/js2/t/video2/inc.js
188.114.97.1 59 kB URL message.okaynotification.com/js2/t/video2/inc.js
IP 188.114.97.1:0
File type ASCII text, with CRLF line terminators
Hash 4dd768e4bcb420c52e6df1122e041b14
033a248325d1c6bcc2a7427e349716aa7855c32f
36f52bc449a96c0b44a07ad23bbf42d0b146294ab19ce7325f431fae6bff7800
Analyzer Verdict Alert fortinet Phishing
GET /js2/t/video2/inc.js HTTP/1.1
Host: message.okaynotification.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: message.okaynotification.com
Connection: keep-alive
Referer: https://message.okaynotification.com/js2/t/video2/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 30 Apr 2023 19:57:14 GMT
content-type: application/javascript
last-modified: Mon, 16 Aug 2021 15:15:52 GMT
vary: Accept-Encoding
etag: W/"611a8128-3385"
expires: Thu, 21 Mar 2024 18:07:04 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3376210
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8wYweVdApO9AW%2BhX8nTXCA6hzf3XaCui6MXLzaEALLTG90yCJEw44MmBv34iDV2ALSJ70SKnaGQcYZi3lIcd4cuodqDnk1TXcx0kkSOlBpYmHfm0ix5UUzLs%2BAk2WT2t2ercmOz7o%2BuWFNBAJQHQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c025a42abcb0b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
notice.okaynotification.com/js2/t/video2/style.css
188.114.97.1 6.4 kB URL notice.okaynotification.com/js2/t/video2/style.css
IP 188.114.97.1:0
File type ASCII text, with CRLF line terminators
Hash 863f82425fed23693ddd699c5d52b1c4
bf3a511ad303afda4f52b610643312a69ac3b7a7
e2ffef5a85b8a2ed5bf00addc3bca15bcb38ae351c7820d8c411f742f7b30a78
GET /js2/t/video2/style.css HTTP/1.1
Host: notice.okaynotification.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: notice.okaynotification.com
Connection: keep-alive
Referer: https://notice.okaynotification.com/js2/t/video2/index.html
Cookie: jjj=2; u=31x4691x1543644ec8198b4c8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 30 Apr 2023 19:57:15 GMT
content-type: text/css
last-modified: Thu, 21 May 2020 13:08:20 GMT
vary: Accept-Encoding
etag: W/"5ec67d44-79a"
expires: Sun, 28 Apr 2024 10:25:03 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 120732
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7HuBRnCt8dZfxj%2BHGVUy41jBrqpgt32L5Np4bTAPkEa%2BwqEpYQrro5L5U4IfYydyzcKd2kspcVKDot50ZnTuJykLBcD5tOIcGDksNpV4RkmvOcJX3S5J3zVmmp8mAqWCKQK%2BBe6DbDy69RpDTJA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c025a498ac40b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
142.250.74.106200 OK 31 kB URL GET HTTP/3 ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP 142.250.74.106:443
Requested by https://letter.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint78:8B:BB:40:DD:1D:5B:E9:7B:AA:CC:94:45:44:7F:FD:56:6E:E4:60
ValidityMon, 03 Apr 2023 08:24:24 GMT - Mon, 26 Jun 2023 08:24:23 GMT
File type ASCII text, with very long lines (65451)
Hash 903bc7a7e510f87aa5d0201eb59a0832
ac9aa4dd94cde1bcba9037e94087138b127e41fc
41a7ac8150cc9f38421451d5143c1ffec7a1f1fafbf7a7fc0f51b98ad699cf8f
GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: ajax.googleapis.com
Connection: keep-alive
Referer: https://click.okaynotification.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31021
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 29 Apr 2023 13:45:37 GMT
expires: Sun, 28 Apr 2024 13:45:37 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 108698
last-modified: Fri, 08 May 2020 07:05:03 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
notice.okaynotification.com/js2/t/video2/index.html
188.114.97.1 29 kB URL notice.okaynotification.com/js2/t/video2/index.html
IP 188.114.97.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1051), with CRLF line terminators
Hash f6da507a38cbe2d9fa102d3f6a26db5f
9f6639cf958cf5e501cda7ea325c7703ee908dc8
0382880d1a9d8dbecd536d721ffbd7738c16e2f476b10c65d479979207190d2a
GET /js2/t/video2/index.html HTTP/1.1
Host: notice.okaynotification.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sms.okaynotification.com/
Cookie: jjj=2; u=31x4691x1543644ec8198b4c8
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 30 Apr 2023 19:57:15 GMT
content-type: text/html
last-modified: Fri, 09 Oct 2020 15:22:15 GMT
vary: Accept-Encoding
expires: Mon, 29 Apr 2024 19:57:15 GMT
cache-control: max-age=31536000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5YaupYYUhbeEJVMU3ckvxTGqHqVJZFGz3HynQ4pFLdaqvqQqTW7be75GPLj0Ixa4boezD%2F9JzB2x2xXcXeN23suso1xyVskIspRJulwZrRJM%2BYXy%2FS4bmquReELARJa84j0KuQcOsYu%2FUSRyX3A%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c025a4879720b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
sms.okaynotification.com/js2/t/video2/inc.js
188.114.97.1 62 kB URL sms.okaynotification.com/js2/t/video2/inc.js
IP 188.114.97.1:0
File type ASCII text, with CRLF line terminators
Hash 7c28dce86184b25ec0874ff61684286b
904deee87170755eb416f855e6cde05a3c0a54b3
f9a2072e3b9dc164919a19382ebd95e110bf91f81947357dfd877878fd2dd7c0
GET /js2/t/video2/inc.js HTTP/1.1
Host: sms.okaynotification.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: sms.okaynotification.com
Connection: keep-alive
Referer: https://sms.okaynotification.com/js2/t/video2/index.html
Cookie: jjj=1; u=31x4691x1543644ec8198b4c8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 30 Apr 2023 19:57:14 GMT
content-type: application/javascript
last-modified: Mon, 16 Aug 2021 15:15:52 GMT
vary: Accept-Encoding
etag: W/"611a8128-3385"
expires: Mon, 22 Apr 2024 08:22:59 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 646455
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eiI1JqIGbmCg9vceUQQUJ28UYzQCthxnfKbwZWMu1ml3JWkMirDtltKsxzQrBTU%2BR8Hbh1da5sEochOoMXn85h%2FkLUVt0uno1kDlv61IzMD77azoFB7UJxVcw8aj2ipuRp29GpgkSPufjmI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c025a471fd60b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
104.17.25.14200 OK 5.6 kB URL GET HTTP/3 cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
IP 104.17.25.14:443
Requested by https://memorandum.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA9:11:71:07:07:92:48:7E:A9:3C:E8:32:25:3F:EB:AC:7D:51:7E:8F
ValidityWed, 03 Aug 2022 00:00:00 GMT - Wed, 02 Aug 2023 23:59:59 GMT
File type ASCII text, with very long lines (30837)
Hash 109d1ed85cd01f9cdab73a4cac5bf80d
d6c6498ad46de2d8e2008a8ff68e364ae7f16b32
8b3a74fe462f5b3c0635995fd721a60eb640e237680b0b532b96711f2823e8bc
GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: cdnjs.cloudflare.com
Connection: keep-alive
Referer: https://update.okaynotification.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 30 Apr 2023 19:57:16 GMT
content-type: text/css; charset=utf-8
content-length: 5631
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-7918"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1553747
expires: Fri, 19 Apr 2024 19:57:16 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zOslNoGw8jeGdM4YyNR9d3ULwdnwo1wemAx8sMUnT1j7wy1o1NaqjA6g2QuW8pqMas7cHAqXX9NEgAKvb0RJFyPFPleagdpNgwGohLkYvTWZrqKrfnvkGwPUTQRn9DfWt73FHq5z"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7c025a4f8fe3b4ed-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
142.250.74.106200 OK 31 kB URL GET HTTP/3 ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP 142.250.74.106:443
Requested by https://letter.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint78:8B:BB:40:DD:1D:5B:E9:7B:AA:CC:94:45:44:7F:FD:56:6E:E4:60
ValidityMon, 03 Apr 2023 08:24:24 GMT - Mon, 26 Jun 2023 08:24:23 GMT
File type ASCII text, with very long lines (65451)
Hash 903bc7a7e510f87aa5d0201eb59a0832
ac9aa4dd94cde1bcba9037e94087138b127e41fc
41a7ac8150cc9f38421451d5143c1ffec7a1f1fafbf7a7fc0f51b98ad699cf8f
GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: ajax.googleapis.com
Connection: keep-alive
Referer: https://update.okaynotification.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31021
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 29 Apr 2023 13:45:37 GMT
expires: Sun, 28 Apr 2024 13:45:37 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 108699
last-modified: Fri, 08 May 2020 07:05:03 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
update.okaynotification.com/js2/t/video2/style.css
188.114.97.1 26 kB URL update.okaynotification.com/js2/t/video2/style.css
IP 188.114.97.1:0
File type ASCII text, with CRLF line terminators
Hash 61fadcc0fac3d7335dd2800ceef516f0
7bc11bfe730f610c74351741706b5415a4a59fd2
65b1b23954405e06a63d48694adee3a33acb76c83bbd360c95aa8ec97feb6a98
GET /js2/t/video2/style.css HTTP/1.1
Host: update.okaynotification.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: update.okaynotification.com
Connection: keep-alive
Referer: https://update.okaynotification.com/js2/t/video2/index.html
Cookie: jjj=4; u=31x4691x1543644ec8198b4c8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 30 Apr 2023 19:57:16 GMT
content-type: text/css
last-modified: Thu, 21 May 2020 13:08:20 GMT
vary: Accept-Encoding
etag: W/"5ec67d44-79a"
expires: Fri, 26 Apr 2024 12:41:26 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 285350
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S3jGnfHbXNQuxzgYRSQHQDT436Js8SsKQIIPXOhptf0xGfKDeBZGC1CkP2mqq%2B2jvUd3PDIJhaPsCW7H%2BZLpHNzWN7B%2ByagJmssrMx0HVLh7W0DIhfFu206ix6jKUpi1HHzOM4mHLx03CjCO9IA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c025a4f89e80b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
click.okaynotification.com/js2/t/video2/inc.js
104.21.84.214 62 kB URL click.okaynotification.com/js2/t/video2/inc.js
IP 104.21.84.214:0
File type ASCII text, with CRLF line terminators
Hash 7c28dce86184b25ec0874ff61684286b
904deee87170755eb416f855e6cde05a3c0a54b3
f9a2072e3b9dc164919a19382ebd95e110bf91f81947357dfd877878fd2dd7c0
GET /js2/t/video2/inc.js HTTP/1.1
Host: click.okaynotification.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: click.okaynotification.com
Connection: keep-alive
Referer: https://click.okaynotification.com/js2/t/video2/index.html
Cookie: jjj=3; u=31x4691x1543644ec8198b4c8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 30 Apr 2023 19:57:15 GMT
content-type: application/javascript
last-modified: Mon, 16 Aug 2021 15:15:52 GMT
vary: Accept-Encoding
etag: W/"611a8128-3385"
expires: Sun, 28 Apr 2024 10:25:04 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 120731
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6%2B%2Blz42fjUtRCMfM%2FSpHZZ1%2BI0VVw7yDepdNnEJ%2FCadqcAnXC4SKN9lcS%2BnF7%2FG2mNxiNWIMJcGVOl2dHLslRB239WbqWp%2FsARl1FsIorlV4V3XwqWeAxUPP%2B%2BGOpixbj97zq11vczc3AM9WGw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c025a4d5b93fabc-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
104.17.25.14200 OK 5.6 kB URL GET HTTP/3 cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
IP 104.17.25.14:443
Requested by https://memorandum.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA9:11:71:07:07:92:48:7E:A9:3C:E8:32:25:3F:EB:AC:7D:51:7E:8F
ValidityWed, 03 Aug 2022 00:00:00 GMT - Wed, 02 Aug 2023 23:59:59 GMT
File type ASCII text, with very long lines (30837)
Hash 109d1ed85cd01f9cdab73a4cac5bf80d
d6c6498ad46de2d8e2008a8ff68e364ae7f16b32
8b3a74fe462f5b3c0635995fd721a60eb640e237680b0b532b96711f2823e8bc
GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: cdnjs.cloudflare.com
Connection: keep-alive
Referer: https://now.okaynotification.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 30 Apr 2023 19:57:16 GMT
content-type: text/css; charset=utf-8
content-length: 5631
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-7918"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1553747
expires: Fri, 19 Apr 2024 19:57:16 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fiMieb1e6EePSzZQq9pDt1IEyCC2oYsMGjI9MNLw8sYvfOtqyNTkVhUJ7IBv2qNa5cM5%2FEOImGEGkfUW7drJHB7HEbr9jzl2rRWs9Vcprj0YIj74mLo6s36UhDgRiEa%2BcJm3BuA8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7c025a51cb4db4ed-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
142.250.74.106200 OK 31 kB URL GET HTTP/3 ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP 142.250.74.106:443
Requested by https://letter.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint78:8B:BB:40:DD:1D:5B:E9:7B:AA:CC:94:45:44:7F:FD:56:6E:E4:60
ValidityMon, 03 Apr 2023 08:24:24 GMT - Mon, 26 Jun 2023 08:24:23 GMT
File type ASCII text, with very long lines (65451)
Hash 903bc7a7e510f87aa5d0201eb59a0832
ac9aa4dd94cde1bcba9037e94087138b127e41fc
41a7ac8150cc9f38421451d5143c1ffec7a1f1fafbf7a7fc0f51b98ad699cf8f
GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: ajax.googleapis.com
Connection: keep-alive
Referer: https://now.okaynotification.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31021
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 29 Apr 2023 13:45:37 GMT
expires: Sun, 28 Apr 2024 13:45:37 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 108699
last-modified: Fri, 08 May 2020 07:05:03 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
update.okaynotification.com/js2/t/video2/index.html
188.114.97.1 30 kB URL update.okaynotification.com/js2/t/video2/index.html
IP 188.114.97.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1051), with CRLF line terminators
Hash 7cf634d9c4487f1eb951466235d9d43b
f8e9a35ce875910132b06b6da86d71254e1f35b4
2a1099b9552c14808f72c7bfb6569086075030ff9c983979d1a9ee9b8f42bba7
GET /js2/t/video2/index.html HTTP/1.1
Host: update.okaynotification.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://click.okaynotification.com/
Cookie: jjj=4; u=31x4691x1543644ec8198b4c8
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 30 Apr 2023 19:57:16 GMT
content-type: text/html
last-modified: Fri, 09 Oct 2020 15:22:15 GMT
vary: Accept-Encoding
expires: Mon, 29 Apr 2024 19:57:16 GMT
cache-control: max-age=31536000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VExketmBosXQtkibvKL9%2B1mHj6l%2B%2B91TEtTnqUtA%2FnJBV4%2FQrS8qWX5waSZj8YnmfvAWIP%2BHa%2BeKwDxCicH0bQweFlHvAJeY2nJOdAF%2Bt87xzQ47ypkwQJZ1K8awYFlXX4j7p864ZIg4jAtIlmI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c025a4e78c40b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
mainstreamlp.s3-eu-west-1.amazonaws.com/cassandra/unnamed.gif
52.218.46.154200 OK 56 kB URL GET HTTP/1.1 mainstreamlp.s3-eu-west-1.amazonaws.com/cassandra/unnamed.gif
IP 52.218.46.154:443
Requested by https://news.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate IssuerAmazon
Subject*.s3-eu-west-1.amazonaws.com
Fingerprint65:68:E2:68:16:9C:A1:45:3E:AA:7F:E8:6C:8C:07:12:86:2D:DC:10
ValidityWed, 21 Sep 2022 00:00:00 GMT - Wed, 30 Aug 2023 23:59:59 GMT
File type GIF image data, version 89a, 250 x 200\012- data
Hash 426e71e4e8b69c27ca1530ad8ea0f337
25491dd7883395b030d8e57364878ce642834e37
29439e6057faf7858a2ebb5844b6f2751386bd4c39648ea3c2c60d5e1a3f17f1
GET /cassandra/unnamed.gif HTTP/1.1
Host: mainstreamlp.s3-eu-west-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://now.okaynotification.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: qHO5bvUarTH4me/VejdBsRmI0MjPft0sCVqDwG2QT13MnULU42fCgZq+4IabHgL1F4RCwSMcuZc=
x-amz-request-id: 2N7YZ7KB2K7RFRX1
Date: Sun, 30 Apr 2023 19:57:17 GMT
Last-Modified: Wed, 20 May 2020 16:12:00 GMT
ETag: "426e71e4e8b69c27ca1530ad8ea0f337"
Accept-Ranges: bytes
Content-Type: image/gif
Server: AmazonS3
Content-Length: 55495
now.okaynotification.com/js2/t/video2/index.html
188.114.97.1 15 kB URL now.okaynotification.com/js2/t/video2/index.html
IP 188.114.97.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1051), with CRLF line terminators
Hash 64cd8a1867e91682c7d219ca444c2f7f
a15cec5014d99d72fa2378719a3129088ba1b720
0f52ad3834d727629fc351028d2d74c10c5208cc93ab67f577d2983b44a57f6c
GET /js2/t/video2/index.html HTTP/1.1
Host: now.okaynotification.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://update.okaynotification.com/
Cookie: jjj=5; u=31x4691x1543644ec8198b4c8
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 30 Apr 2023 19:57:16 GMT
content-type: text/html
last-modified: Fri, 09 Oct 2020 15:22:15 GMT
vary: Accept-Encoding
expires: Mon, 29 Apr 2024 19:57:16 GMT
cache-control: max-age=31536000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uF9P9jwYu6TtIr%2FklDtmWJzaWeHy32SA%2FBk6EydUEdSlDl01UTCDoaPIeOoCIyJcIILkR7CtEpmsN0yEoMpPDQidXp3M9lVrpRCcHGZFnvqIRwba%2FNHYnISyDVc40c9SblvUkREdUUyloIU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c025a50cb440b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
142.250.74.106200 OK 31 kB URL GET HTTP/3 ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP 142.250.74.106:443
Requested by https://letter.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint78:8B:BB:40:DD:1D:5B:E9:7B:AA:CC:94:45:44:7F:FD:56:6E:E4:60
ValidityMon, 03 Apr 2023 08:24:24 GMT - Mon, 26 Jun 2023 08:24:23 GMT
File type ASCII text, with very long lines (65451)
Hash 903bc7a7e510f87aa5d0201eb59a0832
ac9aa4dd94cde1bcba9037e94087138b127e41fc
41a7ac8150cc9f38421451d5143c1ffec7a1f1fafbf7a7fc0f51b98ad699cf8f
GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: ajax.googleapis.com
Connection: keep-alive
Referer: https://read.okaynotification.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31021
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 29 Apr 2023 13:45:37 GMT
expires: Sun, 28 Apr 2024 13:45:37 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 108699
last-modified: Fri, 08 May 2020 07:05:03 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
mainstreamlp.s3-eu-west-1.amazonaws.com/cassandra/giphy.gif
52.218.46.154 25 kB URL GET mainstreamlp.s3-eu-west-1.amazonaws.com/cassandra/giphy.gif
IP 52.218.46.154:0
Requested by https://note.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate IssuerAmazon
Subject*.s3-eu-west-1.amazonaws.com
Fingerprint65:68:E2:68:16:9C:A1:45:3E:AA:7F:E8:6C:8C:07:12:86:2D:DC:10
ValidityWed, 21 Sep 2022 00:00:00 GMT - Wed, 30 Aug 2023 23:59:59 GMT
File type GIF image data, version 89a, 480 x 480\012- data
Hash 7e3fce0b52710d1cff60184ab6957570
44d0b8f01481a72a93da9a5b37898d15d33e6ad6
b0f4b9ef95abb8ac47aeea2bedfbcd0df609b82a1c6cb4f73497a3b061929074
GET /cassandra/giphy.gif HTTP/1.1
Host: mainstreamlp.s3-eu-west-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://read.okaynotification.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: exnoumPr3w9kEHp0sT1D4a/fhgsHB2aMJdFmHTzpASz7bSi13JGFVYYa3w0sMMOWZUYXOe4iqd8=
x-amz-request-id: 2N7Z97PZ1HM4Z95Y
Date: Sun, 30 Apr 2023 19:57:17 GMT
Last-Modified: Wed, 20 May 2020 16:30:23 GMT
ETag: "7e3fce0b52710d1cff60184ab6957570"
Accept-Ranges: bytes
Content-Type: image/gif
Server: AmazonS3
Content-Length: 24722
mainstreamlp.s3-eu-west-1.amazonaws.com/cassandra/unnamed.gif
52.218.46.154200 OK 56 kB URL GET HTTP/1.1 mainstreamlp.s3-eu-west-1.amazonaws.com/cassandra/unnamed.gif
IP 52.218.46.154:443
Requested by https://news.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate IssuerAmazon
Subject*.s3-eu-west-1.amazonaws.com
Fingerprint65:68:E2:68:16:9C:A1:45:3E:AA:7F:E8:6C:8C:07:12:86:2D:DC:10
ValidityWed, 21 Sep 2022 00:00:00 GMT - Wed, 30 Aug 2023 23:59:59 GMT
File type GIF image data, version 89a, 250 x 200\012- data
Hash 426e71e4e8b69c27ca1530ad8ea0f337
25491dd7883395b030d8e57364878ce642834e37
29439e6057faf7858a2ebb5844b6f2751386bd4c39648ea3c2c60d5e1a3f17f1
GET /cassandra/unnamed.gif HTTP/1.1
Host: mainstreamlp.s3-eu-west-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://read.okaynotification.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: /+4TShIWCQXJ9N1jMykELvWB4p2TXchiPLFbhEpGcWJw/KexvlLOA/0403FuQGMrvbpR1HKBzI0=
x-amz-request-id: 2N7ZDETFVAZKJ5JH
Date: Sun, 30 Apr 2023 19:57:17 GMT
Last-Modified: Wed, 20 May 2020 16:12:00 GMT
ETag: "426e71e4e8b69c27ca1530ad8ea0f337"
Accept-Ranges: bytes
Content-Type: image/gif
Server: AmazonS3
Content-Length: 55495
read.okaynotification.com/js2/t/video2/inc.js
188.114.97.1 9.1 kB URL read.okaynotification.com/js2/t/video2/inc.js
IP 188.114.97.1:0
File type ASCII text, with CRLF line terminators
Hash e287b8fdd03afb692d6eed6e084e0632
ec545b22ce4ec45605951fda19d34725179d5569
2b18f62ab5514d86271b6c6915c793f45d4d6e16019461c818a37dcb175ef63a
GET /js2/t/video2/inc.js HTTP/1.1
Host: read.okaynotification.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: read.okaynotification.com
Connection: keep-alive
Referer: https://read.okaynotification.com/js2/t/video2/index.html
Cookie: jjj=6; u=31x4691x1543644ec8198b4c8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 30 Apr 2023 19:57:16 GMT
content-type: application/javascript
last-modified: Mon, 16 Aug 2021 15:15:52 GMT
vary: Accept-Encoding
etag: W/"611a8128-3385"
expires: Sun, 28 Apr 2024 10:25:05 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 120731
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7O5Zvh0T9%2BpSrf3K3AOTXZqKhVczZbgz7ZKHIxn47eRPVe3HSIp8ezYaFQXfFVIbQmdm%2FKTPcsyTwY2d8UTKbKKC0dpal13bk0ICWY8l3yex28NCJR4%2FJ80JsPOASACQQrcR53pHjutbZ2ZO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c025a53eed60b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
142.250.74.106200 OK 31 kB URL GET HTTP/3 ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP 142.250.74.106:443
Requested by https://letter.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint78:8B:BB:40:DD:1D:5B:E9:7B:AA:CC:94:45:44:7F:FD:56:6E:E4:60
ValidityMon, 03 Apr 2023 08:24:24 GMT - Mon, 26 Jun 2023 08:24:23 GMT
File type ASCII text, with very long lines (65451)
Hash 903bc7a7e510f87aa5d0201eb59a0832
ac9aa4dd94cde1bcba9037e94087138b127e41fc
41a7ac8150cc9f38421451d5143c1ffec7a1f1fafbf7a7fc0f51b98ad699cf8f
GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: ajax.googleapis.com
Connection: keep-alive
Referer: https://readnow.okaynotification.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31021
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 29 Apr 2023 13:45:37 GMT
expires: Sun, 28 Apr 2024 13:45:37 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 108700
last-modified: Fri, 08 May 2020 07:05:03 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
mainstreamlp.s3-eu-west-1.amazonaws.com/cassandra/giphy.gif
52.218.46.154 25 kB URL GET mainstreamlp.s3-eu-west-1.amazonaws.com/cassandra/giphy.gif
IP 52.218.46.154:0
Requested by https://note.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate IssuerAmazon
Subject*.s3-eu-west-1.amazonaws.com
Fingerprint65:68:E2:68:16:9C:A1:45:3E:AA:7F:E8:6C:8C:07:12:86:2D:DC:10
ValidityWed, 21 Sep 2022 00:00:00 GMT - Wed, 30 Aug 2023 23:59:59 GMT
File type GIF image data, version 89a, 480 x 480\012- data
Hash 7e3fce0b52710d1cff60184ab6957570
44d0b8f01481a72a93da9a5b37898d15d33e6ad6
b0f4b9ef95abb8ac47aeea2bedfbcd0df609b82a1c6cb4f73497a3b061929074
GET /cassandra/giphy.gif HTTP/1.1
Host: mainstreamlp.s3-eu-west-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://readnow.okaynotification.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: WHMqGI0+lGYeqVXDCh7KiXcM49xlck1+KoW78VTOLvPu1VnVjjQy7OHEnyMDF5QN9PNR2UfCGE4=
x-amz-request-id: VC7EFQDDM2ZPN4J0
Date: Sun, 30 Apr 2023 19:57:18 GMT
Last-Modified: Wed, 20 May 2020 16:30:23 GMT
ETag: "7e3fce0b52710d1cff60184ab6957570"
Accept-Ranges: bytes
Content-Type: image/gif
Server: AmazonS3
Content-Length: 24722
mainstreamlp.s3-eu-west-1.amazonaws.com/cassandra/unnamed.gif
52.218.46.154200 OK 56 kB URL GET HTTP/1.1 mainstreamlp.s3-eu-west-1.amazonaws.com/cassandra/unnamed.gif
IP 52.218.46.154:443
Requested by https://news.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate IssuerAmazon
Subject*.s3-eu-west-1.amazonaws.com
Fingerprint65:68:E2:68:16:9C:A1:45:3E:AA:7F:E8:6C:8C:07:12:86:2D:DC:10
ValidityWed, 21 Sep 2022 00:00:00 GMT - Wed, 30 Aug 2023 23:59:59 GMT
File type GIF image data, version 89a, 250 x 200\012- data
Hash 426e71e4e8b69c27ca1530ad8ea0f337
25491dd7883395b030d8e57364878ce642834e37
29439e6057faf7858a2ebb5844b6f2751386bd4c39648ea3c2c60d5e1a3f17f1
GET /cassandra/unnamed.gif HTTP/1.1
Host: mainstreamlp.s3-eu-west-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://readnow.okaynotification.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: hnP38xozawAZRT89A1fN42ZvD5CB44VmTb8cS5WnGgiBB7tubMssq3kcDEReU3+CzULOKDg+FA8=
x-amz-request-id: VC76FNZVGEFFSZ3W
Date: Sun, 30 Apr 2023 19:57:18 GMT
Last-Modified: Wed, 20 May 2020 16:12:00 GMT
ETag: "426e71e4e8b69c27ca1530ad8ea0f337"
Accept-Ranges: bytes
Content-Type: image/gif
Server: AmazonS3
Content-Length: 55495
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
104.17.25.14200 OK 5.6 kB URL GET HTTP/3 cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
IP 104.17.25.14:443
Requested by https://memorandum.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA9:11:71:07:07:92:48:7E:A9:3C:E8:32:25:3F:EB:AC:7D:51:7E:8F
ValidityWed, 03 Aug 2022 00:00:00 GMT - Wed, 02 Aug 2023 23:59:59 GMT
File type ASCII text, with very long lines (30837)
Hash 109d1ed85cd01f9cdab73a4cac5bf80d
d6c6498ad46de2d8e2008a8ff68e364ae7f16b32
8b3a74fe462f5b3c0635995fd721a60eb640e237680b0b532b96711f2823e8bc
GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: cdnjs.cloudflare.com
Connection: keep-alive
Referer: https://unread.okaynotification.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 30 Apr 2023 19:57:17 GMT
content-type: text/css; charset=utf-8
content-length: 5631
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-7918"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1553748
expires: Fri, 19 Apr 2024 19:57:17 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MJ3UEGf9zu%2Fy%2FuSxfT6JFjoe2uAHHIUiPYjBF9nnBz8S7YpWK08N2Lna6CMXdS5yMiO3qzV5krqreIhKZAoh7HdosJnkUM49bE2%2BTy0lhakkDXWSZw3Glf00mTlSioiWxVRf94jR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7c025a59492bb4ed-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
142.250.74.106200 OK 31 kB URL GET HTTP/3 ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP 142.250.74.106:443
Requested by https://letter.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint78:8B:BB:40:DD:1D:5B:E9:7B:AA:CC:94:45:44:7F:FD:56:6E:E4:60
ValidityMon, 03 Apr 2023 08:24:24 GMT - Mon, 26 Jun 2023 08:24:23 GMT
File type ASCII text, with very long lines (65451)
Hash 903bc7a7e510f87aa5d0201eb59a0832
ac9aa4dd94cde1bcba9037e94087138b127e41fc
41a7ac8150cc9f38421451d5143c1ffec7a1f1fafbf7a7fc0f51b98ad699cf8f
GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: ajax.googleapis.com
Connection: keep-alive
Referer: https://unread.okaynotification.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31021
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 29 Apr 2023 13:45:37 GMT
expires: Sun, 28 Apr 2024 13:45:37 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 108700
last-modified: Fri, 08 May 2020 07:05:03 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
mainstreamlp.s3-eu-west-1.amazonaws.com/cassandra/giphy.gif
52.218.46.154 25 kB URL GET mainstreamlp.s3-eu-west-1.amazonaws.com/cassandra/giphy.gif
IP 52.218.46.154:0
Requested by https://note.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate IssuerAmazon
Subject*.s3-eu-west-1.amazonaws.com
Fingerprint65:68:E2:68:16:9C:A1:45:3E:AA:7F:E8:6C:8C:07:12:86:2D:DC:10
ValidityWed, 21 Sep 2022 00:00:00 GMT - Wed, 30 Aug 2023 23:59:59 GMT
File type GIF image data, version 89a, 480 x 480\012- data
Hash 7e3fce0b52710d1cff60184ab6957570
44d0b8f01481a72a93da9a5b37898d15d33e6ad6
b0f4b9ef95abb8ac47aeea2bedfbcd0df609b82a1c6cb4f73497a3b061929074
GET /cassandra/giphy.gif HTTP/1.1
Host: mainstreamlp.s3-eu-west-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://unread.okaynotification.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: me1sA04N0r4SnVeNZP0qCmnswHE7v40MUM8BBphAZk++dHU3HZTNcCUY6z6DuQoygCPMB8IFqCE=
x-amz-request-id: VC7B1KCRH0P3KR37
Date: Sun, 30 Apr 2023 19:57:18 GMT
Last-Modified: Wed, 20 May 2020 16:30:23 GMT
ETag: "7e3fce0b52710d1cff60184ab6957570"
Accept-Ranges: bytes
Content-Type: image/gif
Server: AmazonS3
Content-Length: 24722
mainstreamlp.s3-eu-west-1.amazonaws.com/cassandra/unnamed.gif
52.218.46.154200 OK 56 kB URL GET HTTP/1.1 mainstreamlp.s3-eu-west-1.amazonaws.com/cassandra/unnamed.gif
IP 52.218.46.154:443
Requested by https://news.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate IssuerAmazon
Subject*.s3-eu-west-1.amazonaws.com
Fingerprint65:68:E2:68:16:9C:A1:45:3E:AA:7F:E8:6C:8C:07:12:86:2D:DC:10
ValidityWed, 21 Sep 2022 00:00:00 GMT - Wed, 30 Aug 2023 23:59:59 GMT
File type GIF image data, version 89a, 250 x 200\012- data
Hash 426e71e4e8b69c27ca1530ad8ea0f337
25491dd7883395b030d8e57364878ce642834e37
29439e6057faf7858a2ebb5844b6f2751386bd4c39648ea3c2c60d5e1a3f17f1
GET /cassandra/unnamed.gif HTTP/1.1
Host: mainstreamlp.s3-eu-west-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://unread.okaynotification.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: 43ib7SFNr6WGJXDrpt8BRnZxcL8hwMBritiMLbRZIWnyAGY12mXyZnxJ9Z7uG7DkB6bUc232wpc=
x-amz-request-id: VC70782040PYV601
Date: Sun, 30 Apr 2023 19:57:18 GMT
Last-Modified: Wed, 20 May 2020 16:12:00 GMT
ETag: "426e71e4e8b69c27ca1530ad8ea0f337"
Accept-Ranges: bytes
Content-Type: image/gif
Server: AmazonS3
Content-Length: 55495
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
104.17.25.14200 OK 5.6 kB URL GET HTTP/3 cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
IP 104.17.25.14:443
Requested by https://memorandum.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA9:11:71:07:07:92:48:7E:A9:3C:E8:32:25:3F:EB:AC:7D:51:7E:8F
ValidityWed, 03 Aug 2022 00:00:00 GMT - Wed, 02 Aug 2023 23:59:59 GMT
File type ASCII text, with very long lines (30837)
Hash 109d1ed85cd01f9cdab73a4cac5bf80d
d6c6498ad46de2d8e2008a8ff68e364ae7f16b32
8b3a74fe462f5b3c0635995fd721a60eb640e237680b0b532b96711f2823e8bc
GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: cdnjs.cloudflare.com
Connection: keep-alive
Referer: https://first.okaynotification.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 30 Apr 2023 19:57:17 GMT
content-type: text/css; charset=utf-8
content-length: 5631
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-7918"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1553748
expires: Fri, 19 Apr 2024 19:57:17 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nnxgu3GmT5%2Bg7l4FrvHHNnbvfM2NOvFs40OYI18uc6sjRaZrxRMsMuKkRtZhYyPg7%2F0gJ3SbARqhkHm%2FFk20rKm9LeF95JncdjKps9QrEQKT9xqkC9%2BZXWgsNXAZuwgTuWc7znN4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7c025a5b6c7ab4ed-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
142.250.74.106200 OK 31 kB URL GET HTTP/3 ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP 142.250.74.106:443
Requested by https://letter.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint78:8B:BB:40:DD:1D:5B:E9:7B:AA:CC:94:45:44:7F:FD:56:6E:E4:60
ValidityMon, 03 Apr 2023 08:24:24 GMT - Mon, 26 Jun 2023 08:24:23 GMT
File type ASCII text, with very long lines (65451)
Hash 903bc7a7e510f87aa5d0201eb59a0832
ac9aa4dd94cde1bcba9037e94087138b127e41fc
41a7ac8150cc9f38421451d5143c1ffec7a1f1fafbf7a7fc0f51b98ad699cf8f
GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: ajax.googleapis.com
Connection: keep-alive
Referer: https://first.okaynotification.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31021
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 29 Apr 2023 13:45:37 GMT
expires: Sun, 28 Apr 2024 13:45:37 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 108700
last-modified: Fri, 08 May 2020 07:05:03 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
mainstreamlp.s3-eu-west-1.amazonaws.com/cassandra/giphy.gif
52.218.46.154 25 kB URL GET mainstreamlp.s3-eu-west-1.amazonaws.com/cassandra/giphy.gif
IP 52.218.46.154:0
Requested by https://note.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate IssuerAmazon
Subject*.s3-eu-west-1.amazonaws.com
Fingerprint65:68:E2:68:16:9C:A1:45:3E:AA:7F:E8:6C:8C:07:12:86:2D:DC:10
ValidityWed, 21 Sep 2022 00:00:00 GMT - Wed, 30 Aug 2023 23:59:59 GMT
File type GIF image data, version 89a, 480 x 480\012- data
Hash 7e3fce0b52710d1cff60184ab6957570
44d0b8f01481a72a93da9a5b37898d15d33e6ad6
b0f4b9ef95abb8ac47aeea2bedfbcd0df609b82a1c6cb4f73497a3b061929074
GET /cassandra/giphy.gif HTTP/1.1
Host: mainstreamlp.s3-eu-west-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://first.okaynotification.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: HYOaOOO0lrCeNtW/UCCQ5HeP43W1okgzdsqrtsGf8UrBX18N6pbUgglF9DHmnPxq4OM7bSaJiD8=
x-amz-request-id: PJAJ5Q4E0ZZXSEMD
Date: Sun, 30 Apr 2023 19:57:19 GMT
Last-Modified: Wed, 20 May 2020 16:30:23 GMT
ETag: "7e3fce0b52710d1cff60184ab6957570"
Accept-Ranges: bytes
Content-Type: image/gif
Server: AmazonS3
Content-Length: 24722
readnow.okaynotification.com/js2/t/video2/index.html
188.114.97.1 64 kB URL readnow.okaynotification.com/js2/t/video2/index.html
IP 188.114.97.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1051), with CRLF line terminators
Hash 84ac362d00cfbafe60336019f6887bab
2611fefcb0159f02d41fcd76b78a2eeeae11598d
e0687b6e563e1607b8e76a118a46e30ce8285471a2f8391fa25d398bf5ea3847
GET /js2/t/video2/index.html HTTP/1.1
Host: readnow.okaynotification.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://read.okaynotification.com/
Cookie: jjj=7; u=31x4691x1543644ec8198b4c8
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 30 Apr 2023 19:57:17 GMT
content-type: text/html
last-modified: Fri, 09 Oct 2020 15:22:15 GMT
vary: Accept-Encoding
expires: Mon, 29 Apr 2024 19:57:17 GMT
cache-control: max-age=31536000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gYvxHhGxLv%2FUpcW7cYgt%2BeOcXc151clGlNHWX2aWkrlXoS1FrtT0KDOXYaaHlMyfqe6pmJDCnFU21AHvS8Uy16elJHRgeN4CwHs9KplY8BlmQkl6SokgvuHlWwjMLjHhu8oO4aMGKaMMErhyDXFw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c025a5518320b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
104.17.25.14200 OK 5.6 kB URL GET HTTP/3 cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
IP 104.17.25.14:443
Requested by https://memorandum.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA9:11:71:07:07:92:48:7E:A9:3C:E8:32:25:3F:EB:AC:7D:51:7E:8F
ValidityWed, 03 Aug 2022 00:00:00 GMT - Wed, 02 Aug 2023 23:59:59 GMT
File type ASCII text, with very long lines (30837)
Hash 109d1ed85cd01f9cdab73a4cac5bf80d
d6c6498ad46de2d8e2008a8ff68e364ae7f16b32
8b3a74fe462f5b3c0635995fd721a60eb640e237680b0b532b96711f2823e8bc
GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: cdnjs.cloudflare.com
Connection: keep-alive
Referer: https://clik.okaynotification.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 30 Apr 2023 19:57:18 GMT
content-type: text/css; charset=utf-8
content-length: 5631
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-7918"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1553749
expires: Fri, 19 Apr 2024 19:57:18 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FJcU2Ncazy2Nc8sZJeozSWinlr%2BT1XgGI%2BFN0GXtlHZNG3hNWN5%2FAEE3VPdORTV99xv3o7ETiDtGu%2BLvRxE9fi77fjIwyb5pF82lS12wiqjt8TsYLQPysjhgICP61NlspaSE%2B1%2Fn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7c025a5d6f50b4ed-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
unread.okaynotification.com/js2/t/video2/style.css
104.21.84.214 32 kB URL unread.okaynotification.com/js2/t/video2/style.css
IP 104.21.84.214:0
File type ASCII text, with CRLF line terminators
Hash 4ac054e85f072c2ebef15f8836a0df88
8afdc567c7671fad4243bf26d3afd1c2ffc0cbcf
80ddb63a1b4bddc7ab0b75737595ac1d3879c21738482b18807f31091fc8455f
GET /js2/t/video2/style.css HTTP/1.1
Host: unread.okaynotification.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: unread.okaynotification.com
Connection: keep-alive
Referer: https://unread.okaynotification.com/js2/t/video2/index.html
Cookie: jjj=8; u=31x4691x1543644ec8198b4c8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 30 Apr 2023 19:57:17 GMT
content-type: text/css
last-modified: Thu, 21 May 2020 13:08:20 GMT
vary: Accept-Encoding
etag: W/"5ec67d44-79a"
expires: Sun, 28 Apr 2024 10:25:05 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 120731
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xYrId0aXTqvtERRwdNbVOBQ2OUPPlLXk10EHLXmeHDt9LQyntHvvbfng9kR2t8Ods9UdmAVi7lHqSXzDrAiVXlZwni8IqEqbB3uKxudaP%2FmxUeruf8pNjjtU09bC63dQpQ5ucbPSh%2Fco5mkVDOU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c025a594f72fabc-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
mainstreamlp.s3-eu-west-1.amazonaws.com/cassandra/giphy.gif
52.218.46.154 25 kB URL GET mainstreamlp.s3-eu-west-1.amazonaws.com/cassandra/giphy.gif
IP 52.218.46.154:0
Requested by https://note.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate IssuerAmazon
Subject*.s3-eu-west-1.amazonaws.com
Fingerprint65:68:E2:68:16:9C:A1:45:3E:AA:7F:E8:6C:8C:07:12:86:2D:DC:10
ValidityWed, 21 Sep 2022 00:00:00 GMT - Wed, 30 Aug 2023 23:59:59 GMT
File type GIF image data, version 89a, 480 x 480\012- data
Hash 7e3fce0b52710d1cff60184ab6957570
44d0b8f01481a72a93da9a5b37898d15d33e6ad6
b0f4b9ef95abb8ac47aeea2bedfbcd0df609b82a1c6cb4f73497a3b061929074
GET /cassandra/giphy.gif HTTP/1.1
Host: mainstreamlp.s3-eu-west-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clik.okaynotification.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: Buv+v/QGuuQuWyJbxm4by0IToESDNQ/K8YwVIDQkAEKWUfQIsgJrjbnH35fL3bYehYa+me24TVM=
x-amz-request-id: PJASDRKF2N6D7KS9
Date: Sun, 30 Apr 2023 19:57:19 GMT
Last-Modified: Wed, 20 May 2020 16:30:23 GMT
ETag: "7e3fce0b52710d1cff60184ab6957570"
Accept-Ranges: bytes
Content-Type: image/gif
Server: AmazonS3
Content-Length: 24722
mainstreamlp.s3-eu-west-1.amazonaws.com/cassandra/unnamed.gif
52.218.46.154200 OK 56 kB URL GET HTTP/1.1 mainstreamlp.s3-eu-west-1.amazonaws.com/cassandra/unnamed.gif
IP 52.218.46.154:443
Requested by https://news.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate IssuerAmazon
Subject*.s3-eu-west-1.amazonaws.com
Fingerprint65:68:E2:68:16:9C:A1:45:3E:AA:7F:E8:6C:8C:07:12:86:2D:DC:10
ValidityWed, 21 Sep 2022 00:00:00 GMT - Wed, 30 Aug 2023 23:59:59 GMT
File type GIF image data, version 89a, 250 x 200\012- data
Hash 426e71e4e8b69c27ca1530ad8ea0f337
25491dd7883395b030d8e57364878ce642834e37
29439e6057faf7858a2ebb5844b6f2751386bd4c39648ea3c2c60d5e1a3f17f1
GET /cassandra/unnamed.gif HTTP/1.1
Host: mainstreamlp.s3-eu-west-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clik.okaynotification.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: 9XC7Vb+gJCHA8eOYUfQguprj/sfCDwrQHqodgmp3KB9Kk+gHwXnBzdljPXpEAqFYNsOhmcW8uh8=
x-amz-request-id: PJAX1D3AFM2KY9TA
Date: Sun, 30 Apr 2023 19:57:19 GMT
Last-Modified: Wed, 20 May 2020 16:12:00 GMT
ETag: "426e71e4e8b69c27ca1530ad8ea0f337"
Accept-Ranges: bytes
Content-Type: image/gif
Server: AmazonS3
Content-Length: 55495
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
104.17.25.14200 OK 5.6 kB URL GET HTTP/3 cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
IP 104.17.25.14:443
Requested by https://memorandum.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA9:11:71:07:07:92:48:7E:A9:3C:E8:32:25:3F:EB:AC:7D:51:7E:8F
ValidityWed, 03 Aug 2022 00:00:00 GMT - Wed, 02 Aug 2023 23:59:59 GMT
File type ASCII text, with very long lines (30837)
Hash 109d1ed85cd01f9cdab73a4cac5bf80d
d6c6498ad46de2d8e2008a8ff68e364ae7f16b32
8b3a74fe462f5b3c0635995fd721a60eb640e237680b0b532b96711f2823e8bc
GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: cdnjs.cloudflare.com
Connection: keep-alive
Referer: https://information.okaynotification.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 30 Apr 2023 19:57:18 GMT
content-type: text/css; charset=utf-8
content-length: 5631
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-7918"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1553749
expires: Fri, 19 Apr 2024 19:57:18 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RrZEl9A4WopLLhKBpEcG7DzJfn%2BHnNAHIGqlueJ94psK0AocQ%2FkUG%2FPtiSIiIdSXADpwh1tN6eR16hzS%2BWN%2BnAdmf7%2BVCYQ%2FE%2FEyLk6SLGxreFZgtKg%2F7SgOWcq5mXm9SbxX0FSu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7c025a600b30b4ed-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
142.250.74.106200 OK 31 kB URL GET HTTP/3 ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP 142.250.74.106:443
Requested by https://letter.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint78:8B:BB:40:DD:1D:5B:E9:7B:AA:CC:94:45:44:7F:FD:56:6E:E4:60
ValidityMon, 03 Apr 2023 08:24:24 GMT - Mon, 26 Jun 2023 08:24:23 GMT
File type ASCII text, with very long lines (65451)
Hash 903bc7a7e510f87aa5d0201eb59a0832
ac9aa4dd94cde1bcba9037e94087138b127e41fc
41a7ac8150cc9f38421451d5143c1ffec7a1f1fafbf7a7fc0f51b98ad699cf8f
GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: ajax.googleapis.com
Connection: keep-alive
Referer: https://information.okaynotification.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31021
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 29 Apr 2023 13:45:37 GMT
expires: Sun, 28 Apr 2024 13:45:37 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 108701
last-modified: Fri, 08 May 2020 07:05:03 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
first.okaynotification.com/js2/t/video2/index.html
104.21.84.214 30 kB URL first.okaynotification.com/js2/t/video2/index.html
IP 104.21.84.214:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1051), with CRLF line terminators
Hash 7cf634d9c4487f1eb951466235d9d43b
f8e9a35ce875910132b06b6da86d71254e1f35b4
2a1099b9552c14808f72c7bfb6569086075030ff9c983979d1a9ee9b8f42bba7
GET /js2/t/video2/index.html HTTP/1.1
Host: first.okaynotification.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://unread.okaynotification.com/
Cookie: jjj=9; u=31x4691x1543644ec8198b4c8
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 30 Apr 2023 19:57:17 GMT
content-type: text/html
last-modified: Fri, 09 Oct 2020 15:22:15 GMT
vary: Accept-Encoding
expires: Mon, 29 Apr 2024 19:57:17 GMT
cache-control: max-age=31536000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FhoKoRU5jqNSnjXN738TBJGKh%2FPosqHAZzBBBgxj6a45Aco3x%2BmxG5UUD2IJalrUOy2joymedq%2FZKON57lOmkJGof5wZzElAmbGYA%2BRKFCHy3QaYJp525VQxlwh3Z5kbyL5Z%2BctW%2F7b07QpJIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c025a5a5899fabc-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
mainstreamlp.s3-eu-west-1.amazonaws.com/cassandra/unnamed.gif
52.218.46.154200 OK 56 kB URL GET HTTP/1.1 mainstreamlp.s3-eu-west-1.amazonaws.com/cassandra/unnamed.gif
IP 52.218.46.154:443
Requested by https://news.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate IssuerAmazon
Subject*.s3-eu-west-1.amazonaws.com
Fingerprint65:68:E2:68:16:9C:A1:45:3E:AA:7F:E8:6C:8C:07:12:86:2D:DC:10
ValidityWed, 21 Sep 2022 00:00:00 GMT - Wed, 30 Aug 2023 23:59:59 GMT
File type GIF image data, version 89a, 250 x 200\012- data
Hash 426e71e4e8b69c27ca1530ad8ea0f337
25491dd7883395b030d8e57364878ce642834e37
29439e6057faf7858a2ebb5844b6f2751386bd4c39648ea3c2c60d5e1a3f17f1
GET /cassandra/unnamed.gif HTTP/1.1
Host: mainstreamlp.s3-eu-west-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://information.okaynotification.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: YRcMwf3Gg8xWiBvJeLapAoGsVj3He4AuyBqGMXPv408BryuBjMFu029q2RdzWPR29vraWzGS8e0=
x-amz-request-id: PJARTWFZJWVXN83X
Date: Sun, 30 Apr 2023 19:57:19 GMT
Last-Modified: Wed, 20 May 2020 16:12:00 GMT
ETag: "426e71e4e8b69c27ca1530ad8ea0f337"
Accept-Ranges: bytes
Content-Type: image/gif
Server: AmazonS3
Content-Length: 55495
ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
142.250.74.106200 OK 31 kB URL GET HTTP/3 ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP 142.250.74.106:443
Requested by https://letter.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint78:8B:BB:40:DD:1D:5B:E9:7B:AA:CC:94:45:44:7F:FD:56:6E:E4:60
ValidityMon, 03 Apr 2023 08:24:24 GMT - Mon, 26 Jun 2023 08:24:23 GMT
File type ASCII text, with very long lines (65451)
Hash 903bc7a7e510f87aa5d0201eb59a0832
ac9aa4dd94cde1bcba9037e94087138b127e41fc
41a7ac8150cc9f38421451d5143c1ffec7a1f1fafbf7a7fc0f51b98ad699cf8f
GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: ajax.googleapis.com
Connection: keep-alive
Referer: https://important.okaynotification.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31021
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 29 Apr 2023 13:45:37 GMT
expires: Sun, 28 Apr 2024 13:45:37 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 108702
last-modified: Fri, 08 May 2020 07:05:03 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
104.17.25.14200 OK 5.6 kB URL GET HTTP/3 cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
IP 104.17.25.14:443
Requested by https://memorandum.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA9:11:71:07:07:92:48:7E:A9:3C:E8:32:25:3F:EB:AC:7D:51:7E:8F
ValidityWed, 03 Aug 2022 00:00:00 GMT - Wed, 02 Aug 2023 23:59:59 GMT
File type ASCII text, with very long lines (30837)
Hash 109d1ed85cd01f9cdab73a4cac5bf80d
d6c6498ad46de2d8e2008a8ff68e364ae7f16b32
8b3a74fe462f5b3c0635995fd721a60eb640e237680b0b532b96711f2823e8bc
GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: cdnjs.cloudflare.com
Connection: keep-alive
Referer: https://important.okaynotification.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 30 Apr 2023 19:57:19 GMT
content-type: text/css; charset=utf-8
content-length: 5631
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-7918"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1553750
expires: Fri, 19 Apr 2024 19:57:19 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lZc3UtlfV0V0MPb53EHbO3TGBbj%2FrkdCaQneKmyxNbbjS%2F6N2yDZFZ9PFqMjqrwrcnQyNits5ZOc5PvTr5L5hfL2Vi1nSZ2NwAj3CJzctg84pmH%2FXN5LS1CslzktTM0pZBB%2FdYzM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7c025a625868b4ed-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
mainstreamlp.s3-eu-west-1.amazonaws.com/cassandra/giphy.gif
52.218.46.154 25 kB URL GET mainstreamlp.s3-eu-west-1.amazonaws.com/cassandra/giphy.gif
IP 52.218.46.154:0
Requested by https://note.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate IssuerAmazon
Subject*.s3-eu-west-1.amazonaws.com
Fingerprint65:68:E2:68:16:9C:A1:45:3E:AA:7F:E8:6C:8C:07:12:86:2D:DC:10
ValidityWed, 21 Sep 2022 00:00:00 GMT - Wed, 30 Aug 2023 23:59:59 GMT
File type GIF image data, version 89a, 480 x 480\012- data
Hash 7e3fce0b52710d1cff60184ab6957570
44d0b8f01481a72a93da9a5b37898d15d33e6ad6
b0f4b9ef95abb8ac47aeea2bedfbcd0df609b82a1c6cb4f73497a3b061929074
GET /cassandra/giphy.gif HTTP/1.1
Host: mainstreamlp.s3-eu-west-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://important.okaynotification.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: Yd21SY6N8FjuR0KkUEZ4rJhmrCmEyYBc3J7W/LuaMxuj2d9XOIX7zZ78kVlcCeK+FdYk0FV/6mA=
x-amz-request-id: DN8JJYF0KMTMXWM9
Date: Sun, 30 Apr 2023 19:57:20 GMT
Last-Modified: Wed, 20 May 2020 16:30:23 GMT
ETag: "7e3fce0b52710d1cff60184ab6957570"
Accept-Ranges: bytes
Content-Type: image/gif
Server: AmazonS3
Content-Length: 24722
mainstreamlp.s3-eu-west-1.amazonaws.com/cassandra/unnamed.gif
52.218.46.154200 OK 56 kB URL GET HTTP/1.1 mainstreamlp.s3-eu-west-1.amazonaws.com/cassandra/unnamed.gif
IP 52.218.46.154:443
Requested by https://news.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate IssuerAmazon
Subject*.s3-eu-west-1.amazonaws.com
Fingerprint65:68:E2:68:16:9C:A1:45:3E:AA:7F:E8:6C:8C:07:12:86:2D:DC:10
ValidityWed, 21 Sep 2022 00:00:00 GMT - Wed, 30 Aug 2023 23:59:59 GMT
File type GIF image data, version 89a, 250 x 200\012- data
Hash 426e71e4e8b69c27ca1530ad8ea0f337
25491dd7883395b030d8e57364878ce642834e37
29439e6057faf7858a2ebb5844b6f2751386bd4c39648ea3c2c60d5e1a3f17f1
GET /cassandra/unnamed.gif HTTP/1.1
Host: mainstreamlp.s3-eu-west-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://important.okaynotification.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: QAknk0BLGhTh/oljBLMhdxUT+qFiJHQhd7gOtCGhVOqDvc1Nl8iQ76J2QEXJ8ergSGAtPE1DkbY=
x-amz-request-id: DN8YS2TRD239GETV
Date: Sun, 30 Apr 2023 19:57:20 GMT
Last-Modified: Wed, 20 May 2020 16:12:00 GMT
ETag: "426e71e4e8b69c27ca1530ad8ea0f337"
Accept-Ranges: bytes
Content-Type: image/gif
Server: AmazonS3
Content-Length: 55495
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
104.17.25.14200 OK 5.6 kB URL GET HTTP/3 cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
IP 104.17.25.14:443
Requested by https://memorandum.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA9:11:71:07:07:92:48:7E:A9:3C:E8:32:25:3F:EB:AC:7D:51:7E:8F
ValidityWed, 03 Aug 2022 00:00:00 GMT - Wed, 02 Aug 2023 23:59:59 GMT
File type ASCII text, with very long lines (30837)
Hash 109d1ed85cd01f9cdab73a4cac5bf80d
d6c6498ad46de2d8e2008a8ff68e364ae7f16b32
8b3a74fe462f5b3c0635995fd721a60eb640e237680b0b532b96711f2823e8bc
GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: cdnjs.cloudflare.com
Connection: keep-alive
Referer: https://big.okaynotification.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 30 Apr 2023 19:57:19 GMT
content-type: text/css; charset=utf-8
content-length: 5631
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-7918"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1553750
expires: Fri, 19 Apr 2024 19:57:19 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=roEusaW88t0SzU1jVjuobpqDEhIntnjsqooPUv%2F2dq17vF6aaQe%2BtQKTanJlVjvKj5gFCwC1VsoqWlShZsiyk8lJH0ua%2FBwu4ts%2FzaCIyH4CmlkvwxT%2BiBd93uVLQOAiqH8sZHv6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7c025a649ce9b4ed-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
142.250.74.106200 OK 31 kB URL GET HTTP/3 ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP 142.250.74.106:443
Requested by https://letter.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint78:8B:BB:40:DD:1D:5B:E9:7B:AA:CC:94:45:44:7F:FD:56:6E:E4:60
ValidityMon, 03 Apr 2023 08:24:24 GMT - Mon, 26 Jun 2023 08:24:23 GMT
File type ASCII text, with very long lines (65451)
Hash 903bc7a7e510f87aa5d0201eb59a0832
ac9aa4dd94cde1bcba9037e94087138b127e41fc
41a7ac8150cc9f38421451d5143c1ffec7a1f1fafbf7a7fc0f51b98ad699cf8f
GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: ajax.googleapis.com
Connection: keep-alive
Referer: https://big.okaynotification.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31021
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 29 Apr 2023 13:45:37 GMT
expires: Sun, 28 Apr 2024 13:45:37 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 108702
last-modified: Fri, 08 May 2020 07:05:03 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
mainstreamlp.s3-eu-west-1.amazonaws.com/cassandra/giphy.gif
52.218.46.154 25 kB URL GET mainstreamlp.s3-eu-west-1.amazonaws.com/cassandra/giphy.gif
IP 52.218.46.154:0
Requested by https://note.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate IssuerAmazon
Subject*.s3-eu-west-1.amazonaws.com
Fingerprint65:68:E2:68:16:9C:A1:45:3E:AA:7F:E8:6C:8C:07:12:86:2D:DC:10
ValidityWed, 21 Sep 2022 00:00:00 GMT - Wed, 30 Aug 2023 23:59:59 GMT
File type GIF image data, version 89a, 480 x 480\012- data
Hash 7e3fce0b52710d1cff60184ab6957570
44d0b8f01481a72a93da9a5b37898d15d33e6ad6
b0f4b9ef95abb8ac47aeea2bedfbcd0df609b82a1c6cb4f73497a3b061929074
GET /cassandra/giphy.gif HTTP/1.1
Host: mainstreamlp.s3-eu-west-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://big.okaynotification.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: ceG3fkgdV+RCXCR2kFWKR9KShpKU9JuUD2b97PGdjPZ7dgnSyTfXEex2+lIRw/Aj0sjJAyjwXTI=
x-amz-request-id: DN8M57495HAFBR45
Date: Sun, 30 Apr 2023 19:57:20 GMT
Last-Modified: Wed, 20 May 2020 16:30:23 GMT
ETag: "7e3fce0b52710d1cff60184ab6957570"
Accept-Ranges: bytes
Content-Type: image/gif
Server: AmazonS3
Content-Length: 24722
clik.okaynotification.com/js2/t/video2/inc.js
188.114.97.1 62 kB URL clik.okaynotification.com/js2/t/video2/inc.js
IP 188.114.97.1:0
File type ASCII text, with CRLF line terminators
Hash 7c28dce86184b25ec0874ff61684286b
904deee87170755eb416f855e6cde05a3c0a54b3
f9a2072e3b9dc164919a19382ebd95e110bf91f81947357dfd877878fd2dd7c0
GET /js2/t/video2/inc.js HTTP/1.1
Host: clik.okaynotification.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: clik.okaynotification.com
Connection: keep-alive
Referer: https://clik.okaynotification.com/js2/t/video2/index.html
Cookie: jjj=10; u=31x4691x1543644ec8198b4c8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 30 Apr 2023 19:57:18 GMT
content-type: application/javascript
last-modified: Mon, 16 Aug 2021 15:15:52 GMT
vary: Accept-Encoding
etag: W/"611a8128-3385"
expires: Sun, 28 Apr 2024 17:28:50 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 95308
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B5e237h55g78TKwfJCsrVHmCdUzSse%2BP4kWwQXiB9wjHBpe4xWyB3q%2BC7BFmoV2UHW%2BrwmSq%2Fgmmj6Z8JZjxvMIQvJRtYT%2FE5qJqq2Nz4C9HeQh1bdf8809p21M%2Fw739NmvR9Ex2kmuUlSfx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c025a5d69bb0b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
104.17.25.14200 OK 5.6 kB URL GET HTTP/3 cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
IP 104.17.25.14:443
Requested by https://memorandum.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA9:11:71:07:07:92:48:7E:A9:3C:E8:32:25:3F:EB:AC:7D:51:7E:8F
ValidityWed, 03 Aug 2022 00:00:00 GMT - Wed, 02 Aug 2023 23:59:59 GMT
File type ASCII text, with very long lines (30837)
Hash 109d1ed85cd01f9cdab73a4cac5bf80d
d6c6498ad46de2d8e2008a8ff68e364ae7f16b32
8b3a74fe462f5b3c0635995fd721a60eb640e237680b0b532b96711f2823e8bc
GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: cdnjs.cloudflare.com
Connection: keep-alive
Referer: https://crit.okaynotification.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 30 Apr 2023 19:57:19 GMT
content-type: text/css; charset=utf-8
content-length: 5631
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-7918"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1553750
expires: Fri, 19 Apr 2024 19:57:19 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NNwdrmEk7qCtjl74lmsJ5s5OnC%2Fs0PDFJTtwVIl8wZSJDcfNpyFlk18RyHaUOyeoHoAEn5MSh0vVLRdpLE3jox%2FINWhTM8%2Bgom8QzZQyheRpUoZSS2KH9Ef33r4ZuQWsxYJ2ZJS7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7c025a669876b4ed-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
important.okaynotification.com/js2/t/video2/inc.js
188.114.97.1 34 kB URL important.okaynotification.com/js2/t/video2/inc.js
IP 188.114.97.1:0
File type ASCII text, with CRLF line terminators
Hash d452447ba00b18822a2f6db40406f63f
8d08282dcd3d0ed1fc191fe94b2efa708f56e5b3
8412ec06e1027b221f1e5a6354e86f36a8c006b15b12311d63db35b51d043859
GET /js2/t/video2/inc.js HTTP/1.1
Host: important.okaynotification.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: important.okaynotification.com
Connection: keep-alive
Referer: https://important.okaynotification.com/js2/t/video2/index.html
Cookie: jjj=12; u=31x4691x1543644ec8198b4c8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 30 Apr 2023 19:57:19 GMT
content-type: application/javascript
last-modified: Mon, 16 Aug 2021 15:15:52 GMT
vary: Accept-Encoding
etag: W/"611a8128-3385"
expires: Sun, 28 Apr 2024 17:28:55 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 95304
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zyhQOSORD87TPsO94WUOwjdl0j26t7wiAAZeyfFHehbNu3BKm3r56PaZDblTd4EJ3qu9oxMXW7LGiVFIQjxPuha9J97mCA7sx1T2V%2FaGlmRTjTF48eMLn6IUXRgtnQInOVzoHvkQLvPfYc2zCgASK%2BQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c025a625faa0b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
crit.okaynotification.com/js2/t/video2/index.html
104.21.84.214 29 kB URL crit.okaynotification.com/js2/t/video2/index.html
IP 104.21.84.214:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1051), with CRLF line terminators
Hash f6da507a38cbe2d9fa102d3f6a26db5f
9f6639cf958cf5e501cda7ea325c7703ee908dc8
0382880d1a9d8dbecd536d721ffbd7738c16e2f476b10c65d479979207190d2a
GET /js2/t/video2/index.html HTTP/1.1
Host: crit.okaynotification.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://big.okaynotification.com/
Cookie: jjj=14; u=31x4691x1543644ec8198b4c8
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 30 Apr 2023 19:57:19 GMT
content-type: text/html
last-modified: Fri, 09 Oct 2020 15:22:15 GMT
vary: Accept-Encoding
expires: Mon, 29 Apr 2024 19:57:19 GMT
cache-control: max-age=31536000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MIrqvsvg4ewutw%2F7qmQH%2FXgW%2B17QtRheBi5lBm6D%2FxAU4pnFkU1L6UoBM9b5R6E6Dgsalwa%2FYR5LniJ%2Bn2fFnCjPo07jXVov%2B8U1yAC71Alfo%2BMrnk0QHfYITY2EP%2FQD3dgSzcQKp3BWRldo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c025a65bb22fabc-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
crit.okaynotification.com/js2/t/video2/style.css
104.21.84.214 56 kB URL crit.okaynotification.com/js2/t/video2/style.css
IP 104.21.84.214:0
File type ASCII text, with CRLF line terminators
Hash 446f763128f9de2231529833843c0066
aef0c520d6e3933f132e69d5285e514b62362475
0056858631d29437477f09462ff55924738930607d9db7e550c4c68402a7978b
GET /js2/t/video2/style.css HTTP/1.1
Host: crit.okaynotification.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: crit.okaynotification.com
Connection: keep-alive
Referer: https://crit.okaynotification.com/js2/t/video2/index.html
Cookie: jjj=14; u=31x4691x1543644ec8198b4c8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 30 Apr 2023 19:57:19 GMT
content-type: text/css
last-modified: Thu, 21 May 2020 13:08:20 GMT
vary: Accept-Encoding
etag: W/"5ec67d44-79a"
expires: Sun, 28 Apr 2024 15:00:07 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 104232
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CgCj83gMWJE5FKGZP4ELTkJ%2FAobj%2B4TO9FhLXuVEu01mQUni8EZUd8D45nKsU1%2B59Aa16y3uJGdK6qUKW%2Fp9ak7JjUc0%2FkkiEEOf8u9n%2F%2FpZbywXuzrUFK6HOAdzXt3pOm0QeBKfY0%2Bdz%2Bi7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c025a669bf6fabc-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
104.17.25.14200 OK 5.6 kB URL GET HTTP/3 cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
IP 104.17.25.14:443
Requested by https://memorandum.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA9:11:71:07:07:92:48:7E:A9:3C:E8:32:25:3F:EB:AC:7D:51:7E:8F
ValidityWed, 03 Aug 2022 00:00:00 GMT - Wed, 02 Aug 2023 23:59:59 GMT
File type ASCII text, with very long lines (30837)
Hash 109d1ed85cd01f9cdab73a4cac5bf80d
d6c6498ad46de2d8e2008a8ff68e364ae7f16b32
8b3a74fe462f5b3c0635995fd721a60eb640e237680b0b532b96711f2823e8bc
GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: cdnjs.cloudflare.com
Connection: keep-alive
Referer: https://directive.okaynotification.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 30 Apr 2023 19:57:20 GMT
content-type: text/css; charset=utf-8
content-length: 5631
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-7918"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1553751
expires: Fri, 19 Apr 2024 19:57:20 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uLQqWgrsNtvntMkmWCqeLJYBzGZ%2F%2BP3Em4O4NcQSUH5GqI%2FvuwZpRozbn8kWLMk3KJ2MMYkuh3BdEcQ1nsiYCgFpYZgJXn6J1CvU7jTNMwx8SV8Z79QzZG1wlxmGqkknM%2BnZP4by"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7c025a68cc4fb4ed-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
142.250.74.106200 OK 31 kB URL GET HTTP/3 ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP 142.250.74.106:443
Requested by https://letter.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint78:8B:BB:40:DD:1D:5B:E9:7B:AA:CC:94:45:44:7F:FD:56:6E:E4:60
ValidityMon, 03 Apr 2023 08:24:24 GMT - Mon, 26 Jun 2023 08:24:23 GMT
File type ASCII text, with very long lines (65451)
Hash 903bc7a7e510f87aa5d0201eb59a0832
ac9aa4dd94cde1bcba9037e94087138b127e41fc
41a7ac8150cc9f38421451d5143c1ffec7a1f1fafbf7a7fc0f51b98ad699cf8f
GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: ajax.googleapis.com
Connection: keep-alive
Referer: https://directive.okaynotification.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31021
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 29 Apr 2023 13:45:37 GMT
expires: Sun, 28 Apr 2024 13:45:37 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 108703
last-modified: Fri, 08 May 2020 07:05:03 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
directive.okaynotification.com/js2/t/video2/style.css
104.21.84.214 26 kB URL directive.okaynotification.com/js2/t/video2/style.css
IP 104.21.84.214:0
File type ASCII text, with CRLF line terminators
Hash 61fadcc0fac3d7335dd2800ceef516f0
7bc11bfe730f610c74351741706b5415a4a59fd2
65b1b23954405e06a63d48694adee3a33acb76c83bbd360c95aa8ec97feb6a98
GET /js2/t/video2/style.css HTTP/1.1
Host: directive.okaynotification.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: directive.okaynotification.com
Connection: keep-alive
Referer: https://directive.okaynotification.com/js2/t/video2/index.html
Cookie: jjj=15; u=31x4691x1543644ec8198b4c8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 30 Apr 2023 19:57:20 GMT
content-type: text/css
last-modified: Thu, 21 May 2020 13:08:20 GMT
vary: Accept-Encoding
etag: W/"5ec67d44-79a"
expires: Sun, 28 Apr 2024 17:28:57 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 95303
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cDioMrTB%2BWmTfmhQOB6%2BlzEGGIOfU%2FmUOw%2F6wb4btn4C3ZKUzfbPoFKXpDsW0Y2x0IQ5MzmDk303JcCZ7Ua%2FY0WDbN8x%2B8g73nSN%2Fy7gTc%2FDg%2FHzLNy35ioKfRAsAZIEFNNinPMC6y2ryCRVqJ%2BLx%2F4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c025a68cde8fabc-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
mainstreamlp.s3-eu-west-1.amazonaws.com/cassandra/unnamed.gif
52.218.46.154200 OK 56 kB URL GET HTTP/1.1 mainstreamlp.s3-eu-west-1.amazonaws.com/cassandra/unnamed.gif
IP 52.218.46.154:443
Requested by https://news.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate IssuerAmazon
Subject*.s3-eu-west-1.amazonaws.com
Fingerprint65:68:E2:68:16:9C:A1:45:3E:AA:7F:E8:6C:8C:07:12:86:2D:DC:10
ValidityWed, 21 Sep 2022 00:00:00 GMT - Wed, 30 Aug 2023 23:59:59 GMT
File type GIF image data, version 89a, 250 x 200\012- data
Hash 426e71e4e8b69c27ca1530ad8ea0f337
25491dd7883395b030d8e57364878ce642834e37
29439e6057faf7858a2ebb5844b6f2751386bd4c39648ea3c2c60d5e1a3f17f1
GET /cassandra/unnamed.gif HTTP/1.1
Host: mainstreamlp.s3-eu-west-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://directive.okaynotification.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: 5xI3443IegE1jtJD/u/tMS4ORn7hchss63vxjhO2OT/w7/SBABmuG48uIEcb1nfWhO3nukn5Oss=
x-amz-request-id: RH6T0V2BKSNVD8XP
Date: Sun, 30 Apr 2023 19:57:21 GMT
Last-Modified: Wed, 20 May 2020 16:12:00 GMT
ETag: "426e71e4e8b69c27ca1530ad8ea0f337"
Accept-Ranges: bytes
Content-Type: image/gif
Server: AmazonS3
Content-Length: 55495
crit.okaynotification.com/js2/t/video2/inc.js
104.21.84.214 9.1 kB URL crit.okaynotification.com/js2/t/video2/inc.js
IP 104.21.84.214:0
File type ASCII text, with CRLF line terminators
Hash e287b8fdd03afb692d6eed6e084e0632
ec545b22ce4ec45605951fda19d34725179d5569
2b18f62ab5514d86271b6c6915c793f45d4d6e16019461c818a37dcb175ef63a
GET /js2/t/video2/inc.js HTTP/1.1
Host: crit.okaynotification.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: crit.okaynotification.com
Connection: keep-alive
Referer: https://crit.okaynotification.com/js2/t/video2/index.html
Cookie: jjj=14; u=31x4691x1543644ec8198b4c8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 30 Apr 2023 19:57:19 GMT
content-type: application/javascript
last-modified: Mon, 16 Aug 2021 15:15:52 GMT
vary: Accept-Encoding
etag: W/"611a8128-3385"
expires: Sun, 28 Apr 2024 17:28:57 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 95302
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NWrWo2r9OZpJKrVOjZ0iwRpljZOtTEstjX88LFCeia%2F9D4WC5IUIP5bEc%2BUVX0QQYVw0e8x6M1zB%2FYQXIxl9lHIeFhPUzS2WMnrPcgdNY7NjxPhquPRewVJQC9Lkhu6W0AMXhPsySZqOrC%2Bz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c025a669bfafabc-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
142.250.74.106200 OK 31 kB URL GET HTTP/3 ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP 142.250.74.106:443
Requested by https://letter.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint78:8B:BB:40:DD:1D:5B:E9:7B:AA:CC:94:45:44:7F:FD:56:6E:E4:60
ValidityMon, 03 Apr 2023 08:24:24 GMT - Mon, 26 Jun 2023 08:24:23 GMT
File type ASCII text, with very long lines (65451)
Hash 903bc7a7e510f87aa5d0201eb59a0832
ac9aa4dd94cde1bcba9037e94087138b127e41fc
41a7ac8150cc9f38421451d5143c1ffec7a1f1fafbf7a7fc0f51b98ad699cf8f
GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: ajax.googleapis.com
Connection: keep-alive
Referer: https://letter.okaynotification.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31021
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 29 Apr 2023 13:45:37 GMT
expires: Sun, 28 Apr 2024 13:45:37 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 108703
last-modified: Fri, 08 May 2020 07:05:03 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
directive.okaynotification.com/js2/t/video2/index.html
104.21.84.214 30 kB URL directive.okaynotification.com/js2/t/video2/index.html
IP 104.21.84.214:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1051), with CRLF line terminators
Hash c56a08490cd2b83c9714b2452dc7416c
d9391f2533b209e2eb8b9f1972d4778db3ad675c
9bcf73338b495130ddf4e6f9849a670a23d82d617d04e643390194b08c82ab41
GET /js2/t/video2/index.html HTTP/1.1
Host: directive.okaynotification.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crit.okaynotification.com/
Cookie: jjj=15; u=31x4691x1543644ec8198b4c8
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 30 Apr 2023 19:57:20 GMT
content-type: text/html
last-modified: Fri, 09 Oct 2020 15:22:15 GMT
vary: Accept-Encoding
expires: Mon, 29 Apr 2024 19:57:20 GMT
cache-control: max-age=31536000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y3GIp5%2BjsXJYWVepO4k1OM9UHVqS3uZpyTPuggkXbWdCFFQ%2FJ0pqf4WsYj0i9a2RTQxrdpyoXeMAKBvvAPbAInsuzmxhaKJ37f7WI6Tf75%2FmsXjfAscMyj4F4sHDLztwK9vtVCi1wmYy4%2Fg2B%2F3rLHA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c025a67ccfbfabc-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
mainstreamlp.s3-eu-west-1.amazonaws.com/cassandra/unnamed.gif
52.218.46.154200 OK 56 kB URL GET HTTP/1.1 mainstreamlp.s3-eu-west-1.amazonaws.com/cassandra/unnamed.gif
IP 52.218.46.154:443
Requested by https://news.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate IssuerAmazon
Subject*.s3-eu-west-1.amazonaws.com
Fingerprint65:68:E2:68:16:9C:A1:45:3E:AA:7F:E8:6C:8C:07:12:86:2D:DC:10
ValidityWed, 21 Sep 2022 00:00:00 GMT - Wed, 30 Aug 2023 23:59:59 GMT
File type GIF image data, version 89a, 250 x 200\012- data
Hash 426e71e4e8b69c27ca1530ad8ea0f337
25491dd7883395b030d8e57364878ce642834e37
29439e6057faf7858a2ebb5844b6f2751386bd4c39648ea3c2c60d5e1a3f17f1
GET /cassandra/unnamed.gif HTTP/1.1
Host: mainstreamlp.s3-eu-west-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://letter.okaynotification.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: KHM4kK4V3LXTNycDAgbgIqmDL0S4/n9zWix2/oDnIbaFaL+hmb+MTKQD1sbUhncuWb0EzD4DjZ8=
x-amz-request-id: RH6YEF57VVV8KHD8
Date: Sun, 30 Apr 2023 19:57:21 GMT
Last-Modified: Wed, 20 May 2020 16:12:00 GMT
ETag: "426e71e4e8b69c27ca1530ad8ea0f337"
Accept-Ranges: bytes
Content-Type: image/gif
Server: AmazonS3
Content-Length: 55495
letter.okaynotification.com/js2/t/video2/index.html
104.21.84.214 36 kB URL letter.okaynotification.com/js2/t/video2/index.html
IP 104.21.84.214:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1051), with CRLF line terminators
Hash d56cc6d834dafc3c16a5b81b16c06b34
de53f4508f80241d2d0d451b9e427aac12b08642
c44a9fce2960f3b42f211bd48a37c501f2bb575adfc6ce4edf153f0f6b1cb585
GET /js2/t/video2/index.html HTTP/1.1
Host: letter.okaynotification.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://directive.okaynotification.com/
Cookie: jjj=16; u=31x4691x1543644ec8198b4c8
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 30 Apr 2023 19:57:20 GMT
content-type: text/html
last-modified: Fri, 09 Oct 2020 15:22:15 GMT
vary: Accept-Encoding
expires: Mon, 29 Apr 2024 19:57:20 GMT
cache-control: max-age=31536000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y7w7KnSLsG1r%2FCblxlG14%2F8OWvqWtJLkp2V4GRjmeLwKFrHL%2FWzuO7fC%2BCjlTNdKxurrn6QM5DVsrv0yugzyYjDN9HiEt9pYsMR5hTQ1gb4PYTDEZZXcW2Ppf9jgBvUsYZY9gkfkuwlTxhy%2FuOE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c025a69decefabc-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
104.17.25.14200 OK 5.6 kB URL GET HTTP/3 cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
IP 104.17.25.14:443
Requested by https://memorandum.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA9:11:71:07:07:92:48:7E:A9:3C:E8:32:25:3F:EB:AC:7D:51:7E:8F
ValidityWed, 03 Aug 2022 00:00:00 GMT - Wed, 02 Aug 2023 23:59:59 GMT
File type ASCII text, with very long lines (30837)
Hash 109d1ed85cd01f9cdab73a4cac5bf80d
d6c6498ad46de2d8e2008a8ff68e364ae7f16b32
8b3a74fe462f5b3c0635995fd721a60eb640e237680b0b532b96711f2823e8bc
GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: cdnjs.cloudflare.com
Connection: keep-alive
Referer: https://memo.okaynotification.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 30 Apr 2023 19:57:20 GMT
content-type: text/css; charset=utf-8
content-length: 5631
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-7918"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1553751
expires: Fri, 19 Apr 2024 19:57:20 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yz9W9SnXp%2Bf653SOWcCaKJRcwddIMzmGZEGUd6KLtZ4WpPePeaLxVJZZHprTJqmTps80f%2F7i%2B%2BzRXVuXizRtorQz7sMy9AEx0bW3ZWfPRxOZ5whgpmYGUS%2F6WBZa1NyyuhBzhbuj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7c025a6cbb99b4ed-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
mainstreamlp.s3-eu-west-1.amazonaws.com/cassandra/giphy.gif
52.218.46.154 25 kB URL GET mainstreamlp.s3-eu-west-1.amazonaws.com/cassandra/giphy.gif
IP 52.218.46.154:0
Requested by https://note.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate IssuerAmazon
Subject*.s3-eu-west-1.amazonaws.com
Fingerprint65:68:E2:68:16:9C:A1:45:3E:AA:7F:E8:6C:8C:07:12:86:2D:DC:10
ValidityWed, 21 Sep 2022 00:00:00 GMT - Wed, 30 Aug 2023 23:59:59 GMT
File type GIF image data, version 89a, 480 x 480\012- data
Hash 7e3fce0b52710d1cff60184ab6957570
44d0b8f01481a72a93da9a5b37898d15d33e6ad6
b0f4b9ef95abb8ac47aeea2bedfbcd0df609b82a1c6cb4f73497a3b061929074
GET /cassandra/giphy.gif HTTP/1.1
Host: mainstreamlp.s3-eu-west-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://memo.okaynotification.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: G1GwiGPCKvzZ4LmX9tOB1VkFmAr2HEYcc4Rnk8XUf6YlrHWFxOnhsA1q0xQJug0hyRWI1qMLaGU=
x-amz-request-id: RH6JQHCT358NPN68
Date: Sun, 30 Apr 2023 19:57:21 GMT
Last-Modified: Wed, 20 May 2020 16:30:23 GMT
ETag: "7e3fce0b52710d1cff60184ab6957570"
Accept-Ranges: bytes
Content-Type: image/gif
Server: AmazonS3
Content-Length: 24722
mainstreamlp.s3-eu-west-1.amazonaws.com/cassandra/unnamed.gif
52.218.46.154200 OK 56 kB URL GET HTTP/1.1 mainstreamlp.s3-eu-west-1.amazonaws.com/cassandra/unnamed.gif
IP 52.218.46.154:443
Requested by https://news.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate IssuerAmazon
Subject*.s3-eu-west-1.amazonaws.com
Fingerprint65:68:E2:68:16:9C:A1:45:3E:AA:7F:E8:6C:8C:07:12:86:2D:DC:10
ValidityWed, 21 Sep 2022 00:00:00 GMT - Wed, 30 Aug 2023 23:59:59 GMT
File type GIF image data, version 89a, 250 x 200\012- data
Hash 426e71e4e8b69c27ca1530ad8ea0f337
25491dd7883395b030d8e57364878ce642834e37
29439e6057faf7858a2ebb5844b6f2751386bd4c39648ea3c2c60d5e1a3f17f1
GET /cassandra/unnamed.gif HTTP/1.1
Host: mainstreamlp.s3-eu-west-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://memo.okaynotification.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: CYUe/EbWtWs9M3d/mm+mykFVmZ6iXO6dV+cG39cP7WOPnN45uBZq/4I2p7iCOj3saJvhiPp8P20=
x-amz-request-id: RH6HD012Z7MFK3MJ
Date: Sun, 30 Apr 2023 19:57:21 GMT
Last-Modified: Wed, 20 May 2020 16:12:00 GMT
ETag: "426e71e4e8b69c27ca1530ad8ea0f337"
Accept-Ranges: bytes
Content-Type: image/gif
Server: AmazonS3
Content-Length: 55495
memorandum.okaynotification.com/js2/t/video2/index.html
188.114.97.1 10 kB URL memorandum.okaynotification.com/js2/t/video2/index.html
IP 188.114.97.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1051), with CRLF line terminators
Hash 5b1a27a94112efc1f91e5b578465fcad
6e21149abfc451cf5b99d5d247afa66ee2bd9bde
64fc3c9df87d6d9f26745d52bd015f0949646d76c7ef03afe29a07d18432f13f
GET /js2/t/video2/index.html HTTP/1.1
Host: memorandum.okaynotification.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://memo.okaynotification.com/
Cookie: jjj=18; u=31x4691x1543644ec8198b4c8
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 30 Apr 2023 19:57:21 GMT
content-type: text/html
last-modified: Fri, 09 Oct 2020 15:22:15 GMT
vary: Accept-Encoding
expires: Mon, 29 Apr 2024 19:57:21 GMT
cache-control: max-age=31536000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x35r6YlF%2FEM0%2BiTYEYfTVQoj2MEb9xjqmTgsh0gv2snuPxrFynXjoIqJQx4OmEXallz9rjb6rSnP3Bs7mjNJZClgDXP6g%2FQMsEgKe%2Fdjz%2BzIvMrBbeosqTofDyF3zwDRKyFIrARf%2BR60gsRMrN%2B1YI1A"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c025a6e0e460b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
142.250.74.106200 OK 31 kB URL GET HTTP/3 ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP 142.250.74.106:443
Requested by https://letter.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint78:8B:BB:40:DD:1D:5B:E9:7B:AA:CC:94:45:44:7F:FD:56:6E:E4:60
ValidityMon, 03 Apr 2023 08:24:24 GMT - Mon, 26 Jun 2023 08:24:23 GMT
File type ASCII text, with very long lines (65451)
Hash 903bc7a7e510f87aa5d0201eb59a0832
ac9aa4dd94cde1bcba9037e94087138b127e41fc
41a7ac8150cc9f38421451d5143c1ffec7a1f1fafbf7a7fc0f51b98ad699cf8f
GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: ajax.googleapis.com
Connection: keep-alive
Referer: https://memorandum.okaynotification.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31021
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 29 Apr 2023 13:45:37 GMT
expires: Sun, 28 Apr 2024 13:45:37 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 108704
last-modified: Fri, 08 May 2020 07:05:03 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
mainstreamlp.s3-eu-west-1.amazonaws.com/cassandra/unnamed.gif
52.218.46.154200 OK 56 kB URL GET HTTP/1.1 mainstreamlp.s3-eu-west-1.amazonaws.com/cassandra/unnamed.gif
IP 52.218.46.154:443
Requested by https://news.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate IssuerAmazon
Subject*.s3-eu-west-1.amazonaws.com
Fingerprint65:68:E2:68:16:9C:A1:45:3E:AA:7F:E8:6C:8C:07:12:86:2D:DC:10
ValidityWed, 21 Sep 2022 00:00:00 GMT - Wed, 30 Aug 2023 23:59:59 GMT
File type GIF image data, version 89a, 250 x 200\012- data
Hash 426e71e4e8b69c27ca1530ad8ea0f337
25491dd7883395b030d8e57364878ce642834e37
29439e6057faf7858a2ebb5844b6f2751386bd4c39648ea3c2c60d5e1a3f17f1
GET /cassandra/unnamed.gif HTTP/1.1
Host: mainstreamlp.s3-eu-west-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://memorandum.okaynotification.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: iyiVsD+4oW+Z5VDJ+ah1IQGXyMAGtzj4pxaSYLuuBB7lntUWnbIeBz49AUCr0v0I/m/vtp590MM=
x-amz-request-id: N80HHTB8NE2606TH
Date: Sun, 30 Apr 2023 19:57:22 GMT
Last-Modified: Wed, 20 May 2020 16:12:00 GMT
ETag: "426e71e4e8b69c27ca1530ad8ea0f337"
Accept-Ranges: bytes
Content-Type: image/gif
Server: AmazonS3
Content-Length: 55495
memo.okaynotification.com/js2/t/video2/index.html
188.114.97.1 31 kB URL memo.okaynotification.com/js2/t/video2/index.html
IP 188.114.97.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1051), with CRLF line terminators
Hash 1d018158b0da4b2c372da889143b7c83
f6b07baadcecaf3d861d15851e22aa4e6fc4afa5
a485d0653d9410bfd75d0f4deaf611651872e8a8ac8727dd92d9c7ed3b498491
GET /js2/t/video2/index.html HTTP/1.1
Host: memo.okaynotification.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://letter.okaynotification.com/
Cookie: jjj=17; u=31x4691x1543644ec8198b4c8
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 30 Apr 2023 19:57:20 GMT
content-type: text/html
last-modified: Fri, 09 Oct 2020 15:22:15 GMT
vary: Accept-Encoding
expires: Mon, 29 Apr 2024 19:57:20 GMT
cache-control: max-age=31536000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2bbLYwAyfIZaeVFsOh4p3Bvwji%2F6j1yYtNJGU%2B47nLWoEBRPugH8ArLFjxd6Mmkp38fGQRK4ELjPCj2AmsKFsaIiQWZgoXAlRrgtIfF7Ea%2FMsqTevURy%2FR9TMnKgbcVA4vjHbVX84%2FJ5GX%2F9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c025a6bfb610b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
104.17.25.14200 OK 5.6 kB URL GET HTTP/3 cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
IP 104.17.25.14:443
Requested by https://memorandum.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA9:11:71:07:07:92:48:7E:A9:3C:E8:32:25:3F:EB:AC:7D:51:7E:8F
ValidityWed, 03 Aug 2022 00:00:00 GMT - Wed, 02 Aug 2023 23:59:59 GMT
File type ASCII text, with very long lines (30837)
Hash 109d1ed85cd01f9cdab73a4cac5bf80d
d6c6498ad46de2d8e2008a8ff68e364ae7f16b32
8b3a74fe462f5b3c0635995fd721a60eb640e237680b0b532b96711f2823e8bc
GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: cdnjs.cloudflare.com
Connection: keep-alive
Referer: https://news.okaynotification.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 30 Apr 2023 19:57:21 GMT
content-type: text/css; charset=utf-8
content-length: 5631
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-7918"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1553752
expires: Fri, 19 Apr 2024 19:57:21 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VW2BxzDYMnP3DhuW%2BMZFoIUF5O2H9Fa8m8Y6Fcwgq6Eh9I1v48SwlUUuujsNEf37nAtpvQ0s9q2MiULEX7mr7b44%2FmPVZOLvFk1YYE%2FdZz9NcZoUKvC6H91dmvwruA4%2F2REpUnv7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7c025a70dba3b4ed-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
memorandum.okaynotification.com/js2/t/video2/inc.js
188.114.97.1 34 kB URL memorandum.okaynotification.com/js2/t/video2/inc.js
IP 188.114.97.1:0
File type ASCII text, with CRLF line terminators
Hash d452447ba00b18822a2f6db40406f63f
8d08282dcd3d0ed1fc191fe94b2efa708f56e5b3
8412ec06e1027b221f1e5a6354e86f36a8c006b15b12311d63db35b51d043859
GET /js2/t/video2/inc.js HTTP/1.1
Host: memorandum.okaynotification.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: memorandum.okaynotification.com
Connection: keep-alive
Referer: https://memorandum.okaynotification.com/js2/t/video2/index.html
Cookie: jjj=18; u=31x4691x1543644ec8198b4c8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 30 Apr 2023 19:57:21 GMT
content-type: application/javascript
last-modified: Mon, 16 Aug 2021 15:15:52 GMT
vary: Accept-Encoding
etag: W/"611a8128-3385"
expires: Sun, 28 Apr 2024 17:28:59 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 95302
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7gs%2Fp1ogsdnXvwb6vQocvSel9p7zFNrTgrKSWYIoffjYveTtciVEQC9l8d7ZrLdwVs0RHxHqRrztkeAYLTZRY5P0ltiRjKOE1bMMavVF68S1Dp%2BUQLT14uKRjccc3f%2FgJJ%2FheVpJ2oKjpUmFe13xOyPl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c025a6edf180b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
mainstreamlp.s3-eu-west-1.amazonaws.com/cassandra/giphy.gif
52.218.46.154 25 kB URL GET mainstreamlp.s3-eu-west-1.amazonaws.com/cassandra/giphy.gif
IP 52.218.46.154:0
Requested by https://note.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate IssuerAmazon
Subject*.s3-eu-west-1.amazonaws.com
Fingerprint65:68:E2:68:16:9C:A1:45:3E:AA:7F:E8:6C:8C:07:12:86:2D:DC:10
ValidityWed, 21 Sep 2022 00:00:00 GMT - Wed, 30 Aug 2023 23:59:59 GMT
File type GIF image data, version 89a, 480 x 480\012- data
Hash 7e3fce0b52710d1cff60184ab6957570
44d0b8f01481a72a93da9a5b37898d15d33e6ad6
b0f4b9ef95abb8ac47aeea2bedfbcd0df609b82a1c6cb4f73497a3b061929074
GET /cassandra/giphy.gif HTTP/1.1
Host: mainstreamlp.s3-eu-west-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news.okaynotification.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: +AYlEzuFqvRPri9ZE/3sYISqOOUItXh3bGbZaLUyz3W4r2n+lSITT0IBQLilPBKbtY1T9rqnciQ=
x-amz-request-id: N80SS24P7WNKTHAW
Date: Sun, 30 Apr 2023 19:57:22 GMT
Last-Modified: Wed, 20 May 2020 16:30:23 GMT
ETag: "7e3fce0b52710d1cff60184ab6957570"
Accept-Ranges: bytes
Content-Type: image/gif
Server: AmazonS3
Content-Length: 24722
news.okaynotification.com/js2/t/video2/style.css
188.114.97.1 56 kB URL news.okaynotification.com/js2/t/video2/style.css
IP 188.114.97.1:0
File type ASCII text, with CRLF line terminators
Hash 446f763128f9de2231529833843c0066
aef0c520d6e3933f132e69d5285e514b62362475
0056858631d29437477f09462ff55924738930607d9db7e550c4c68402a7978b
GET /js2/t/video2/style.css HTTP/1.1
Host: news.okaynotification.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: news.okaynotification.com
Connection: keep-alive
Referer: https://news.okaynotification.com/js2/t/video2/index.html
Cookie: jjj=19; u=31x4691x1543644ec8198b4c8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 30 Apr 2023 19:57:21 GMT
content-type: text/css
last-modified: Thu, 21 May 2020 13:08:20 GMT
vary: Accept-Encoding
etag: W/"5ec67d44-79a"
expires: Sun, 28 Apr 2024 15:00:09 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 104232
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WR2pBiKW8AybpmUGF%2BqbQjB16iyh4T%2BmDYlhPRZAxOWMb9VIL03PcVKKA8Pjpg8EMJUxnHThdblxV%2BQYWRHFbykbKQldp6gJ39umWLqiKr0%2FMs6Z3fvhsr5vPPEEJa899tV32Ipm6grGWt8k"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c025a70d9f80b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
letter.okaynotification.com/js2/t/video2/inc.js
104.21.84.214 12 kB URL letter.okaynotification.com/js2/t/video2/inc.js
IP 104.21.84.214:0
File type ASCII text, with CRLF line terminators
Hash 21381d506f7bf0633a2d53c810629571
9bccfe5aabb0478fe1f98a4fbb6d633b69a6190e
874edb502239ed75e62a4ea8d76cf79c41f8d4078555b0f257a7e4774eeb8bf7
GET /js2/t/video2/inc.js HTTP/1.1
Host: letter.okaynotification.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: letter.okaynotification.com
Connection: keep-alive
Referer: https://letter.okaynotification.com/js2/t/video2/index.html
Cookie: jjj=16; u=31x4691x1543644ec8198b4c8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 30 Apr 2023 19:57:20 GMT
content-type: application/javascript
last-modified: Mon, 16 Aug 2021 15:15:52 GMT
vary: Accept-Encoding
etag: W/"611a8128-3385"
expires: Sun, 28 Apr 2024 17:28:58 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 95302
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QkwN33KJ5LfmB5hOQ8EbivDkD2BER2koTLMe24x3%2B37X%2F6Twel6Aw5MbJe3qd7Kj2v42xuTLuXojxCO9ddjKk1V07p9VOUb6miRkeMHJmWwLP01c57BrSEnuRrU2W7tioQMS4IaRx%2Byb4P3owQA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c025a6adfa4fabc-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
142.250.74.106200 OK 31 kB URL GET HTTP/3 ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP 142.250.74.106:443
Requested by https://letter.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint78:8B:BB:40:DD:1D:5B:E9:7B:AA:CC:94:45:44:7F:FD:56:6E:E4:60
ValidityMon, 03 Apr 2023 08:24:24 GMT - Mon, 26 Jun 2023 08:24:23 GMT
File type ASCII text, with very long lines (65451)
Hash 903bc7a7e510f87aa5d0201eb59a0832
ac9aa4dd94cde1bcba9037e94087138b127e41fc
41a7ac8150cc9f38421451d5143c1ffec7a1f1fafbf7a7fc0f51b98ad699cf8f
GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: ajax.googleapis.com
Connection: keep-alive
Referer: https://note.okaynotification.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31021
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 29 Apr 2023 13:45:37 GMT
expires: Sun, 28 Apr 2024 13:45:37 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 108704
last-modified: Fri, 08 May 2020 07:05:03 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
news.okaynotification.com/js2/t/video2/index.html
188.114.97.1 35 kB URL news.okaynotification.com/js2/t/video2/index.html
IP 188.114.97.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1051), with CRLF line terminators
Hash e99118478f506f81f83c4bcb02af6714
24fcf6c78b5e3054b8c7e6e2337d6e30c9d93cfc
5765d6c612b52ecebe42ffc2ac10d5c61273ef52b799c5b367bed5143a850607
GET /js2/t/video2/index.html HTTP/1.1
Host: news.okaynotification.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://memorandum.okaynotification.com/
Cookie: jjj=19; u=31x4691x1543644ec8198b4c8
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 30 Apr 2023 19:57:21 GMT
content-type: text/html
last-modified: Fri, 09 Oct 2020 15:22:15 GMT
vary: Accept-Encoding
expires: Mon, 29 Apr 2024 19:57:21 GMT
cache-control: max-age=31536000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PLAcwulE%2FEFnsiHiTrGzfvQVkT0mKVu%2FvtBKJZCRwUu2mmgg%2F6WWAxEYihJrgipDdXAWsjnQfRGUwQPYKhWVgR9F%2F5jdR4hFJ59FrZh29jFPX%2FE4J5DcUrWFl5TfoyVPJJqlqrdqvIbNlNhq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c025a7029220b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
mainstreamlp.s3-eu-west-1.amazonaws.com/cassandra/unnamed.gif
52.218.46.154200 OK 56 kB URL GET HTTP/1.1 mainstreamlp.s3-eu-west-1.amazonaws.com/cassandra/unnamed.gif
IP 52.218.46.154:443
Requested by https://news.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate IssuerAmazon
Subject*.s3-eu-west-1.amazonaws.com
Fingerprint65:68:E2:68:16:9C:A1:45:3E:AA:7F:E8:6C:8C:07:12:86:2D:DC:10
ValidityWed, 21 Sep 2022 00:00:00 GMT - Wed, 30 Aug 2023 23:59:59 GMT
File type GIF image data, version 89a, 250 x 200\012- data
Hash 426e71e4e8b69c27ca1530ad8ea0f337
25491dd7883395b030d8e57364878ce642834e37
29439e6057faf7858a2ebb5844b6f2751386bd4c39648ea3c2c60d5e1a3f17f1
GET /cassandra/unnamed.gif HTTP/1.1
Host: mainstreamlp.s3-eu-west-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://note.okaynotification.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: VYgzVhEkf+0Lvk7y43RzKDUqYrFJTFa8WceBPyf1NubfBgVnJTFuWyJ3Q5K83mpQAIwP04fc+JY=
x-amz-request-id: N80P4APYHXE4C7T9
Date: Sun, 30 Apr 2023 19:57:22 GMT
Last-Modified: Wed, 20 May 2020 16:12:00 GMT
ETag: "426e71e4e8b69c27ca1530ad8ea0f337"
Accept-Ranges: bytes
Content-Type: image/gif
Server: AmazonS3
Content-Length: 55495
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
104.17.25.14200 OK 5.6 kB URL GET HTTP/3 cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
IP 104.17.25.14:443
Requested by https://memorandum.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA9:11:71:07:07:92:48:7E:A9:3C:E8:32:25:3F:EB:AC:7D:51:7E:8F
ValidityWed, 03 Aug 2022 00:00:00 GMT - Wed, 02 Aug 2023 23:59:59 GMT
File type ASCII text, with very long lines (30837)
Hash 109d1ed85cd01f9cdab73a4cac5bf80d
d6c6498ad46de2d8e2008a8ff68e364ae7f16b32
8b3a74fe462f5b3c0635995fd721a60eb640e237680b0b532b96711f2823e8bc
GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: cdnjs.cloudflare.com
Connection: keep-alive
Referer: https://word.okaynotification.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 30 Apr 2023 19:57:22 GMT
content-type: text/css; charset=utf-8
content-length: 5631
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-7918"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1553753
expires: Fri, 19 Apr 2024 19:57:22 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GeOVSYXStmcSJJqY%2Fn7BA6ydr2beNlfpcFhPR4tuAZzfSgsB1%2FVTdD0d4Ta7OR04V2BFsoNIviQAg5hE0X5NyN5jmjnsikfk6ggjXThKvcmy37Z87KBKeJYDbQI8f7RX8kYx0CQY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7c025a751b26b4ed-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
unread.okaynotification.com/js2/t/video2/inc.js
104.21.84.214 34 kB URL unread.okaynotification.com/js2/t/video2/inc.js
IP 104.21.84.214:0
File type ASCII text, with CRLF line terminators
Hash d452447ba00b18822a2f6db40406f63f
8d08282dcd3d0ed1fc191fe94b2efa708f56e5b3
8412ec06e1027b221f1e5a6354e86f36a8c006b15b12311d63db35b51d043859
GET /js2/t/video2/inc.js HTTP/1.1
Host: unread.okaynotification.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: unread.okaynotification.com
Connection: keep-alive
Referer: https://unread.okaynotification.com/js2/t/video2/index.html
Cookie: jjj=8; u=31x4691x1543644ec8198b4c8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 30 Apr 2023 19:57:17 GMT
content-type: application/javascript
last-modified: Mon, 16 Aug 2021 15:15:52 GMT
vary: Accept-Encoding
etag: W/"611a8128-3385"
expires: Sun, 28 Apr 2024 10:25:06 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 120731
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0htYvBBN8jF28GaqQkDD8G9pQLOsaTLqyR1m8DkJMBzrxuO%2BZMlhsICbTybiNx7TE99HqDd08K1gJB481tuCg8ybVn6kWzmTfxbLWArqwimpDwc4p2I33EvlsVx4ljxucDS9FLPrUxemzh4WUNA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c025a595f73fabc-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
click.okaynotification.com/js2/t/video2/index.html
104.21.84.214 30 kB URL click.okaynotification.com/js2/t/video2/index.html
IP 104.21.84.214:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1051), with CRLF line terminators
Hash 7cf634d9c4487f1eb951466235d9d43b
f8e9a35ce875910132b06b6da86d71254e1f35b4
2a1099b9552c14808f72c7bfb6569086075030ff9c983979d1a9ee9b8f42bba7
GET /js2/t/video2/index.html HTTP/1.1
Host: click.okaynotification.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://notice.okaynotification.com/
Cookie: jjj=3; u=31x4691x1543644ec8198b4c8
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 30 Apr 2023 19:57:15 GMT
content-type: text/html
last-modified: Fri, 09 Oct 2020 15:22:15 GMT
vary: Accept-Encoding
expires: Mon, 29 Apr 2024 19:57:15 GMT
cache-control: max-age=31536000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vbwx8L4vORBoAyL1PB6fbxSxJG1U3MmE1r5DhbxXmEJKSvP%2Bzvm7dfL3pPCJBLKYP%2BBCf0dx2nXtbV%2FuwCmqt0jL4PtFdO73zHz%2FK957AaDy9pRwUTB8jkiKhFAZ8bbIP6MUIcsR19DY3qR9vA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c025a4c6f5bb4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
word.okaynotification.com/js2/t/video2/index.html
188.114.97.1 60 kB URL word.okaynotification.com/js2/t/video2/index.html
IP 188.114.97.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1051), with CRLF line terminators
Hash 291bf03d15a76f032f9ebc22ffc5675c
b1b8d9247783d0c7dbe9c2ea154f1d3421561988
22662f082136316da80b89bc6b6c6d28bbd720f53c4ee51c67a2ef5c09b55f96
Analyzer Verdict Alert fortinet Phishing
GET /js2/t/video2/index.html HTTP/1.1
Host: word.okaynotification.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://note.okaynotification.com/
Cookie: jjj=21; u=31x4691x1543644ec8198b4c8
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 30 Apr 2023 19:57:21 GMT
content-type: text/html
last-modified: Fri, 09 Oct 2020 15:22:15 GMT
vary: Accept-Encoding
expires: Mon, 29 Apr 2024 19:57:21 GMT
cache-control: max-age=31536000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V%2BdnnZFQ3LlxNP8SOg8%2FWArrDYG1BJ2mt%2F3vX2pZdHZQ9kcML0stY0kcVZxkSRa7TVmku0SXAn%2BH2Q0L1FuUiughVjBaUgtg%2B9C17Aj8nSjxoUXEnzb7X4LsJjTDf1BUt4F2RfOQNfEohTuY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c025a73ed7f0b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
104.17.25.14200 OK 5.6 kB URL GET HTTP/3 cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
IP 104.17.25.14:443
Requested by https://memorandum.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA9:11:71:07:07:92:48:7E:A9:3C:E8:32:25:3F:EB:AC:7D:51:7E:8F
ValidityWed, 03 Aug 2022 00:00:00 GMT - Wed, 02 Aug 2023 23:59:59 GMT
File type ASCII text, with very long lines (30837)
Hash 109d1ed85cd01f9cdab73a4cac5bf80d
d6c6498ad46de2d8e2008a8ff68e364ae7f16b32
8b3a74fe462f5b3c0635995fd721a60eb640e237680b0b532b96711f2823e8bc
GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: cdnjs.cloudflare.com
Connection: keep-alive
Referer: https://cannonball.okaynotification.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 30 Apr 2023 19:57:22 GMT
content-type: text/css; charset=utf-8
content-length: 5631
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-7918"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1553753
expires: Fri, 19 Apr 2024 19:57:22 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K1NfAx3UUkqrWtPcyoQId2M1XeC0Vril4h7Mu1iUaGsP27F3%2FkPNVmhphlR7ZcIYBIlQr6%2Bs2tRbouCb6qijYdnlrmyWnYAOC2vHgfP995RNY4hLaVG%2BBqxvOnc%2FLfOVIaFSxCDh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7c025a781872b4ed-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
142.250.74.106200 OK 31 kB URL GET HTTP/3 ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP 142.250.74.106:443
Requested by https://letter.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint78:8B:BB:40:DD:1D:5B:E9:7B:AA:CC:94:45:44:7F:FD:56:6E:E4:60
ValidityMon, 03 Apr 2023 08:24:24 GMT - Mon, 26 Jun 2023 08:24:23 GMT
File type ASCII text, with very long lines (65451)
Hash 903bc7a7e510f87aa5d0201eb59a0832
ac9aa4dd94cde1bcba9037e94087138b127e41fc
41a7ac8150cc9f38421451d5143c1ffec7a1f1fafbf7a7fc0f51b98ad699cf8f
GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: ajax.googleapis.com
Connection: keep-alive
Referer: https://cannonball.okaynotification.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31021
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 29 Apr 2023 13:45:37 GMT
expires: Sun, 28 Apr 2024 13:45:37 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 108705
last-modified: Fri, 08 May 2020 07:05:03 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
mainstreamlp.s3-eu-west-1.amazonaws.com/cassandra/unnamed.gif
52.218.46.154200 OK 56 kB URL GET HTTP/1.1 mainstreamlp.s3-eu-west-1.amazonaws.com/cassandra/unnamed.gif
IP 52.218.46.154:443
Requested by https://news.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate IssuerAmazon
Subject*.s3-eu-west-1.amazonaws.com
Fingerprint65:68:E2:68:16:9C:A1:45:3E:AA:7F:E8:6C:8C:07:12:86:2D:DC:10
ValidityWed, 21 Sep 2022 00:00:00 GMT - Wed, 30 Aug 2023 23:59:59 GMT
File type GIF image data, version 89a, 250 x 200\012- data
Hash 426e71e4e8b69c27ca1530ad8ea0f337
25491dd7883395b030d8e57364878ce642834e37
29439e6057faf7858a2ebb5844b6f2751386bd4c39648ea3c2c60d5e1a3f17f1
GET /cassandra/unnamed.gif HTTP/1.1
Host: mainstreamlp.s3-eu-west-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cannonball.okaynotification.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: NHjj7K694SKO8KTG4kWSsRnHDSBK16lSqQH6IX9yNkGhzn178OsYy8yn1YH69X+KIbESadOUwCo=
x-amz-request-id: K4N25HDV4KJDTH8Y
Date: Sun, 30 Apr 2023 19:57:23 GMT
Last-Modified: Wed, 20 May 2020 16:12:00 GMT
ETag: "426e71e4e8b69c27ca1530ad8ea0f337"
Accept-Ranges: bytes
Content-Type: image/gif
Server: AmazonS3
Content-Length: 55495
cannonball.okaynotification.com/js2/t/video2/index.html
188.114.97.1 30 kB URL cannonball.okaynotification.com/js2/t/video2/index.html
IP 188.114.97.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1051), with CRLF line terminators
Hash 7cf634d9c4487f1eb951466235d9d43b
f8e9a35ce875910132b06b6da86d71254e1f35b4
2a1099b9552c14808f72c7bfb6569086075030ff9c983979d1a9ee9b8f42bba7
Analyzer Verdict Alert fortinet Phishing
GET /js2/t/video2/index.html HTTP/1.1
Host: cannonball.okaynotification.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://word.okaynotification.com/
Cookie: jjj=22; u=31x4691x1543644ec8198b4c8
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 30 Apr 2023 19:57:22 GMT
content-type: text/html
last-modified: Fri, 09 Oct 2020 15:22:15 GMT
vary: Accept-Encoding
expires: Mon, 29 Apr 2024 19:57:22 GMT
cache-control: max-age=31536000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DnQmKemJ4ii3t9zhTz7VDwn%2BmOh%2BmoRXdcY7A4hGiPRicThTHiYSYLJJSK8x%2Ff%2FIlrY1slCFaJIJOPsM4QoFEz0%2Bwdh2ZAdtXNwVXpW9bzX7U54eTE8JtAhXGYC7Pvn8%2BmBnFVHNw5FXF0xmYd8yl3sc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c025a7668a90b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
104.17.25.14200 OK 5.6 kB URL GET HTTP/3 cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
IP 104.17.25.14:443
Requested by https://memorandum.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA9:11:71:07:07:92:48:7E:A9:3C:E8:32:25:3F:EB:AC:7D:51:7E:8F
ValidityWed, 03 Aug 2022 00:00:00 GMT - Wed, 02 Aug 2023 23:59:59 GMT
File type ASCII text, with very long lines (30837)
Hash 109d1ed85cd01f9cdab73a4cac5bf80d
d6c6498ad46de2d8e2008a8ff68e364ae7f16b32
8b3a74fe462f5b3c0635995fd721a60eb640e237680b0b532b96711f2823e8bc
GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: cdnjs.cloudflare.com
Connection: keep-alive
Referer: https://bulletin.okaynotification.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 30 Apr 2023 19:57:23 GMT
content-type: text/css; charset=utf-8
content-length: 5631
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-7918"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1553754
expires: Fri, 19 Apr 2024 19:57:23 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vl7uxKO7SIRsW%2BArvOXoEgtn6eS6bzRMq2fiIPPuyIbD0Czv6mIZ%2F8djUYQkiJEcFFW%2FU74xLZxa65UUzmpyyuAv%2F0djc%2BJwuFckQzkwWV3C0XCR5SlnmQRCKi5VN2ps2EHiYn8M"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7c025a7bbdd1b4ed-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
mainstreamlp.s3-eu-west-1.amazonaws.com/cassandra/giphy.gif
52.218.46.154 25 kB URL GET mainstreamlp.s3-eu-west-1.amazonaws.com/cassandra/giphy.gif
IP 52.218.46.154:0
Requested by https://note.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate IssuerAmazon
Subject*.s3-eu-west-1.amazonaws.com
Fingerprint65:68:E2:68:16:9C:A1:45:3E:AA:7F:E8:6C:8C:07:12:86:2D:DC:10
ValidityWed, 21 Sep 2022 00:00:00 GMT - Wed, 30 Aug 2023 23:59:59 GMT
File type GIF image data, version 89a, 480 x 480\012- data
Hash 7e3fce0b52710d1cff60184ab6957570
44d0b8f01481a72a93da9a5b37898d15d33e6ad6
b0f4b9ef95abb8ac47aeea2bedfbcd0df609b82a1c6cb4f73497a3b061929074
GET /cassandra/giphy.gif HTTP/1.1
Host: mainstreamlp.s3-eu-west-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bulletin.okaynotification.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: uf035pE8Fcfi4FkJcCiBfK0vRf+1T1VHjionlFcs3fmRDVgqQ/K9yZ+6ds2RL/jVUzILR6FDf3g=
x-amz-request-id: 5R3FN9H5DP2ADTS5
Date: Sun, 30 Apr 2023 19:57:24 GMT
Last-Modified: Wed, 20 May 2020 16:30:23 GMT
ETag: "7e3fce0b52710d1cff60184ab6957570"
Accept-Ranges: bytes
Content-Type: image/gif
Server: AmazonS3
Content-Length: 24722
word.okaynotification.com/js2/t/video2/inc.js
188.114.97.1 59 kB URL word.okaynotification.com/js2/t/video2/inc.js
IP 188.114.97.1:0
File type ASCII text, with CRLF line terminators
Hash 4dd768e4bcb420c52e6df1122e041b14
033a248325d1c6bcc2a7427e349716aa7855c32f
36f52bc449a96c0b44a07ad23bbf42d0b146294ab19ce7325f431fae6bff7800
Analyzer Verdict Alert fortinet Phishing
GET /js2/t/video2/inc.js HTTP/1.1
Host: word.okaynotification.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: word.okaynotification.com
Connection: keep-alive
Referer: https://word.okaynotification.com/js2/t/video2/index.html
Cookie: jjj=21; u=31x4691x1543644ec8198b4c8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 30 Apr 2023 19:57:22 GMT
content-type: application/javascript
last-modified: Mon, 16 Aug 2021 15:15:52 GMT
vary: Accept-Encoding
etag: W/"611a8128-3385"
expires: Sun, 28 Apr 2024 15:00:10 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 104232
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D%2BmtKpkZ1oK0auMAt0kKtpkFlqO72SOTpD%2Ff6YCmNU%2FULXXSsLBTz50lBmwXcNpMf%2FbmuCdEmpPaEG1dV3K%2Fns7oe76VWEV0DHZJ0zx8VPmI%2FxqhgNG4%2F16H9WDBsONHnKraFmmP%2BtnlLcQK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c025a752ed10b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
142.250.74.106200 OK 31 kB URL GET HTTP/3 ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP 142.250.74.106:443
Requested by https://letter.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint78:8B:BB:40:DD:1D:5B:E9:7B:AA:CC:94:45:44:7F:FD:56:6E:E4:60
ValidityMon, 03 Apr 2023 08:24:24 GMT - Mon, 26 Jun 2023 08:24:23 GMT
File type ASCII text, with very long lines (65451)
Hash 903bc7a7e510f87aa5d0201eb59a0832
ac9aa4dd94cde1bcba9037e94087138b127e41fc
41a7ac8150cc9f38421451d5143c1ffec7a1f1fafbf7a7fc0f51b98ad699cf8f
GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: ajax.googleapis.com
Connection: keep-alive
Referer: https://bulletin.okaynotification.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31021
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 29 Apr 2023 13:45:37 GMT
expires: Sun, 28 Apr 2024 13:45:37 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 108706
last-modified: Fri, 08 May 2020 07:05:03 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cannonball.okaynotification.com/js2/t/video2/inc.js
188.114.97.1 12 kB URL cannonball.okaynotification.com/js2/t/video2/inc.js
IP 188.114.97.1:0
File type ASCII text, with CRLF line terminators
Hash 21381d506f7bf0633a2d53c810629571
9bccfe5aabb0478fe1f98a4fbb6d633b69a6190e
874edb502239ed75e62a4ea8d76cf79c41f8d4078555b0f257a7e4774eeb8bf7
Analyzer Verdict Alert fortinet Phishing
GET /js2/t/video2/inc.js HTTP/1.1
Host: cannonball.okaynotification.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: cannonball.okaynotification.com
Connection: keep-alive
Referer: https://cannonball.okaynotification.com/js2/t/video2/index.html
Cookie: jjj=22; u=31x4691x1543644ec8198b4c8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 30 Apr 2023 19:57:22 GMT
content-type: application/javascript
last-modified: Mon, 16 Aug 2021 15:15:52 GMT
vary: Accept-Encoding
etag: W/"611a8128-3385"
expires: Sun, 28 Apr 2024 17:29:02 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 95300
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ucYHtK5C5cvtsranYgRI31hO7NU%2FyvptV4tLkd7OOTH4EzZn5WhjupRBnfABkIHl610aWT0EaQ6n48Geto6%2BKaVb5WDldRPJhpjzNGJC%2B6pIpAM1Z0YoPLreuc6uyIJLz0kBQ5KhMBiahkEG%2FXkTAN%2Fx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c025a784af80b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
142.250.74.106200 OK 31 kB URL GET HTTP/3 ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP 142.250.74.106:443
Requested by https://letter.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint78:8B:BB:40:DD:1D:5B:E9:7B:AA:CC:94:45:44:7F:FD:56:6E:E4:60
ValidityMon, 03 Apr 2023 08:24:24 GMT - Mon, 26 Jun 2023 08:24:23 GMT
File type ASCII text, with very long lines (65451)
Hash 903bc7a7e510f87aa5d0201eb59a0832
ac9aa4dd94cde1bcba9037e94087138b127e41fc
41a7ac8150cc9f38421451d5143c1ffec7a1f1fafbf7a7fc0f51b98ad699cf8f
GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: ajax.googleapis.com
Connection: keep-alive
Referer: https://warning.okaynotification.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31021
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 29 Apr 2023 13:45:37 GMT
expires: Sun, 28 Apr 2024 13:45:37 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 108706
last-modified: Fri, 08 May 2020 07:05:03 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
mainstreamlp.s3-eu-west-1.amazonaws.com/cassandra/giphy.gif
52.218.46.154 25 kB URL GET mainstreamlp.s3-eu-west-1.amazonaws.com/cassandra/giphy.gif
IP 52.218.46.154:0
Requested by https://note.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate IssuerAmazon
Subject*.s3-eu-west-1.amazonaws.com
Fingerprint65:68:E2:68:16:9C:A1:45:3E:AA:7F:E8:6C:8C:07:12:86:2D:DC:10
ValidityWed, 21 Sep 2022 00:00:00 GMT - Wed, 30 Aug 2023 23:59:59 GMT
File type GIF image data, version 89a, 480 x 480\012- data
Hash 7e3fce0b52710d1cff60184ab6957570
44d0b8f01481a72a93da9a5b37898d15d33e6ad6
b0f4b9ef95abb8ac47aeea2bedfbcd0df609b82a1c6cb4f73497a3b061929074
GET /cassandra/giphy.gif HTTP/1.1
Host: mainstreamlp.s3-eu-west-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://warning.okaynotification.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: Prsc2afGQxqcG02iWjv2lB0sMNgRmgKTbGPdDerkAqMOjFVf1Zdh49SHzbaRk2g4skAov7Cnu2M=
x-amz-request-id: 5R3EHNTVFX33GAEW
Date: Sun, 30 Apr 2023 19:57:24 GMT
Last-Modified: Wed, 20 May 2020 16:30:23 GMT
ETag: "7e3fce0b52710d1cff60184ab6957570"
Accept-Ranges: bytes
Content-Type: image/gif
Server: AmazonS3
Content-Length: 24722
mainstreamlp.s3-eu-west-1.amazonaws.com/cassandra/unnamed.gif
52.218.46.154200 OK 56 kB URL GET HTTP/1.1 mainstreamlp.s3-eu-west-1.amazonaws.com/cassandra/unnamed.gif
IP 52.218.46.154:443
Requested by https://news.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate IssuerAmazon
Subject*.s3-eu-west-1.amazonaws.com
Fingerprint65:68:E2:68:16:9C:A1:45:3E:AA:7F:E8:6C:8C:07:12:86:2D:DC:10
ValidityWed, 21 Sep 2022 00:00:00 GMT - Wed, 30 Aug 2023 23:59:59 GMT
File type GIF image data, version 89a, 250 x 200\012- data
Hash 426e71e4e8b69c27ca1530ad8ea0f337
25491dd7883395b030d8e57364878ce642834e37
29439e6057faf7858a2ebb5844b6f2751386bd4c39648ea3c2c60d5e1a3f17f1
GET /cassandra/unnamed.gif HTTP/1.1
Host: mainstreamlp.s3-eu-west-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://warning.okaynotification.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: jmHf08TQ3wU6mXbAluZIbcigXTax6Nw80gViXhKjikzfLVVcNoOUQzqqvAbhG55dzj6gI/NsU5Q=
x-amz-request-id: 5R3399CMJ5DSY9CD
Date: Sun, 30 Apr 2023 19:57:24 GMT
Last-Modified: Wed, 20 May 2020 16:12:00 GMT
ETag: "426e71e4e8b69c27ca1530ad8ea0f337"
Accept-Ranges: bytes
Content-Type: image/gif
Server: AmazonS3
Content-Length: 55495
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
104.17.25.14200 OK 5.6 kB URL GET HTTP/3 cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
IP 104.17.25.14:443
Requested by https://memorandum.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA9:11:71:07:07:92:48:7E:A9:3C:E8:32:25:3F:EB:AC:7D:51:7E:8F
ValidityWed, 03 Aug 2022 00:00:00 GMT - Wed, 02 Aug 2023 23:59:59 GMT
File type ASCII text, with very long lines (30837)
Hash 109d1ed85cd01f9cdab73a4cac5bf80d
d6c6498ad46de2d8e2008a8ff68e364ae7f16b32
8b3a74fe462f5b3c0635995fd721a60eb640e237680b0b532b96711f2823e8bc
GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: cdnjs.cloudflare.com
Connection: keep-alive
Referer: https://alert.okaynotification.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 30 Apr 2023 19:57:24 GMT
content-type: text/css; charset=utf-8
content-length: 5631
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-7918"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1553755
expires: Fri, 19 Apr 2024 19:57:24 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WMWbcc406qCDZrL6yN3Jg%2FlYmX%2F0Lpl8cFE4hRlu%2Fb18HGf%2BENg8N7USzDA%2BrNTEKtp2i1nrjjwmW1pY0ecXdTxyPmfLzgn7uXUt3or0OVD5lOnTzR5yqiX25aXun6RL5SrFuym9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7c025a83ca05b4ed-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
142.250.74.106200 OK 31 kB URL GET HTTP/3 ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP 142.250.74.106:443
Requested by https://letter.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint78:8B:BB:40:DD:1D:5B:E9:7B:AA:CC:94:45:44:7F:FD:56:6E:E4:60
ValidityMon, 03 Apr 2023 08:24:24 GMT - Mon, 26 Jun 2023 08:24:23 GMT
File type ASCII text, with very long lines (65451)
Hash 903bc7a7e510f87aa5d0201eb59a0832
ac9aa4dd94cde1bcba9037e94087138b127e41fc
41a7ac8150cc9f38421451d5143c1ffec7a1f1fafbf7a7fc0f51b98ad699cf8f
GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: ajax.googleapis.com
Connection: keep-alive
Referer: https://alert.okaynotification.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31021
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 29 Apr 2023 13:45:37 GMT
expires: Sun, 28 Apr 2024 13:45:37 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 108707
last-modified: Fri, 08 May 2020 07:05:03 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
warning.okaynotification.com/js2/t/video2/index.html
104.21.84.214 30 kB URL warning.okaynotification.com/js2/t/video2/index.html
IP 104.21.84.214:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1051), with CRLF line terminators
Hash 7cf634d9c4487f1eb951466235d9d43b
f8e9a35ce875910132b06b6da86d71254e1f35b4
2a1099b9552c14808f72c7bfb6569086075030ff9c983979d1a9ee9b8f42bba7
GET /js2/t/video2/index.html HTTP/1.1
Host: warning.okaynotification.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bulletin.okaynotification.com/
Cookie: jjj=24; u=31x4691x1543644ec8198b4c8
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 30 Apr 2023 19:57:23 GMT
content-type: text/html
last-modified: Fri, 09 Oct 2020 15:22:15 GMT
vary: Accept-Encoding
expires: Mon, 29 Apr 2024 19:57:23 GMT
cache-control: max-age=31536000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PJzSijDD%2BY3LqE4UiEVLSrO2r1xG%2BoU%2BNAgWf1tMMROO9WmWQFglr8fRRh0v8%2BUsIuxwp%2FXGaJLwZJGLQnkrQKHK9Elyg%2BHRv9Wl%2BOTB%2B0R0KW30Mh2okhiTWqAFCfs1Vbi3kJ7M1VJ3%2FyXnLO%2FU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c025a7db829fabc-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
mainstreamlp.s3-eu-west-1.amazonaws.com/cassandra/unnamed.gif
52.218.46.154200 OK 56 kB URL GET HTTP/1.1 mainstreamlp.s3-eu-west-1.amazonaws.com/cassandra/unnamed.gif
IP 52.218.46.154:443
Requested by https://news.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate IssuerAmazon
Subject*.s3-eu-west-1.amazonaws.com
Fingerprint65:68:E2:68:16:9C:A1:45:3E:AA:7F:E8:6C:8C:07:12:86:2D:DC:10
ValidityWed, 21 Sep 2022 00:00:00 GMT - Wed, 30 Aug 2023 23:59:59 GMT
File type GIF image data, version 89a, 250 x 200\012- data
Hash 426e71e4e8b69c27ca1530ad8ea0f337
25491dd7883395b030d8e57364878ce642834e37
29439e6057faf7858a2ebb5844b6f2751386bd4c39648ea3c2c60d5e1a3f17f1
GET /cassandra/unnamed.gif HTTP/1.1
Host: mainstreamlp.s3-eu-west-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alert.okaynotification.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: +fwie0Ghs3kYsPB/8ZkKZRkBqtTP1b6KwSt39DznnJ8olSrQxZDRbVLKJpkt7cATMmezEVaHt1s=
x-amz-request-id: YPVH2PTTHSQT32F1
Date: Sun, 30 Apr 2023 19:57:25 GMT
Last-Modified: Wed, 20 May 2020 16:12:00 GMT
ETag: "426e71e4e8b69c27ca1530ad8ea0f337"
Accept-Ranges: bytes
Content-Type: image/gif
Server: AmazonS3
Content-Length: 55495
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
104.17.25.14200 OK 5.6 kB URL GET HTTP/3 cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
IP 104.17.25.14:443
Requested by https://memorandum.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA9:11:71:07:07:92:48:7E:A9:3C:E8:32:25:3F:EB:AC:7D:51:7E:8F
ValidityWed, 03 Aug 2022 00:00:00 GMT - Wed, 02 Aug 2023 23:59:59 GMT
File type ASCII text, with very long lines (30837)
Hash 109d1ed85cd01f9cdab73a4cac5bf80d
d6c6498ad46de2d8e2008a8ff68e364ae7f16b32
8b3a74fe462f5b3c0635995fd721a60eb640e237680b0b532b96711f2823e8bc
GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: cdnjs.cloudflare.com
Connection: keep-alive
Referer: https://communication.okaynotification.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 30 Apr 2023 19:57:25 GMT
content-type: text/css; charset=utf-8
content-length: 5631
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-7918"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1553756
expires: Fri, 19 Apr 2024 19:57:25 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HUU8pwb2hjc0rmDx6N7Pj4BwrYYzXKMmfDmUAsXSQgymEJvY7CFYEX0x3P30ij0%2BoyDkkFih2155gzAO4Vd9U3tE5X6f%2B6H9mCYnL79PaYfxW2fY4G8Eb2zwzSGoJmM65NgLh5uG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7c025a877fefb4ed-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
142.250.74.106200 OK 31 kB URL GET HTTP/3 ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP 142.250.74.106:443
Requested by https://letter.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint78:8B:BB:40:DD:1D:5B:E9:7B:AA:CC:94:45:44:7F:FD:56:6E:E4:60
ValidityMon, 03 Apr 2023 08:24:24 GMT - Mon, 26 Jun 2023 08:24:23 GMT
File type ASCII text, with very long lines (65451)
Hash 903bc7a7e510f87aa5d0201eb59a0832
ac9aa4dd94cde1bcba9037e94087138b127e41fc
41a7ac8150cc9f38421451d5143c1ffec7a1f1fafbf7a7fc0f51b98ad699cf8f
GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: ajax.googleapis.com
Connection: keep-alive
Referer: https://communication.okaynotification.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31021
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 29 Apr 2023 13:45:37 GMT
expires: Sun, 28 Apr 2024 13:45:37 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 108708
last-modified: Fri, 08 May 2020 07:05:03 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
mainstreamlp.s3-eu-west-1.amazonaws.com/cassandra/giphy.gif
52.218.46.154 25 kB URL GET mainstreamlp.s3-eu-west-1.amazonaws.com/cassandra/giphy.gif
IP 52.218.46.154:0
Requested by https://note.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate IssuerAmazon
Subject*.s3-eu-west-1.amazonaws.com
Fingerprint65:68:E2:68:16:9C:A1:45:3E:AA:7F:E8:6C:8C:07:12:86:2D:DC:10
ValidityWed, 21 Sep 2022 00:00:00 GMT - Wed, 30 Aug 2023 23:59:59 GMT
File type GIF image data, version 89a, 480 x 480\012- data
Hash 7e3fce0b52710d1cff60184ab6957570
44d0b8f01481a72a93da9a5b37898d15d33e6ad6
b0f4b9ef95abb8ac47aeea2bedfbcd0df609b82a1c6cb4f73497a3b061929074
GET /cassandra/giphy.gif HTTP/1.1
Host: mainstreamlp.s3-eu-west-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://communication.okaynotification.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: eCsJYhKgVXE5ylyWyEcYjARvwxCRK3hHqpRyU5GSy4ZyFagdPc0ftSU4hz32G11uWZjjRvhwCjs=
x-amz-request-id: 3DC3W8T02CW0ZQEP
Date: Sun, 30 Apr 2023 19:57:26 GMT
Last-Modified: Wed, 20 May 2020 16:30:23 GMT
ETag: "7e3fce0b52710d1cff60184ab6957570"
Accept-Ranges: bytes
Content-Type: image/gif
Server: AmazonS3
Content-Length: 24722
communication.okaynotification.com/js2/t/video2/index.html
188.114.97.1 60 kB URL communication.okaynotification.com/js2/t/video2/index.html
IP 188.114.97.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1051), with CRLF line terminators
Hash 39c33794b92185d0b18ba56916f9695c
6b237ffccced85682f409a926ca0e34084f0d293
20272a89bf8047590a1c8590b5bada0c2bdf7719595c520654c51cd4aae34ec2
GET /js2/t/video2/index.html HTTP/1.1
Host: communication.okaynotification.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alert.okaynotification.com/
Cookie: jjj=26; u=31x4691x1543644ec8198b4c8
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 30 Apr 2023 19:57:24 GMT
content-type: text/html
last-modified: Fri, 09 Oct 2020 15:22:15 GMT
vary: Accept-Encoding
expires: Mon, 29 Apr 2024 19:57:24 GMT
cache-control: max-age=31536000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4ZD%2FfKZOGqJVZrjga9O4dExmKoS2I%2FAVKnAtFC57TqjOI0GMvEjgvAu89aGraTz9infmCpZ48NWlXiJJM6wX7jlKVDSGqVrrEd%2FKtZi7vVNHo42MaKcS35lm2gqtFUHfSHPZvaYwyW13PtJXFlBF4luFvK5M"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c025a8589460b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
104.17.25.14200 OK 5.6 kB URL GET HTTP/3 cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
IP 104.17.25.14:443
Requested by https://memorandum.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA9:11:71:07:07:92:48:7E:A9:3C:E8:32:25:3F:EB:AC:7D:51:7E:8F
ValidityWed, 03 Aug 2022 00:00:00 GMT - Wed, 02 Aug 2023 23:59:59 GMT
File type ASCII text, with very long lines (30837)
Hash 109d1ed85cd01f9cdab73a4cac5bf80d
d6c6498ad46de2d8e2008a8ff68e364ae7f16b32
8b3a74fe462f5b3c0635995fd721a60eb640e237680b0b532b96711f2823e8bc
GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: cdnjs.cloudflare.com
Connection: keep-alive
Referer: https://communique.okaynotification.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 30 Apr 2023 19:57:25 GMT
content-type: text/css; charset=utf-8
content-length: 5631
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-7918"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1553756
expires: Fri, 19 Apr 2024 19:57:25 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OqSoRS0M44gDwMsFPSynfo9tkkZq0m00t64pyw05b39wMQZxfJP0qE5L1%2BZqr%2Fx5OPMS1CfdE3zkvnvlSlsCEWJ2i9VmS1HhQdofATEavTaOrS19sD1ZkCsuYfvO3enPkQ%2F2vB9m"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7c025a8caf92b4ed-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
alert.okaynotification.com/js2/t/video2/index.html
188.114.97.1 36 kB URL alert.okaynotification.com/js2/t/video2/index.html
IP 188.114.97.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1051), with CRLF line terminators
Hash d56cc6d834dafc3c16a5b81b16c06b34
de53f4508f80241d2d0d451b9e427aac12b08642
c44a9fce2960f3b42f211bd48a37c501f2bb575adfc6ce4edf153f0f6b1cb585
GET /js2/t/video2/index.html HTTP/1.1
Host: alert.okaynotification.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://warning.okaynotification.com/
Cookie: jjj=25; u=31x4691x1543644ec8198b4c8
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 30 Apr 2023 19:57:24 GMT
content-type: text/html
last-modified: Fri, 09 Oct 2020 15:22:15 GMT
vary: Accept-Encoding
expires: Mon, 29 Apr 2024 19:57:24 GMT
cache-control: max-age=31536000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hHWH5qEXbQhqRBYUPDrgWKDRktY1wjKfPegBcBJGckpfFOz%2B2wacZba3wbdokHiFGUjOWKW1Ye%2FglJkt2OM4wz83eSBTiROlNHRkdYeI%2BEoC7e%2FwihWfkzHuSwzp17a%2BbV%2FtvQg%2FTQ2hX%2FYARQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c025a81ad020b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
mainstreamlp.s3-eu-west-1.amazonaws.com/cassandra/giphy.gif
52.218.46.154 25 kB URL GET mainstreamlp.s3-eu-west-1.amazonaws.com/cassandra/giphy.gif
IP 52.218.46.154:0
Requested by https://note.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate IssuerAmazon
Subject*.s3-eu-west-1.amazonaws.com
Fingerprint65:68:E2:68:16:9C:A1:45:3E:AA:7F:E8:6C:8C:07:12:86:2D:DC:10
ValidityWed, 21 Sep 2022 00:00:00 GMT - Wed, 30 Aug 2023 23:59:59 GMT
File type GIF image data, version 89a, 480 x 480\012- data
Hash 7e3fce0b52710d1cff60184ab6957570
44d0b8f01481a72a93da9a5b37898d15d33e6ad6
b0f4b9ef95abb8ac47aeea2bedfbcd0df609b82a1c6cb4f73497a3b061929074
GET /cassandra/giphy.gif HTTP/1.1
Host: mainstreamlp.s3-eu-west-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://communique.okaynotification.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: xdve0AOuFxe3oLLHSbX9Spu3AbfV5XtnKfO7C7pQ50DalfyF9lrpQUjaSVzJ5shhIW9Tx5186Jk=
x-amz-request-id: 3DC6NADEG9BK219X
Date: Sun, 30 Apr 2023 19:57:26 GMT
Last-Modified: Wed, 20 May 2020 16:30:23 GMT
ETag: "7e3fce0b52710d1cff60184ab6957570"
Accept-Ranges: bytes
Content-Type: image/gif
Server: AmazonS3
Content-Length: 24722
communication.okaynotification.com/js2/t/video2/style.css
188.114.97.1 56 kB URL communication.okaynotification.com/js2/t/video2/style.css
IP 188.114.97.1:0
File type ASCII text, with CRLF line terminators
Hash 446f763128f9de2231529833843c0066
aef0c520d6e3933f132e69d5285e514b62362475
0056858631d29437477f09462ff55924738930607d9db7e550c4c68402a7978b
GET /js2/t/video2/style.css HTTP/1.1
Host: communication.okaynotification.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: communication.okaynotification.com
Connection: keep-alive
Referer: https://communication.okaynotification.com/js2/t/video2/index.html
Cookie: jjj=26; u=31x4691x1543644ec8198b4c8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 30 Apr 2023 19:57:25 GMT
content-type: text/css
last-modified: Thu, 21 May 2020 13:08:20 GMT
vary: Accept-Encoding
etag: W/"5ec67d44-79a"
expires: Sun, 28 Apr 2024 14:43:12 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 105253
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iJzE1okbupLstTmvJKSR1LhTyL21QJSwPDRRp6hD3CFDpQPKeBvLRZNoE88cwn64m1FEi1iHOhTjzP79qGT%2F%2FJDvrZ2p1Z9GM23lez4SMs050pSvhvlUT47xrHd7HF7yL0%2BWF99mSwUCTMiNeqrPltw97y7L"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c025a876b810b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
104.17.25.14200 OK 5.6 kB URL GET HTTP/3 cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
IP 104.17.25.14:443
Requested by https://memorandum.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA9:11:71:07:07:92:48:7E:A9:3C:E8:32:25:3F:EB:AC:7D:51:7E:8F
ValidityWed, 03 Aug 2022 00:00:00 GMT - Wed, 02 Aug 2023 23:59:59 GMT
File type ASCII text, with very long lines (30837)
Hash 109d1ed85cd01f9cdab73a4cac5bf80d
d6c6498ad46de2d8e2008a8ff68e364ae7f16b32
8b3a74fe462f5b3c0635995fd721a60eb640e237680b0b532b96711f2823e8bc
GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: cdnjs.cloudflare.com
Connection: keep-alive
Referer: https://declaration.okaynotification.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 30 Apr 2023 19:57:26 GMT
content-type: text/css; charset=utf-8
content-length: 5631
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-7918"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1553757
expires: Fri, 19 Apr 2024 19:57:26 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=brhAdBTljySXwvuv%2Fd4NxTv8AKidSAVQV56lOM%2FEcGqIXU3J9V1HjG9Pwhi3tCraVE8Cmdf9EysJ5eozXfUcmLnwl3lSSPclqnyYjsVGmb7OXrusM1qao7mI8Y80J8FrADPoNkId"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7c025a8f6c7eb4ed-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
142.250.74.106200 OK 31 kB URL GET HTTP/3 ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP 142.250.74.106:443
Requested by https://letter.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint78:8B:BB:40:DD:1D:5B:E9:7B:AA:CC:94:45:44:7F:FD:56:6E:E4:60
ValidityMon, 03 Apr 2023 08:24:24 GMT - Mon, 26 Jun 2023 08:24:23 GMT
File type ASCII text, with very long lines (65451)
Hash 903bc7a7e510f87aa5d0201eb59a0832
ac9aa4dd94cde1bcba9037e94087138b127e41fc
41a7ac8150cc9f38421451d5143c1ffec7a1f1fafbf7a7fc0f51b98ad699cf8f
GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: ajax.googleapis.com
Connection: keep-alive
Referer: https://declaration.okaynotification.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31021
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 29 Apr 2023 13:45:37 GMT
expires: Sun, 28 Apr 2024 13:45:37 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 108709
last-modified: Fri, 08 May 2020 07:05:03 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
mainstreamlp.s3-eu-west-1.amazonaws.com/cassandra/giphy.gif
52.218.46.154 25 kB URL GET mainstreamlp.s3-eu-west-1.amazonaws.com/cassandra/giphy.gif
IP 52.218.46.154:0
Requested by https://note.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate IssuerAmazon
Subject*.s3-eu-west-1.amazonaws.com
Fingerprint65:68:E2:68:16:9C:A1:45:3E:AA:7F:E8:6C:8C:07:12:86:2D:DC:10
ValidityWed, 21 Sep 2022 00:00:00 GMT - Wed, 30 Aug 2023 23:59:59 GMT
File type GIF image data, version 89a, 480 x 480\012- data
Hash 7e3fce0b52710d1cff60184ab6957570
44d0b8f01481a72a93da9a5b37898d15d33e6ad6
b0f4b9ef95abb8ac47aeea2bedfbcd0df609b82a1c6cb4f73497a3b061929074
GET /cassandra/giphy.gif HTTP/1.1
Host: mainstreamlp.s3-eu-west-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://declaration.okaynotification.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: 8HF9E76rB9ELFhfY8Z+pedAP+UjyNY+Wy8dFE3tr03U40jRGezWggW1XV2/Nqg59d0GYYKnBV+Q=
x-amz-request-id: CEMPXBC4E6FA72BJ
Date: Sun, 30 Apr 2023 19:57:27 GMT
Last-Modified: Wed, 20 May 2020 16:30:23 GMT
ETag: "7e3fce0b52710d1cff60184ab6957570"
Accept-Ranges: bytes
Content-Type: image/gif
Server: AmazonS3
Content-Length: 24722
mainstreamlp.s3-eu-west-1.amazonaws.com/cassandra/unnamed.gif
52.218.46.154200 OK 56 kB URL GET HTTP/1.1 mainstreamlp.s3-eu-west-1.amazonaws.com/cassandra/unnamed.gif
IP 52.218.46.154:443
Requested by https://news.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate IssuerAmazon
Subject*.s3-eu-west-1.amazonaws.com
Fingerprint65:68:E2:68:16:9C:A1:45:3E:AA:7F:E8:6C:8C:07:12:86:2D:DC:10
ValidityWed, 21 Sep 2022 00:00:00 GMT - Wed, 30 Aug 2023 23:59:59 GMT
File type GIF image data, version 89a, 250 x 200\012- data
Hash 426e71e4e8b69c27ca1530ad8ea0f337
25491dd7883395b030d8e57364878ce642834e37
29439e6057faf7858a2ebb5844b6f2751386bd4c39648ea3c2c60d5e1a3f17f1
GET /cassandra/unnamed.gif HTTP/1.1
Host: mainstreamlp.s3-eu-west-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://declaration.okaynotification.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: A1upuRYdNPKkJ8XUlOPCFQJ36D93EYofO5W1NF9H5S0gbleoc3sXSysqzOXAZuRA6yat66ZMsXE=
x-amz-request-id: CEMHQ8Z0MAVCZ6DG
Date: Sun, 30 Apr 2023 19:57:27 GMT
Last-Modified: Wed, 20 May 2020 16:12:00 GMT
ETag: "426e71e4e8b69c27ca1530ad8ea0f337"
Accept-Ranges: bytes
Content-Type: image/gif
Server: AmazonS3
Content-Length: 55495
big.okaynotification.com/js2/t/video2/inc.js
104.21.84.214 12 kB URL big.okaynotification.com/js2/t/video2/inc.js
IP 104.21.84.214:0
File type ASCII text, with CRLF line terminators
Hash 21381d506f7bf0633a2d53c810629571
9bccfe5aabb0478fe1f98a4fbb6d633b69a6190e
874edb502239ed75e62a4ea8d76cf79c41f8d4078555b0f257a7e4774eeb8bf7
GET /js2/t/video2/inc.js HTTP/1.1
Host: big.okaynotification.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: big.okaynotification.com
Connection: keep-alive
Referer: https://big.okaynotification.com/js2/t/video2/index.html
Cookie: jjj=13; u=31x4691x1543644ec8198b4c8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 30 Apr 2023 19:57:19 GMT
content-type: application/javascript
last-modified: Mon, 16 Aug 2021 15:15:52 GMT
vary: Accept-Encoding
etag: W/"611a8128-3385"
expires: Sun, 28 Apr 2024 17:28:56 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 95303
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t60IG1m9ONiYdGw8w0TLTe7fpYnUlt%2Fn2BdeJpmZL5kMscF4IfXjzewVpOmgA2M%2F%2BEai1V58PkPIQldB%2Bcuma38LRhNt%2F5Jyr0DEGIFc5%2FaNexp6bySf25lgGEZM8ar%2FrClT4z8VaW4p%2FMU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c025a64aa1efabc-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
142.250.74.106200 OK 31 kB URL GET HTTP/3 ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP 142.250.74.106:443
Requested by https://letter.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint78:8B:BB:40:DD:1D:5B:E9:7B:AA:CC:94:45:44:7F:FD:56:6E:E4:60
ValidityMon, 03 Apr 2023 08:24:24 GMT - Mon, 26 Jun 2023 08:24:23 GMT
File type ASCII text, with very long lines (65451)
Hash 903bc7a7e510f87aa5d0201eb59a0832
ac9aa4dd94cde1bcba9037e94087138b127e41fc
41a7ac8150cc9f38421451d5143c1ffec7a1f1fafbf7a7fc0f51b98ad699cf8f
GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: ajax.googleapis.com
Connection: keep-alive
Referer: https://report.okaynotification.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31021
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 29 Apr 2023 13:45:37 GMT
expires: Sun, 28 Apr 2024 13:45:37 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 108709
last-modified: Fri, 08 May 2020 07:05:03 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
report.okaynotification.com/js2/t/video2/style.css
188.114.97.1 26 kB URL report.okaynotification.com/js2/t/video2/style.css
IP 188.114.97.1:0
File type ASCII text, with CRLF line terminators
Hash 61fadcc0fac3d7335dd2800ceef516f0
7bc11bfe730f610c74351741706b5415a4a59fd2
65b1b23954405e06a63d48694adee3a33acb76c83bbd360c95aa8ec97feb6a98
GET /js2/t/video2/style.css HTTP/1.1
Host: report.okaynotification.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: report.okaynotification.com
Connection: keep-alive
Referer: https://report.okaynotification.com/js2/t/video2/index.html
Cookie: jjj=29; u=31x4691x1543644ec8198b4c8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 30 Apr 2023 19:57:26 GMT
content-type: text/css
last-modified: Thu, 21 May 2020 13:08:20 GMT
vary: Accept-Encoding
etag: W/"5ec67d44-79a"
expires: Sun, 28 Apr 2024 15:00:15 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 104231
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OAKOfb37hWhSbnATZxsWcxlTkgdhhDdMtt4rnYoW3an13T961IcG0k7GOLuXAHKs9zYtXa3sDeIv7UKIRcn4Q5KAv71tzZKCiPY%2FEnIBw6BmrZS7CCKvXHDFIm1DIKnX4zAgDrkQFAghJcdWy40%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c025a92884a0b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
declaration.okaynotification.com/js2/t/video2/index.html
104.21.84.214 60 kB URL declaration.okaynotification.com/js2/t/video2/index.html
IP 104.21.84.214:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1051), with CRLF line terminators
Hash 39c33794b92185d0b18ba56916f9695c
6b237ffccced85682f409a926ca0e34084f0d293
20272a89bf8047590a1c8590b5bada0c2bdf7719595c520654c51cd4aae34ec2
GET /js2/t/video2/index.html HTTP/1.1
Host: declaration.okaynotification.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://communique.okaynotification.com/
Cookie: jjj=28; u=31x4691x1543644ec8198b4c8
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 30 Apr 2023 19:57:26 GMT
content-type: text/html
last-modified: Fri, 09 Oct 2020 15:22:15 GMT
vary: Accept-Encoding
expires: Mon, 29 Apr 2024 19:57:26 GMT
cache-control: max-age=31536000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HHVeGVAMxi0thkw%2B7OKXreYEvgvQkRItLed0xBKspNwnWN%2FXgqCMnFsOW0S9E9HlbYFPFRtevqvHu5ed5miFfelVn%2BwM9pzz%2B%2FS6TBgccvuELpk%2BI4iqRjKP%2FFHK1QFZtXL%2FbXea7RUvuMe5ADiFw9llrw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c025a8e3870fabc-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
report.okaynotification.com/js2/t/video2/index.html
188.114.97.1 10 kB URL report.okaynotification.com/js2/t/video2/index.html
IP 188.114.97.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1051), with CRLF line terminators
Hash 5b1a27a94112efc1f91e5b578465fcad
6e21149abfc451cf5b99d5d247afa66ee2bd9bde
64fc3c9df87d6d9f26745d52bd015f0949646d76c7ef03afe29a07d18432f13f
GET /js2/t/video2/index.html HTTP/1.1
Host: report.okaynotification.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://declaration.okaynotification.com/
Cookie: jjj=29; u=31x4691x1543644ec8198b4c8
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 30 Apr 2023 19:57:26 GMT
content-type: text/html
last-modified: Fri, 09 Oct 2020 15:22:15 GMT
vary: Accept-Encoding
expires: Mon, 29 Apr 2024 19:57:26 GMT
cache-control: max-age=31536000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KfHjPMfvN9ACENtnpMRrayFRVj%2Fe%2F04FjXUYpeC%2FTJ6mYNySVv3%2BII06XU%2BC%2FBD9zX%2Bx593jUZwN3QPTYGp01H1cx2va2PMoqpihsPztovwqqh8zoTJ%2BRqFtf5AcHWUGNpzakx7u9qRRYzNRS3I%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c025a915ed60b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
142.250.74.106200 OK 31 kB URL GET HTTP/3 ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP 142.250.74.106:443
Requested by https://letter.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint78:8B:BB:40:DD:1D:5B:E9:7B:AA:CC:94:45:44:7F:FD:56:6E:E4:60
ValidityMon, 03 Apr 2023 08:24:24 GMT - Mon, 26 Jun 2023 08:24:23 GMT
File type ASCII text, with very long lines (65451)
Hash 903bc7a7e510f87aa5d0201eb59a0832
ac9aa4dd94cde1bcba9037e94087138b127e41fc
41a7ac8150cc9f38421451d5143c1ffec7a1f1fafbf7a7fc0f51b98ad699cf8f
GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: ajax.googleapis.com
Connection: keep-alive
Referer: https://statement.okaynotification.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31021
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 29 Apr 2023 13:45:37 GMT
expires: Sun, 28 Apr 2024 13:45:37 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 108710
last-modified: Fri, 08 May 2020 07:05:03 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
mainstreamlp.s3-eu-west-1.amazonaws.com/cassandra/giphy.gif
52.218.46.154 25 kB URL GET mainstreamlp.s3-eu-west-1.amazonaws.com/cassandra/giphy.gif
IP 52.218.46.154:0
Requested by https://note.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate IssuerAmazon
Subject*.s3-eu-west-1.amazonaws.com
Fingerprint65:68:E2:68:16:9C:A1:45:3E:AA:7F:E8:6C:8C:07:12:86:2D:DC:10
ValidityWed, 21 Sep 2022 00:00:00 GMT - Wed, 30 Aug 2023 23:59:59 GMT
File type GIF image data, version 89a, 480 x 480\012- data
Hash 7e3fce0b52710d1cff60184ab6957570
44d0b8f01481a72a93da9a5b37898d15d33e6ad6
b0f4b9ef95abb8ac47aeea2bedfbcd0df609b82a1c6cb4f73497a3b061929074
GET /cassandra/giphy.gif HTTP/1.1
Host: mainstreamlp.s3-eu-west-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://statement.okaynotification.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: FWLt9FVz6qdhjLqijI+3FMXdvr7vUYE8iGuHvXFe1vyOtfam3+4SMVEEJhbRs7AWF7cHn9WcRYQ=
x-amz-request-id: 0M13Q44QMW4HC911
Date: Sun, 30 Apr 2023 19:57:28 GMT
Last-Modified: Wed, 20 May 2020 16:30:23 GMT
ETag: "7e3fce0b52710d1cff60184ab6957570"
Accept-Ranges: bytes
Content-Type: image/gif
Server: AmazonS3
Content-Length: 24722
communique.okaynotification.com/js2/t/video2/index.html
188.114.97.1 62 kB URL communique.okaynotification.com/js2/t/video2/index.html
IP 188.114.97.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1051), with CRLF line terminators
Hash d7c4fbdf23dfa61b16cacd6d72903e05
f0e8239b2aec228a4fa6539d1cc589fd33a9422b
3512e8c2a28f64becae8740177b7115094275238d5022eeec827c10573ab9aeb
GET /js2/t/video2/index.html HTTP/1.1
Host: communique.okaynotification.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://communication.okaynotification.com/
Cookie: jjj=27; u=31x4691x1543644ec8198b4c8
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 30 Apr 2023 19:57:25 GMT
content-type: text/html
last-modified: Fri, 09 Oct 2020 15:22:15 GMT
vary: Accept-Encoding
expires: Mon, 29 Apr 2024 19:57:25 GMT
cache-control: max-age=31536000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=raK8G5yaso%2FFO6HexEK%2BuWvPy7iPx7Z4pnYI%2BkfQ5ndtUjhDT%2FlpbSEemWd8xO8%2BAVndo31LF20oRI5jZuV%2Brqm9YDLYFsCSfA4TedvzNoxYDKCkdYlGs65g1PiFTyDudWFDSnZCop3w49W1%2FbQbYl3h"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c025a89ade90b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
104.17.25.14200 OK 5.6 kB URL GET HTTP/3 cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
IP 104.17.25.14:443
Requested by https://memorandum.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA9:11:71:07:07:92:48:7E:A9:3C:E8:32:25:3F:EB:AC:7D:51:7E:8F
ValidityWed, 03 Aug 2022 00:00:00 GMT - Wed, 02 Aug 2023 23:59:59 GMT
File type ASCII text, with very long lines (30837)
Hash 109d1ed85cd01f9cdab73a4cac5bf80d
d6c6498ad46de2d8e2008a8ff68e364ae7f16b32
8b3a74fe462f5b3c0635995fd721a60eb640e237680b0b532b96711f2823e8bc
GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: cdnjs.cloudflare.com
Connection: keep-alive
Referer: https://release.okaynotification.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 30 Apr 2023 19:57:27 GMT
content-type: text/css; charset=utf-8
content-length: 5631
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-7918"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1553758
expires: Fri, 19 Apr 2024 19:57:27 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wvlRJa2XXY9ZgDojNsFkC%2BlhedpNJnaMmn4fkgvNnbHL6MxYZwRXUgaa4IlsvogkXNBWW%2FdefAZpCw1xW%2FxIaniCu8hVtEUBOIDQ7q4IOsmRu66zTF2uXOmGTmPdtcU%2Fw9VzCnQK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7c025a97caf7b4ed-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
142.250.74.106200 OK 31 kB URL GET HTTP/3 ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP 142.250.74.106:443
Requested by https://letter.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint78:8B:BB:40:DD:1D:5B:E9:7B:AA:CC:94:45:44:7F:FD:56:6E:E4:60
ValidityMon, 03 Apr 2023 08:24:24 GMT - Mon, 26 Jun 2023 08:24:23 GMT
File type ASCII text, with very long lines (65451)
Hash 903bc7a7e510f87aa5d0201eb59a0832
ac9aa4dd94cde1bcba9037e94087138b127e41fc
41a7ac8150cc9f38421451d5143c1ffec7a1f1fafbf7a7fc0f51b98ad699cf8f
GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: ajax.googleapis.com
Connection: keep-alive
Referer: https://release.okaynotification.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31021
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 29 Apr 2023 13:45:37 GMT
expires: Sun, 28 Apr 2024 13:45:37 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 108710
last-modified: Fri, 08 May 2020 07:05:03 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
memorandum.okaynotification.com/js2/t/video2/style.css
188.114.97.1200 OK 1.9 kB URL GET HTTP/3 memorandum.okaynotification.com/js2/t/video2/style.css
IP 188.114.97.1:443
Requested by https://memorandum.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintB1:D5:9F:E1:6D:C2:1B:25:B9:9A:2A:65:BA:39:DC:3F:31:04:4F:59
ValidityThu, 26 Jan 2023 00:00:00 GMT - Thu, 25 Jan 2024 23:59:59 GMT
File type ASCII text, with very long lines (2214), with no line terminators
Hash dd2ca9d687f5dc6385a6cdca0f6e65e4
1e4f737002517a67735987867e78919735a8184b
80e8328a1ec1663f25e52852041cffcefded5c9ca0d9a0e2a965a70443b197f3
GET /js2/t/video2/style.css HTTP/1.1
Host: memorandum.okaynotification.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: memorandum.okaynotification.com
Connection: keep-alive
Referer: https://memorandum.okaynotification.com/js2/t/video2/index.html
Cookie: jjj=18; u=31x4691x1543644ec8198b4c8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 30 Apr 2023 19:57:21 GMT
content-type: text/css
last-modified: Thu, 21 May 2020 13:08:20 GMT
vary: Accept-Encoding
etag: W/"5ec67d44-79a"
expires: Sun, 28 Apr 2024 17:28:59 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 95302
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WAH9L9zEbdHTs7Xw%2Bybnmp%2Ff%2FD4EMewAnWsTKdLfc2VUzBHqEstRKe%2FzfHt6ZCvTfON%2BAhyYRT8Wj0VsJE%2FD3LQMSnwW6q%2FaZ%2F2wig3pJYe1Zt9%2BWcwzvT6KLtA3Rk0aIPnnw7J6R2jDUS2Y%2BtyRC%2Bcl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c025a6edf160b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
directive.okaynotification.com/js2/t/video2/index.html
104.21.84.214200 OK 18 kB URL User Request GET HTTP/3 directive.okaynotification.com/js2/t/video2/index.html
IP 104.21.84.214:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintB1:D5:9F:E1:6D:C2:1B:25:B9:9A:2A:65:BA:39:DC:3F:31:04:4F:59
ValidityThu, 26 Jan 2023 00:00:00 GMT - Thu, 25 Jan 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /js2/t/video2/index.html HTTP/1.1
Host: directive.okaynotification.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crit.okaynotification.com/
Cookie: jjj=15; u=31x4691x1543644ec8198b4c8
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 30 Apr 2023 19:57:20 GMT
content-type: text/html
last-modified: Fri, 09 Oct 2020 15:22:15 GMT
vary: Accept-Encoding
expires: Mon, 29 Apr 2024 19:57:20 GMT
cache-control: max-age=31536000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y3GIp5%2BjsXJYWVepO4k1OM9UHVqS3uZpyTPuggkXbWdCFFQ%2FJ0pqf4WsYj0i9a2RTQxrdpyoXeMAKBvvAPbAInsuzmxhaKJ37f7WI6Tf75%2FmsXjfAscMyj4F4sHDLztwK9vtVCi1wmYy4%2Fg2B%2F3rLHA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c025a67ccfbfabc-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
news.okaynotification.com/js2/t/video2/inc.js
188.114.97.1200 OK 13 kB URL GET HTTP/3 news.okaynotification.com/js2/t/video2/inc.js
IP 188.114.97.1:443
Requested by https://news.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintB1:D5:9F:E1:6D:C2:1B:25:B9:9A:2A:65:BA:39:DC:3F:31:04:4F:59
ValidityThu, 26 Jan 2023 00:00:00 GMT - Thu, 25 Jan 2024 23:59:59 GMT
File type ASCII text, with CRLF line terminators
Hash 9a9be219ee1af9949fead4edb3b92006
ebccab958c1822defac53ff518fe6feba81dff93
2ddf117c0bdd9df9cfe9776bdbcb7146341023d6959360705437d8ffbf7e43ed
GET /js2/t/video2/inc.js HTTP/1.1
Host: news.okaynotification.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: news.okaynotification.com
Connection: keep-alive
Referer: https://news.okaynotification.com/js2/t/video2/index.html
Cookie: jjj=19; u=31x4691x1543644ec8198b4c8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 30 Apr 2023 19:57:21 GMT
content-type: application/javascript
last-modified: Mon, 16 Aug 2021 15:15:52 GMT
vary: Accept-Encoding
etag: W/"611a8128-3385"
expires: Sun, 28 Apr 2024 15:00:09 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 104232
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2S8GYxI692CIC96GTCKrlNwHERhtOBUNth%2F316WpLfkibQEDPZRKfGyGF8M%2F6%2BSz99d5QMfOIpg3duQD9PjLGXy%2FmSIY8HoQlls%2FIt2y5tjQZ6WxTf8DdVUQCeKdYHD0z3K1wZjQ%2BORDS9G3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c025a70d9ff0b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
word.okaynotification.com/js2/t/video2/index.html
0.0.0.0 0 B URL User Request GET word.okaynotification.com/js2/t/video2/index.html
IP 0.0.0.0:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /js2/t/video2/index.html HTTP/1.1
Host: word.okaynotification.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://note.okaynotification.com/
Cookie: jjj=21; u=31x4691x1543644ec8198b4c8
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
crit.okaynotification.com/js2/t/video2/index.html
104.21.84.214200 OK 18 kB URL User Request GET HTTP/3 crit.okaynotification.com/js2/t/video2/index.html
IP 104.21.84.214:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintB1:D5:9F:E1:6D:C2:1B:25:B9:9A:2A:65:BA:39:DC:3F:31:04:4F:59
ValidityThu, 26 Jan 2023 00:00:00 GMT - Thu, 25 Jan 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /js2/t/video2/index.html HTTP/1.1
Host: crit.okaynotification.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://big.okaynotification.com/
Cookie: jjj=14; u=31x4691x1543644ec8198b4c8
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 30 Apr 2023 19:57:19 GMT
content-type: text/html
last-modified: Fri, 09 Oct 2020 15:22:15 GMT
vary: Accept-Encoding
expires: Mon, 29 Apr 2024 19:57:19 GMT
cache-control: max-age=31536000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MIrqvsvg4ewutw%2F7qmQH%2FXgW%2B17QtRheBi5lBm6D%2FxAU4pnFkU1L6UoBM9b5R6E6Dgsalwa%2FYR5LniJ%2Bn2fFnCjPo07jXVov%2B8U1yAC71Alfo%2BMrnk0QHfYITY2EP%2FQD3dgSzcQKp3BWRldo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c025a65bb22fabc-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400