Report - officialgifts.xyz/1/prizewheel/cash/southacash/index.html?domain=continuetosite.com&brand&bemobdata=c=f1dbc182-b83d-46b6-9f65-cae297399468..l=33a2289c-59ff-42d4-b277-ec55bda1086a..a=0..b=0..r=http://continuetosite.com

Report Overview

Submitted URL
officialgifts.xyz/1/prizewheel/cash/southacash/index.html?domain=continuetosite.com&brand&bemobdata=c=f1dbc182-b83d-46b6-9f65-cae297399468..l=33a2289c-59ff-42d4-b277-ec55bda1086a..a=0..b=0..r=http://continuetosite.com
IP
69.175.50.100
ASN
#32475 SINGLEHOP-LLC
Submitted
2023-04-30 19:57:30
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
12

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
report.okaynotification.com	unknown	unknown	2022-06-06	2023-04-06	1.2 kB	37 kB	188.114.97.1
specializedlink.com	65789	unknown	2020-01-03	2023-04-20	448 B	500 B	46.4.25.9
message.okaynotification.com	622378	2021-06-14	2022-03-05	2023-04-28	507 B	60 kB	188.114.97.1
readnow.okaynotification.com	unknown	2021-06-14	2022-06-06	2023-04-27	602 B	64 kB	188.114.97.1
first.okaynotification.com	unknown	2021-06-14	2022-06-06	2023-04-27	602 B	31 kB	104.21.84.214
important.okaynotification.com	unknown	2021-06-14	2022-06-06	2023-04-27	558 B	35 kB	188.114.97.1
big.okaynotification.com	unknown	unknown	2022-06-06	2023-04-24	540 B	13 kB	104.21.84.214
admoustache.media-412.com	unknown	2019-02-26	2023-02-17	2023-04-30	684 B	426 B	34.91.27.112
yeah.achelous.mobi	unknown	2017-01-10	2022-06-03	2023-04-30	1.2 kB	2.2 kB	104.21.70.45
mainstreamlp.s3-eu-west-1.amazonaws.com	908911	2005-08-18	2020-05-26	2023-04-20	17 kB	1.5 MB	52.218.46.154
cannonball.okaynotification.com	unknown	unknown	2022-06-06	2023-04-18	1.2 kB	44 kB	188.114.97.1
alert.okaynotification.com	unknown	unknown	2022-06-06	2023-03-10	604 B	36 kB	188.114.97.1
ajax.googleapis.com	12905	2005-01-25	2013-08-16	2023-04-30	12 kB	832 kB	142.250.74.106
read.okaynotification.com	unknown	2021-06-14	2022-06-06	2023-04-27	542 B	9.8 kB	188.114.97.1
communication.okaynotification.com	unknown	unknown	2022-06-06	2023-04-06	1.2 kB	118 kB	188.114.97.1
officialgifts.xyz	unknown	unknown	2022-10-26	2023-04-27	3.3 kB	6.9 kB	69.175.50.100
update.okaynotification.com	unknown	2021-06-14	2022-06-06	2023-04-27	1.2 kB	57 kB	188.114.97.1
clik.okaynotification.com	unknown	2021-06-14	2022-06-06	2023-04-27	543 B	63 kB	188.114.97.1
declaration.okaynotification.com	unknown	unknown	2022-06-06	2023-03-30	613 B	61 kB	104.21.84.214
communique.okaynotification.com	unknown	unknown	2022-06-06	2023-04-06	615 B	62 kB	188.114.97.1
c.adups.app	unknown	2022-12-05	2022-12-05	2023-04-30	560 B	898 B	174.138.122.163
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17	2023-04-30	11 kB	146 kB	104.17.25.14
unread.okaynotification.com	unknown	2021-06-14	2022-06-06	2023-04-27	1.1 kB	68 kB	104.21.84.214
crit.okaynotification.com	unknown	unknown	2022-06-06	2023-04-24	2.3 kB	116 kB	104.21.84.214
news.okaynotification.com	unknown	unknown	2022-06-06	2023-04-18	1.7 kB	106 kB	188.114.97.1
4680104.catchtheclick.com	unknown	2018-07-10	2022-06-02	2023-04-30	653 B	1.1 kB	116.202.159.170
cdn.addlnk.com	246074	unknown	2017-05-11	2023-04-29	412 B	6.9 kB	172.67.158.251
now.okaynotification.com	unknown	2021-06-14	2022-06-03	2023-04-27	600 B	16 kB	188.114.97.1
warning.okaynotification.com	unknown	unknown	2022-06-06	2023-04-14	607 B	31 kB	104.21.84.214
word.okaynotification.com	unknown	unknown	2022-06-06	2023-04-18	1.7 kB	121 kB	188.114.97.1
www.turbotrck.art	unknown	2022-10-30	2022-10-30	2023-04-30	2.2 kB	5.8 kB	51.68.81.31
static.cloudflareinsights.com	1294	2019-08-30	2019-09-24	2023-04-30	494 B	7.2 kB	104.16.57.101
notice.okaynotification.com	unknown	2021-06-14	2022-02-16	2023-04-28	1.2 kB	37 kB	188.114.97.1
click.okaynotification.com	unknown	unknown	2022-06-06	2023-04-24	1.1 kB	94 kB	104.21.84.214
memorandum.okaynotification.com	unknown	2021-06-14	2022-06-06	2023-04-24	1.7 kB	49 kB	188.114.97.1
memo.okaynotification.com	unknown	unknown	2022-06-06	2023-04-24	602 B	32 kB	188.114.97.1
sms.okaynotification.com	unknown	2021-06-14	2022-06-05	2023-04-28	539 B	63 kB	188.114.97.1
directive.okaynotification.com	unknown	2021-06-14	2022-06-03	2023-04-27	1.8 kB	76 kB	104.21.84.214
letter.okaynotification.com	unknown	2021-06-14	2022-06-06	2023-04-27	1.2 kB	50 kB	104.21.84.214

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator
2023-04-30	medium	message.okaynotification.com/js2/t/video2/inc.js
2023-04-30	medium	word.okaynotification.com/js2/t/video2/index.html
2023-04-30	medium	cannonball.okaynotification.com/js2/t/video2/index.html
2023-04-30	medium	word.okaynotification.com/js2/t/video2/inc.js
2023-04-30	medium	cannonball.okaynotification.com/js2/t/video2/inc.js
2023-04-30	medium	word.okaynotification.com/js2/t/video2/index.html

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (2)

	URL	Size	First Seen	Last Seen
	ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js	90 kB	2023-03-07	2024-04-19
Pretty URL ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js IP 142.250.74.106 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-04-19 07:58:53 Times Seen138255 Hash dc5e7f18c8d36ac1d3d4753a87c98d0a c8e1c8b386dc5b7a9184c763c88d19a346eb3342 f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Loading...

	report.okaynotification.com/js2/t/video2/inc.js	13 kB	2023-03-07	2024-04-18
Pretty URL report.okaynotification.com/js2/t/video2/inc.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:03:10 Last Seen2024-04-18 14:56:15 Times Seen855 Hash 9a9be219ee1af9949fead4edb3b92006 ebccab958c1822defac53ff518fe6feba81dff93 2ddf117c0bdd9df9cfe9776bdbcb7146341023d6959360705437d8ffbf7e43ed Loading...

HTTP Transactions (146)

URL IP Response Size

officialgifts.xyz/1/prizewheel/cash/southacash/index.html?domain=continuetosite.com&brand&bemobdata=c=f1dbc182-b83d-46b6-9f65-cae297399468..l=33a2289c-59ff-42d4-b277-ec55bda1086a..a=0..b=0..r=http://continuetosite.com

69.175.50.100

162 B

URL
officialgifts.xyz/1/prizewheel/cash/southacash/index.html?domain=continuetosite.com&brand&bemobdata=c=f1dbc182-b83d-46b6-9f65-cae297399468..l=33a2289c-59ff-42d4-b277-ec55bda1086a..a=0..b=0..r=http://continuetosite.com
IP
69.175.50.100:0
ASN
#32475 SINGLEHOP-LLC

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

HTTP Headers

GET /1/prizewheel/cash/southacash/index.html?domain=continuetosite.com&brand&bemobdata=c=f1dbc182-b83d-46b6-9f65-cae297399468..l=33a2289c-59ff-42d4-b277-ec55bda1086a..a=0..b=0..r=http://continuetosite.com HTTP/1.1
Host: officialgifts.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 30 Apr 2023 19:57:09 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://officialgifts.xyz/1/prizewheel/cash/southacash/index.html?domain=continuetosite.com&brand&bemobdata=c=f1dbc182-b83d-46b6-9f65-cae297399468..l=33a2289c-59ff-42d4-b277-ec55bda1086a..a=0..b=0..r=http://continuetosite.com

officialgifts.xyz/favicon.ico

69.175.50.100

1.2 kB

URL
officialgifts.xyz/favicon.ico
IP
69.175.50.100:0
ASN
#32475 SINGLEHOP-LLC

File type
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Size
1.2 kB (1150 bytes)
Hash
91abe01116ab422c598e9c8af72cf4da
0f2815fe8e067d48537ad168225ab4674271fa27
b1d7aef06456fe7431124129a28f0138bb5fccfa4f4161e3087de23c005e5edc

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: officialgifts.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://officialgifts.xyz/?utm_term=7227934448807837740&ver=4viyaptcjo&utm_content=e6c2c6dcd68fd49594fc9695a6a79597828bb8888e8d88bd87b3c5b1c3b7b484b8b3b889bfbfbeb982b380b386b5b4b4a2aaa8a9afafacada2a3a091a7979495868a868d9d8c8d9d87ce90938f8a859783fbc9f9fecdc8fdc0c7f0f1f6919599b9aec8c9ffcffdfffaf3c0f0f6f5f0c5dadbd8d9e9e9e8e9e5e6e3e5efefe0ed1e12101c73
Cookie: u=95da386ce04fd830a9db4dd64cc7e9e0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 30 Apr 2023 19:57:11 GMT
content-type: image/x-icon
content-length: 1150
last-modified: Wed, 31 Jul 2019 07:48:51 GMT
etag: "5d4147e3-47e"
expires: Mon, 01 May 2023 19:57:11 GMT
cache-control: max-age=86400
strict-transport-security: max-age=31536000; includeSubdomains
accept-ranges: bytes
X-Firefox-Spdy: h2

officialgifts.xyz/sw.js?v=1682884631808

69.175.50.100

776 B

URL
officialgifts.xyz/sw.js?v=1682884631808
IP
69.175.50.100:0
ASN
#32475 SINGLEHOP-LLC

File type
ASCII text
Size
776 B (776 bytes)
Hash
200b680044776234a193b6ea3fcab9e6
19ba53c8c2b75eefe7bc9bed6c7aab3828a80e0b
c53c2f36055f0dd3c15231552ff5071ab389b3598d0b7721c0616e5c81913b70

HTTP Headers

GET /sw.js?v=1682884631808 HTTP/1.1
Host: officialgifts.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: u=95da386ce04fd830a9db4dd64cc7e9e0
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 30 Apr 2023 19:57:11 GMT
content-type: application/javascript
content-length: 776
last-modified: Mon, 10 Apr 2023 09:19:34 GMT
vary: Accept-Encoding
etag: "6433d4a6-308"
content-encoding: gzip
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline';
X-Firefox-Spdy: h2

officialgifts.xyz/favicon.ico

69.175.50.100

1.2 kB

URL
officialgifts.xyz/favicon.ico
IP
69.175.50.100:0
ASN
#32475 SINGLEHOP-LLC

File type
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Size
1.2 kB (1150 bytes)
Hash
91abe01116ab422c598e9c8af72cf4da
0f2815fe8e067d48537ad168225ab4674271fa27
b1d7aef06456fe7431124129a28f0138bb5fccfa4f4161e3087de23c005e5edc

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: officialgifts.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://officialgifts.xyz/proc.php?35fabeabebc8f7730b691acc986ff3f3a65fdc04
Cookie: u=95da386ce04fd830a9db4dd64cc7e9e0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 30 Apr 2023 19:57:11 GMT
content-type: image/x-icon
content-length: 1150
last-modified: Wed, 31 Jul 2019 07:48:51 GMT
etag: "5d4147e3-47e"
expires: Mon, 01 May 2023 19:57:11 GMT
cache-control: max-age=86400
strict-transport-security: max-age=31536000; includeSubdomains
accept-ranges: bytes
X-Firefox-Spdy: h2

www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7227934448807837740&website=13371-2ced4a67&placement=13371&utm_content=e6c2c6dcd68fd49594fc9695a6a79597828bb8888e8d88bd87b3c5b1c3b7b484b8b3b889bfbfbeb982b380b086b5b4b4a2aaa8a9afafacada2a3a091a7979495868a868d9d8c8d9d87ce90938f8a859783fbc9f9fecdc8fdc0c7f0f1f6919599b9aec8c9ffcffdfffaf3c0f0f6f5f0c5dadbd8d9e9e9e8e9e5e6e3e5efefe0ed1e12101c70

51.68.81.31

5.2 kB

URL
www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7227934448807837740&website=13371-2ced4a67&placement=13371&utm_content=e6c2c6dcd68fd49594fc9695a6a79597828bb8888e8d88bd87b3c5b1c3b7b484b8b3b889bfbfbeb982b380b086b5b4b4a2aaa8a9afafacada2a3a091a7979495868a868d9d8c8d9d87ce90938f8a859783fbc9f9fecdc8fdc0c7f0f1f6919599b9aec8c9ffcffdfffaf3c0f0f6f5f0c5dadbd8d9e9e9e8e9e5e6e3e5efefe0ed1e12101c70
IP
51.68.81.31:0
ASN
#16276 OVH SAS

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3760)
Size
5.2 kB (5179 bytes)
Hash
3ad1f2896ced5e4516da2b23cd43448b
b86d7239c391ac94e4fcf89e31a40cec3f41fab4
daa0d5bf6df6fb8b8389edf204d372b615e9d7cf100f3c746cdfe0729f42fdf0

HTTP Headers

GET /?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7227934448807837740&website=13371-2ced4a67&placement=13371&utm_content=e6c2c6dcd68fd49594fc9695a6a79597828bb8888e8d88bd87b3c5b1c3b7b484b8b3b889bfbfbeb982b380b086b5b4b4a2aaa8a9afafacada2a3a091a7979495868a868d9d8c8d9d87ce90938f8a859783fbc9f9fecdc8fdc0c7f0f1f6919599b9aec8c9ffcffdfffaf3c0f0f6f5f0c5dadbd8d9e9e9e8e9e5e6e3e5efefe0ed1e12101c70 HTTP/1.1
Host: www.turbotrck.art
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://officialgifts.xyz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 30 Apr 2023 19:57:11 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-transform
Accept-CH: Sec-CH-UA-Platform-Version

officialgifts.xyz/proc.php?35fabeabebc8f7730b691acc986ff3f3a65fdc04

69.175.50.100

1.5 kB

URL
officialgifts.xyz/proc.php?35fabeabebc8f7730b691acc986ff3f3a65fdc04
IP
69.175.50.100:0
ASN
#32475 SINGLEHOP-LLC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3588), with no line terminators
Size
1.5 kB (1542 bytes)
Hash
91548f2013fa54e3dd1a4a14da8bf1e9
beb1177f1734d44cd7b01158e6a3135fd3d9e9af
c2c8e7b98dfe4a4a25a7436e23a136f68ce2b3e671cb89de91edafcbcd946abe

HTTP Headers

GET /proc.php?35fabeabebc8f7730b691acc986ff3f3a65fdc04 HTTP/1.1
Host: officialgifts.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://officialgifts.xyz/?utm_term=7227934448807837740&ver=4viyaptcjo&utm_content=e6c2c6dcd68fd49594fc9695a6a79597828bb8888e8d88bd87b3c5b1c3b7b484b8b3b889bfbfbeb982b380b386b5b4b4a2aaa8a9afafacada2a3a091a7979495868a868d9d8c8d9d87ce90938f8a859783fbc9f9fecdc8fdc0c7f0f1f6919599b9aec8c9ffcffdfffaf3c0f0f6f5f0c5dadbd8d9e9e9e8e9e5e6e3e5efefe0ed1e12101c73
Cookie: u=95da386ce04fd830a9db4dd64cc7e9e0
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 30 Apr 2023 19:57:11 GMT
content-type: text/html; charset=UTF-8
location: https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7227934448807837740&website=13371-2ced4a67&placement=13371
vary: Accept-Encoding
x-powered-by: PHP/8.2.0
cache-control: no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubdomains
content-encoding: gzip
X-Firefox-Spdy: h2

51.68.81.31

0 B

URL
www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7227934448807837740&website=13371-2ced4a67&placement=13371&utm_content=e6c2c6dcd68fd49594fc9695a6a79597828bb8888e8d88bd87b3c5b1c3b7b484b8b3b889bfbfbeb982b380b086b5b4b4a2aaa8a9afafacada2a3a091a7979495868a868d9d8c8d9d87ce90938f8a859783fbc9f9fecdc8fdc0c7f0f1f6919599b9aec8c9ffcffdfffaf3c0f0f6f5f0c5dadbd8d9e9e9e8e9e5e6e3e5efefe0ed1e12101c70&eyeg=3&eyer=0.4023137579995162&eyei=0&eyew=1280&eyeh=1024&eyetd=220&eyef=officialgifts.xyz
IP
51.68.81.31:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7227934448807837740&website=13371-2ced4a67&placement=13371&utm_content=e6c2c6dcd68fd49594fc9695a6a79597828bb8888e8d88bd87b3c5b1c3b7b484b8b3b889bfbfbeb982b380b086b5b4b4a2aaa8a9afafacada2a3a091a7979495868a868d9d8c8d9d87ce90938f8a859783fbc9f9fecdc8fdc0c7f0f1f6919599b9aec8c9ffcffdfffaf3c0f0f6f5f0c5dadbd8d9e9e9e8e9e5e6e3e5efefe0ed1e12101c70&eyeg=3&eyer=0.4023137579995162&eyei=0&eyew=1280&eyeh=1024&eyetd=220&eyef=officialgifts.xyz HTTP/1.1
Host: www.turbotrck.art
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Date: Sun, 30 Apr 2023 19:57:11 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-transform
Location: https://admoustache.media-412.com/sl?id=63ef5a2a8dec34873b6049c7&pid=503&sub1=330007d4e8cd354af8ba39f572c290485eb540430-202304-flb*5564921-b2be6*M7227934448807837740*sl_5564921-b2be6*028836d419d0954796059858a508c60b1f3672c5*13371-2ced4a67*13371

admoustache.media-412.com/sl?id=63ef5a2a8dec34873b6049c7&pid=503&sub1=330007d4e8cd354af8ba39f572c290485eb540430-202304-flb*5564921-b2be6*M7227934448807837740*sl_5564921-b2be6*028836d419d0954796059858a508c60b1f3672c5*13371-2ced4a67*13371

34.91.27.112

0 B

URL
admoustache.media-412.com/sl?id=63ef5a2a8dec34873b6049c7&pid=503&sub1=330007d4e8cd354af8ba39f572c290485eb540430-202304-flb*5564921-b2be6*M7227934448807837740*sl_5564921-b2be6*028836d419d0954796059858a508c60b1f3672c5*13371-2ced4a67*13371
IP
34.91.27.112:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sl?id=63ef5a2a8dec34873b6049c7&pid=503&sub1=330007d4e8cd354af8ba39f572c290485eb540430-202304-flb*5564921-b2be6*M7227934448807837740*sl_5564921-b2be6*028836d419d0954796059858a508c60b1f3672c5*13371-2ced4a67*13371 HTTP/1.1
Host: admoustache.media-412.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
server: nginx
date: Sun, 30 Apr 2023 19:57:12 GMT
content-length: 0
location: https://yeah.achelous.mobi/rc/a91581ead4?affclick=644ec818dbc1df0001677aed&pubid=503
x-adjust-use-original-forwarded-for: 1
referer: 
referrer-policy: no-referrer
set-cookie: afclick=644ec818dbc1df0001677aed; expires=Mon, 29 Apr 2024 19:57:12 GMT; secure; SameSite=None
access-control-allow-origin: *
X-Firefox-Spdy: h2

www.turbotrck.art/favicon.ico

51.68.81.31

0 B

URL
www.turbotrck.art/favicon.ico
IP
51.68.81.31:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.turbotrck.art
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 204 No Content
Date: Sun, 30 Apr 2023 19:57:12 GMT
Connection: keep-alive

yeah.achelous.mobi/rc/a91581ead4?affclick=644ec818dbc1df0001677aed&pubid=503

104.21.70.45

748 B

URL
yeah.achelous.mobi/rc/a91581ead4?affclick=644ec818dbc1df0001677aed&pubid=503
IP
104.21.70.45:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (385)
Size
748 B (748 bytes)
Hash
ecc2ff1f796e03e622f8afe8986c29ff
87228d1a58964a63e7b2819f036e6fd1fc6b10c2
5ed47c83e3f13fc5ee5e42ea6305406c42d1f6458ccea18fb82980d46d828656

HTTP Headers

GET /rc/a91581ead4?affclick=644ec818dbc1df0001677aed&pubid=503 HTTP/1.1
Host: yeah.achelous.mobi
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 30 Apr 2023 19:57:12 GMT
content-type: text/html; charset=utf-8
set-cookie: AWSALB=W0O9MuCQv+S3Je1fZ/ptPXLFiJcY1Jvzs0tq7CIyv8MDV/U/+5cqSGbMi/zbxvxsGiWhmG2BlBbGKJRu0Km3axS0wrP0geoIkfOMdtQIpg1CTiAWzPFaMWC9I2H1; Expires=Sun, 07 May 2023 19:57:12 GMT; Path=/
AWSALBCORS=W0O9MuCQv+S3Je1fZ/ptPXLFiJcY1Jvzs0tq7CIyv8MDV/U/+5cqSGbMi/zbxvxsGiWhmG2BlBbGKJRu0Km3axS0wrP0geoIkfOMdtQIpg1CTiAWzPFaMWC9I2H1; Expires=Sun, 07 May 2023 19:57:12 GMT; Path=/; SameSite=None
vary: Accept-Encoding, Accept-Language, Cookie
content-language: en
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rURlqY8ZQ%2FXvJjZNH2t76qthImhl4JouBPBk31db3TWLZ64TJUxEyojuphYsXYDqGw7Jfl64wogn5NGa8w33Fn%2FW5Es9bwpsiAPh1EcJm1CFpgqx%2BZSoc1PoFMhuJtqPMaTbB7c%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c025a36ca591c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

static.cloudflareinsights.com/beacon.min.js/v52afc6f149f6479b8c77fa569edb01181681764108816

104.16.57.101

6.8 kB

URL
static.cloudflareinsights.com/beacon.min.js/v52afc6f149f6479b8c77fa569edb01181681764108816
IP
104.16.57.101:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (19927), with no line terminators
Size
6.8 kB (6835 bytes)
Hash
982e2a41ce42ac036b89fd411ad5a674
6e4487f7cd52ef35f1a47b8d2ae58fde2ece8839
ab18d62d7417d67b23b3f1825fe951eb7c19cf8e6067a06d08ff15a0760b5405

HTTP Headers

GET /beacon.min.js/v52afc6f149f6479b8c77fa569edb01181681764108816 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://yeah.achelous.mobi
Connection: keep-alive
Referer: https://yeah.achelous.mobi/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 30 Apr 2023 19:57:12 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/2023.4.2
last-modified: Mon, 17 Apr 2023 20:41:48 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c025a397dd4b4f1-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

c.adups.app/36399?click=pub12c5b2c506de455080d37e8119614669&pubid=f31e77b4

174.138.122.163

410 B

URL
c.adups.app/36399?click=pub12c5b2c506de455080d37e8119614669&pubid=f31e77b4
IP
174.138.122.163:0
ASN
#14061 DIGITALOCEAN-ASN

File type
HTML document, ASCII text, with very long lines (410), with no line terminators
Size
410 B (410 bytes)
Hash
fb651ab3286dea075c99967e02ce0b7b
f4215e00be775633e6228aa1c995977115baee71
1b0b4583d63c826195e15a7144bf4df9411cade63282658b82fdd294d8156141

HTTP Headers

GET /36399?click=pub12c5b2c506de455080d37e8119614669&pubid=f31e77b4 HTTP/1.1
Host: c.adups.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://yeah.achelous.mobi/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
x-powered-by: Express
surrogate-control: no-store
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
pragma: no-cache
expires: 0
location: https://4680104.catchtheclick.com/?mob=ZE1o5_7iTZ85l3-QYxXlnLbGYTpmTJ-hojm6gkhLP5UDFVVz1-Uh0cA0IvAKYdcGHKZePq2lYxzxgBIkrpMzTg&clickid=23E01012713A036399029885PI33I&pubid=36399
vary: Accept, Accept-Encoding
content-type: text/html; charset=utf-8
content-length: 410
date: Sun, 30 Apr 2023 19:57:13 GMT

4680104.catchtheclick.com/?mob=ZE1o5_7iTZ85l3-QYxXlnLbGYTpmTJ-hojm6gkhLP5UDFVVz1-Uh0cA0IvAKYdcGHKZePq2lYxzxgBIkrpMzTg&clickid=23E01012713A036399029885PI33I&pubid=36399

116.202.159.170

897 B

URL
4680104.catchtheclick.com/?mob=ZE1o5_7iTZ85l3-QYxXlnLbGYTpmTJ-hojm6gkhLP5UDFVVz1-Uh0cA0IvAKYdcGHKZePq2lYxzxgBIkrpMzTg&clickid=23E01012713A036399029885PI33I&pubid=36399
IP
116.202.159.170:0
ASN
#24940 Hetzner Online GmbH

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (813), with CRLF line terminators
Size
897 B (897 bytes)
Hash
49abc93935bc8ddf9b812f670a74d0cb
883e1c1783dd5ffd4f90e216397429659772fdae
de6944797f31cfbff36dfb1ea2dfbeaef1828cbcddf8bf198a8fa124ae77f833

HTTP Headers

GET /?mob=ZE1o5_7iTZ85l3-QYxXlnLbGYTpmTJ-hojm6gkhLP5UDFVVz1-Uh0cA0IvAKYdcGHKZePq2lYxzxgBIkrpMzTg&clickid=23E01012713A036399029885PI33I&pubid=36399 HTTP/1.1
Host: 4680104.catchtheclick.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://yeah.achelous.mobi/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.16.1 (Ubuntu)
Date: Sun, 30 Apr 2023 19:57:13 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip

yeah.achelous.mobi/cdn-cgi/rum?

104.21.70.45

0 B

URL
yeah.achelous.mobi/cdn-cgi/rum?
IP
104.21.70.45:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /cdn-cgi/rum? HTTP/1.1
Host: yeah.achelous.mobi
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 504
Origin: https://yeah.achelous.mobi
Alt-Used: yeah.achelous.mobi
Connection: keep-alive
Referer: https://yeah.achelous.mobi/rc/a91581ead4?affclick=644ec818dbc1df0001677aed&pubid=503
Cookie: AWSALB=W0O9MuCQv+S3Je1fZ/ptPXLFiJcY1Jvzs0tq7CIyv8MDV/U/+5cqSGbMi/zbxvxsGiWhmG2BlBbGKJRu0Km3axS0wrP0geoIkfOMdtQIpg1CTiAWzPFaMWC9I2H1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/3 204 No Content
date: Sun, 30 Apr 2023 19:57:13 GMT
access-control-allow-origin: https://yeah.achelous.mobi
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 7c025a405a69b509-OSL
x-frame-options: DENY
x-content-type-options: nosniff

cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

104.17.25.14

200 OK

5.6 kB

URL GET HTTP/3
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://memorandum.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA9:11:71:07:07:92:48:7E:A9:3C:E8:32:25:3F:EB:AC:7D:51:7E:8F
ValidityWed, 03 Aug 2022 00:00:00 GMT - Wed, 02 Aug 2023 23:59:59 GMT

File type
ASCII text, with very long lines (30837)
Size
5.6 kB (5631 bytes)
Hash
109d1ed85cd01f9cdab73a4cac5bf80d
d6c6498ad46de2d8e2008a8ff68e364ae7f16b32
8b3a74fe462f5b3c0635995fd721a60eb640e237680b0b532b96711f2823e8bc

HTTP Headers

GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://message.okaynotification.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 30 Apr 2023 19:57:14 GMT
content-type: text/css; charset=utf-8
content-length: 5631
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-7918"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1553745
expires: Fri, 19 Apr 2024 19:57:14 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PCZp9BNE6zEqjXwvMC4LLXb39GfiZP%2FrOH1uDmMv74MHsu8rHxlkR%2BlVLrGvfFMICENy10%2FD%2Bymvr9zQEZe0VcftRh4%2BTKcuBjVU%2FKN8hG7iOVqlC0emaxLsaxyT7gYbI0q63Bqq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7c025a42cbb40afa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

142.250.74.106

200 OK

31 kB

URL GET HTTP/3
ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://letter.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint78:8B:BB:40:DD:1D:5B:E9:7B:AA:CC:94:45:44:7F:FD:56:6E:E4:60
ValidityMon, 03 Apr 2023 08:24:24 GMT - Mon, 26 Jun 2023 08:24:23 GMT

File type
ASCII text, with very long lines (65451)
Size
31 kB (31021 bytes)
Hash
903bc7a7e510f87aa5d0201eb59a0832
ac9aa4dd94cde1bcba9037e94087138b127e41fc
41a7ac8150cc9f38421451d5143c1ffec7a1f1fafbf7a7fc0f51b98ad699cf8f

HTTP Headers

GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://message.okaynotification.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31021
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 29 Apr 2023 13:45:37 GMT
expires: Sun, 28 Apr 2024 13:45:37 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 108697
last-modified: Fri, 08 May 2020 07:05:03 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

specializedlink.com/c.php

46.4.25.9

0 B

URL
specializedlink.com/c.php
IP
46.4.25.9:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /c.php HTTP/1.1
Host: specializedlink.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://message.okaynotification.com/
Origin: https://message.okaynotification.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 30 Apr 2023 19:57:14 GMT
Content-Type: application/octet-stream
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://message.okaynotification.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range

mainstreamlp.s3-eu-west-1.amazonaws.com/cassandra/unnamed.gif

52.218.46.154

200 OK

56 kB

URL GET HTTP/1.1
mainstreamlp.s3-eu-west-1.amazonaws.com/cassandra/unnamed.gif
IP
52.218.46.154:443
ASN
#16509 AMAZON-02

Requested by
https://news.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate
IssuerAmazon
Subject*.s3-eu-west-1.amazonaws.com
Fingerprint65:68:E2:68:16:9C:A1:45:3E:AA:7F:E8:6C:8C:07:12:86:2D:DC:10
ValidityWed, 21 Sep 2022 00:00:00 GMT - Wed, 30 Aug 2023 23:59:59 GMT

File type
GIF image data, version 89a, 250 x 200\012- data
Size
56 kB (55495 bytes)
Hash
426e71e4e8b69c27ca1530ad8ea0f337
25491dd7883395b030d8e57364878ce642834e37
29439e6057faf7858a2ebb5844b6f2751386bd4c39648ea3c2c60d5e1a3f17f1

HTTP Headers

GET /cassandra/unnamed.gif HTTP/1.1
Host: mainstreamlp.s3-eu-west-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://message.okaynotification.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: GPh1GXq1IAGxtR4M/5uxxzRxvR8YT9jsjrr9VqvuGkFmMgjEKYHF6vx4zIJ8zC5kwfWCoPnUq3E=
x-amz-request-id: 0A0R25XJ8C7AAYDC
Date: Sun, 30 Apr 2023 19:57:15 GMT
Last-Modified: Wed, 20 May 2020 16:12:00 GMT
ETag: "426e71e4e8b69c27ca1530ad8ea0f337"
Accept-Ranges: bytes
Content-Type: image/gif
Server: AmazonS3
Content-Length: 55495

mainstreamlp.s3-eu-west-1.amazonaws.com/cassandra/giphy.gif

52.218.46.154

25 kB

URL GET
mainstreamlp.s3-eu-west-1.amazonaws.com/cassandra/giphy.gif
IP
52.218.46.154:0
ASN
#16509 AMAZON-02

Requested by
https://note.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate
IssuerAmazon
Subject*.s3-eu-west-1.amazonaws.com
Fingerprint65:68:E2:68:16:9C:A1:45:3E:AA:7F:E8:6C:8C:07:12:86:2D:DC:10
ValidityWed, 21 Sep 2022 00:00:00 GMT - Wed, 30 Aug 2023 23:59:59 GMT

File type
GIF image data, version 89a, 480 x 480\012- data
Size
25 kB (24722 bytes)
Hash
7e3fce0b52710d1cff60184ab6957570
44d0b8f01481a72a93da9a5b37898d15d33e6ad6
b0f4b9ef95abb8ac47aeea2bedfbcd0df609b82a1c6cb4f73497a3b061929074

HTTP Headers

GET /cassandra/giphy.gif HTTP/1.1
Host: mainstreamlp.s3-eu-west-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://message.okaynotification.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: faq7oTqFoN2FzEhxndubLiZk81Wuoo4l8tqWiJbRbHVap6yak9708LvC0QQCUtq8elIH4+CFjLw=
x-amz-request-id: 0A0PMAWREH7FJACW
Date: Sun, 30 Apr 2023 19:57:15 GMT
Last-Modified: Wed, 20 May 2020 16:30:23 GMT
ETag: "7e3fce0b52710d1cff60184ab6957570"
Accept-Ranges: bytes
Content-Type: image/gif
Server: AmazonS3
Content-Length: 24722

cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

104.17.25.14

200 OK

5.6 kB

URL GET HTTP/3
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://memorandum.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA9:11:71:07:07:92:48:7E:A9:3C:E8:32:25:3F:EB:AC:7D:51:7E:8F
ValidityWed, 03 Aug 2022 00:00:00 GMT - Wed, 02 Aug 2023 23:59:59 GMT

File type
ASCII text, with very long lines (30837)
Size
5.6 kB (5631 bytes)
Hash
109d1ed85cd01f9cdab73a4cac5bf80d
d6c6498ad46de2d8e2008a8ff68e364ae7f16b32
8b3a74fe462f5b3c0635995fd721a60eb640e237680b0b532b96711f2823e8bc

HTTP Headers

GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: cdnjs.cloudflare.com
Connection: keep-alive
Referer: https://sms.okaynotification.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 30 Apr 2023 19:57:14 GMT
content-type: text/css; charset=utf-8
content-length: 5631
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-7918"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1553745
expires: Fri, 19 Apr 2024 19:57:14 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YoV2s%2BGvKc%2FMs4Ls1EMSBPScXP8wvPro8mTj6kGnyY5MXbjo4n05J38APnxtUMOxmunnwA3NFmBO6TLDltfJA3dhcSLeDM57ymbRPXtvr9Cl4E1hvVo79AaufJJgHbxOb8Kj00uR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7c025a470ae3b4ed-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

142.250.74.106

200 OK

31 kB

URL GET HTTP/3
ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://letter.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint78:8B:BB:40:DD:1D:5B:E9:7B:AA:CC:94:45:44:7F:FD:56:6E:E4:60
ValidityMon, 03 Apr 2023 08:24:24 GMT - Mon, 26 Jun 2023 08:24:23 GMT

File type
ASCII text, with very long lines (65451)
Size
31 kB (31021 bytes)
Hash
903bc7a7e510f87aa5d0201eb59a0832
ac9aa4dd94cde1bcba9037e94087138b127e41fc
41a7ac8150cc9f38421451d5143c1ffec7a1f1fafbf7a7fc0f51b98ad699cf8f

HTTP Headers

GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: ajax.googleapis.com
Connection: keep-alive
Referer: https://sms.okaynotification.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31021
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 29 Apr 2023 13:45:37 GMT
expires: Sun, 28 Apr 2024 13:45:37 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 108697
last-modified: Fri, 08 May 2020 07:05:03 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

mainstreamlp.s3-eu-west-1.amazonaws.com/cassandra/giphy.gif

52.218.46.154

25 kB

URL GET
mainstreamlp.s3-eu-west-1.amazonaws.com/cassandra/giphy.gif
IP
52.218.46.154:0
ASN
#16509 AMAZON-02

Requested by
https://note.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate
IssuerAmazon
Subject*.s3-eu-west-1.amazonaws.com
Fingerprint65:68:E2:68:16:9C:A1:45:3E:AA:7F:E8:6C:8C:07:12:86:2D:DC:10
ValidityWed, 21 Sep 2022 00:00:00 GMT - Wed, 30 Aug 2023 23:59:59 GMT

File type
GIF image data, version 89a, 480 x 480\012- data
Size
25 kB (24722 bytes)
Hash
7e3fce0b52710d1cff60184ab6957570
44d0b8f01481a72a93da9a5b37898d15d33e6ad6
b0f4b9ef95abb8ac47aeea2bedfbcd0df609b82a1c6cb4f73497a3b061929074

HTTP Headers

GET /cassandra/giphy.gif HTTP/1.1
Host: mainstreamlp.s3-eu-west-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sms.okaynotification.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: 5ZzrGoE49gXWo5dYBa7XwRNf/62wr2J2vQdTd0RmuiX28YzJZ3X1aDFmMagiXtd+w06QOp5Ku3E=
x-amz-request-id: 0A0X7WCCA63DBTKD
Date: Sun, 30 Apr 2023 19:57:15 GMT
Last-Modified: Wed, 20 May 2020 16:30:23 GMT
ETag: "7e3fce0b52710d1cff60184ab6957570"
Accept-Ranges: bytes
Content-Type: image/gif
Server: AmazonS3
Content-Length: 24722

mainstreamlp.s3-eu-west-1.amazonaws.com/cassandra/unnamed.gif

52.218.46.154

200 OK

56 kB

URL GET HTTP/1.1
mainstreamlp.s3-eu-west-1.amazonaws.com/cassandra/unnamed.gif
IP
52.218.46.154:443
ASN
#16509 AMAZON-02

Requested by
https://news.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate
IssuerAmazon
Subject*.s3-eu-west-1.amazonaws.com
Fingerprint65:68:E2:68:16:9C:A1:45:3E:AA:7F:E8:6C:8C:07:12:86:2D:DC:10
ValidityWed, 21 Sep 2022 00:00:00 GMT - Wed, 30 Aug 2023 23:59:59 GMT

File type
GIF image data, version 89a, 250 x 200\012- data
Size
56 kB (55495 bytes)
Hash
426e71e4e8b69c27ca1530ad8ea0f337
25491dd7883395b030d8e57364878ce642834e37
29439e6057faf7858a2ebb5844b6f2751386bd4c39648ea3c2c60d5e1a3f17f1

HTTP Headers

GET /cassandra/unnamed.gif HTTP/1.1
Host: mainstreamlp.s3-eu-west-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sms.okaynotification.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: roWqYWDAuAxzO3sk/Dr7HDVWILH+Zkskn5MkZ+9nZ8eCGrxxAPhnIN+2HumIHgKm9OwGEhoD5+4=
x-amz-request-id: 0A0TDQ6CGBJS9NYS
Date: Sun, 30 Apr 2023 19:57:15 GMT
Last-Modified: Wed, 20 May 2020 16:12:00 GMT
ETag: "426e71e4e8b69c27ca1530ad8ea0f337"
Accept-Ranges: bytes
Content-Type: image/gif
Server: AmazonS3
Content-Length: 55495

cdn.addlnk.com/redirect.css

172.67.158.251

6.0 kB

URL
cdn.addlnk.com/redirect.css
IP
172.67.158.251:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (1242), with no line terminators
Size
6.0 kB (6027 bytes)
Hash
e7f6196e538c17e20d67421bbbc3f16b
1e65700805607f61c8fe60869da36305f565573e
0e4892d75cb23961a4e7f062b7800e4e0a685f73eff012b55d735ed9c2c5b2b8

HTTP Headers

GET /redirect.css HTTP/1.1
Host: cdn.addlnk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://yeah.achelous.mobi/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 30 Apr 2023 19:57:12 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=1680
etag: W/"3ae56d32551602b41f9046c14d1cfde2"
last-modified: Wed, 13 Mar 2019 00:03:12 GMT
x-amz-id-2: hoKGF2DENF0Fxpfk9aX2Txj0orTMbszygnDmGFSC4SoL/4C3WQsM9k4Y5ZmrshXNgXN64qzAUMY=
x-amz-request-id: 9NDC432NBG524RW1
cf-cache-status: HIT
age: 2996
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yze3Bbq2%2Fjigtcaq%2B1Fc%2B%2FYhTdrSBOL2Qa9E2NTg2DXM%2FkM15fnjokkkXpGDdeliSAS0Q471xtMZxUkYHzdE1GDdKPj0nRyDqBJe17XULjwSSFWyt6dbTJzOLfbd1LDuYw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c025a397803b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

142.250.74.106

200 OK

31 kB

URL GET HTTP/3
ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://letter.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint78:8B:BB:40:DD:1D:5B:E9:7B:AA:CC:94:45:44:7F:FD:56:6E:E4:60
ValidityMon, 03 Apr 2023 08:24:24 GMT - Mon, 26 Jun 2023 08:24:23 GMT

File type
ASCII text, with very long lines (65451)
Size
31 kB (31021 bytes)
Hash
903bc7a7e510f87aa5d0201eb59a0832
ac9aa4dd94cde1bcba9037e94087138b127e41fc
41a7ac8150cc9f38421451d5143c1ffec7a1f1fafbf7a7fc0f51b98ad699cf8f

HTTP Headers

GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: ajax.googleapis.com
Connection: keep-alive
Referer: https://notice.okaynotification.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31021
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 29 Apr 2023 13:45:37 GMT
expires: Sun, 28 Apr 2024 13:45:37 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 108698
last-modified: Fri, 08 May 2020 07:05:03 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

mainstreamlp.s3-eu-west-1.amazonaws.com/cassandra/giphy.gif

52.218.46.154

25 kB

URL GET
mainstreamlp.s3-eu-west-1.amazonaws.com/cassandra/giphy.gif
IP
52.218.46.154:0
ASN
#16509 AMAZON-02

Requested by
https://note.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate
IssuerAmazon
Subject*.s3-eu-west-1.amazonaws.com
Fingerprint65:68:E2:68:16:9C:A1:45:3E:AA:7F:E8:6C:8C:07:12:86:2D:DC:10
ValidityWed, 21 Sep 2022 00:00:00 GMT - Wed, 30 Aug 2023 23:59:59 GMT

File type
GIF image data, version 89a, 480 x 480\012- data
Size
25 kB (24722 bytes)
Hash
7e3fce0b52710d1cff60184ab6957570
44d0b8f01481a72a93da9a5b37898d15d33e6ad6
b0f4b9ef95abb8ac47aeea2bedfbcd0df609b82a1c6cb4f73497a3b061929074

HTTP Headers

GET /cassandra/giphy.gif HTTP/1.1
Host: mainstreamlp.s3-eu-west-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://notice.okaynotification.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: XJ5QIDxRlymSuDpCz7DpyM0AAvVvaz/VZ34vhk81EhAlKZOYI0v8TNhFIwkY/dZJI9SfuhEOjTk=
x-amz-request-id: 0J6HMDD54DG71HAK
Date: Sun, 30 Apr 2023 19:57:16 GMT
Last-Modified: Wed, 20 May 2020 16:30:23 GMT
ETag: "7e3fce0b52710d1cff60184ab6957570"
Accept-Ranges: bytes
Content-Type: image/gif
Server: AmazonS3
Content-Length: 24722

message.okaynotification.com/js2/t/video2/inc.js

188.114.97.1

59 kB

URL
message.okaynotification.com/js2/t/video2/inc.js
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with CRLF line terminators
Size
59 kB (58922 bytes)
Hash
4dd768e4bcb420c52e6df1122e041b14
033a248325d1c6bcc2a7427e349716aa7855c32f
36f52bc449a96c0b44a07ad23bbf42d0b146294ab19ce7325f431fae6bff7800

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js2/t/video2/inc.js HTTP/1.1
Host: message.okaynotification.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: message.okaynotification.com
Connection: keep-alive
Referer: https://message.okaynotification.com/js2/t/video2/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 30 Apr 2023 19:57:14 GMT
content-type: application/javascript
last-modified: Mon, 16 Aug 2021 15:15:52 GMT
vary: Accept-Encoding
etag: W/"611a8128-3385"
expires: Thu, 21 Mar 2024 18:07:04 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3376210
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8wYweVdApO9AW%2BhX8nTXCA6hzf3XaCui6MXLzaEALLTG90yCJEw44MmBv34iDV2ALSJ70SKnaGQcYZi3lIcd4cuodqDnk1TXcx0kkSOlBpYmHfm0ix5UUzLs%2BAk2WT2t2ercmOz7o%2BuWFNBAJQHQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c025a42abcb0b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

notice.okaynotification.com/js2/t/video2/style.css

188.114.97.1

6.4 kB

URL
notice.okaynotification.com/js2/t/video2/style.css
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with CRLF line terminators
Size
6.4 kB (6366 bytes)
Hash
863f82425fed23693ddd699c5d52b1c4
bf3a511ad303afda4f52b610643312a69ac3b7a7
e2ffef5a85b8a2ed5bf00addc3bca15bcb38ae351c7820d8c411f742f7b30a78

HTTP Headers

GET /js2/t/video2/style.css HTTP/1.1
Host: notice.okaynotification.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: notice.okaynotification.com
Connection: keep-alive
Referer: https://notice.okaynotification.com/js2/t/video2/index.html
Cookie: jjj=2; u=31x4691x1543644ec8198b4c8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 30 Apr 2023 19:57:15 GMT
content-type: text/css
last-modified: Thu, 21 May 2020 13:08:20 GMT
vary: Accept-Encoding
etag: W/"5ec67d44-79a"
expires: Sun, 28 Apr 2024 10:25:03 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 120732
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7HuBRnCt8dZfxj%2BHGVUy41jBrqpgt32L5Np4bTAPkEa%2BwqEpYQrro5L5U4IfYydyzcKd2kspcVKDot50ZnTuJykLBcD5tOIcGDksNpV4RkmvOcJX3S5J3zVmmp8mAqWCKQK%2BBe6DbDy69RpDTJA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c025a498ac40b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

142.250.74.106

200 OK

31 kB

URL GET HTTP/3
ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://letter.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint78:8B:BB:40:DD:1D:5B:E9:7B:AA:CC:94:45:44:7F:FD:56:6E:E4:60
ValidityMon, 03 Apr 2023 08:24:24 GMT - Mon, 26 Jun 2023 08:24:23 GMT

File type
ASCII text, with very long lines (65451)
Size
31 kB (31021 bytes)
Hash
903bc7a7e510f87aa5d0201eb59a0832
ac9aa4dd94cde1bcba9037e94087138b127e41fc
41a7ac8150cc9f38421451d5143c1ffec7a1f1fafbf7a7fc0f51b98ad699cf8f

HTTP Headers

GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: ajax.googleapis.com
Connection: keep-alive
Referer: https://click.okaynotification.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31021
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 29 Apr 2023 13:45:37 GMT
expires: Sun, 28 Apr 2024 13:45:37 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 108698
last-modified: Fri, 08 May 2020 07:05:03 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

notice.okaynotification.com/js2/t/video2/index.html

188.114.97.1

29 kB

URL
notice.okaynotification.com/js2/t/video2/index.html
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1051), with CRLF line terminators
Size
29 kB (29422 bytes)
Hash
f6da507a38cbe2d9fa102d3f6a26db5f
9f6639cf958cf5e501cda7ea325c7703ee908dc8
0382880d1a9d8dbecd536d721ffbd7738c16e2f476b10c65d479979207190d2a

HTTP Headers

GET /js2/t/video2/index.html HTTP/1.1
Host: notice.okaynotification.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sms.okaynotification.com/
Cookie: jjj=2; u=31x4691x1543644ec8198b4c8
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 30 Apr 2023 19:57:15 GMT
content-type: text/html
last-modified: Fri, 09 Oct 2020 15:22:15 GMT
vary: Accept-Encoding
expires: Mon, 29 Apr 2024 19:57:15 GMT
cache-control: max-age=31536000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5YaupYYUhbeEJVMU3ckvxTGqHqVJZFGz3HynQ4pFLdaqvqQqTW7be75GPLj0Ixa4boezD%2F9JzB2x2xXcXeN23suso1xyVskIspRJulwZrRJM%2BYXy%2FS4bmquReELARJa84j0KuQcOsYu%2FUSRyX3A%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c025a4879720b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

sms.okaynotification.com/js2/t/video2/inc.js

188.114.97.1

62 kB

URL
sms.okaynotification.com/js2/t/video2/inc.js
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with CRLF line terminators
Size
62 kB (62349 bytes)
Hash
7c28dce86184b25ec0874ff61684286b
904deee87170755eb416f855e6cde05a3c0a54b3
f9a2072e3b9dc164919a19382ebd95e110bf91f81947357dfd877878fd2dd7c0

HTTP Headers

GET /js2/t/video2/inc.js HTTP/1.1
Host: sms.okaynotification.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: sms.okaynotification.com
Connection: keep-alive
Referer: https://sms.okaynotification.com/js2/t/video2/index.html
Cookie: jjj=1; u=31x4691x1543644ec8198b4c8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 30 Apr 2023 19:57:14 GMT
content-type: application/javascript
last-modified: Mon, 16 Aug 2021 15:15:52 GMT
vary: Accept-Encoding
etag: W/"611a8128-3385"
expires: Mon, 22 Apr 2024 08:22:59 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 646455
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eiI1JqIGbmCg9vceUQQUJ28UYzQCthxnfKbwZWMu1ml3JWkMirDtltKsxzQrBTU%2BR8Hbh1da5sEochOoMXn85h%2FkLUVt0uno1kDlv61IzMD77azoFB7UJxVcw8aj2ipuRp29GpgkSPufjmI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c025a471fd60b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

104.17.25.14

200 OK

5.6 kB

URL GET HTTP/3
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://memorandum.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA9:11:71:07:07:92:48:7E:A9:3C:E8:32:25:3F:EB:AC:7D:51:7E:8F
ValidityWed, 03 Aug 2022 00:00:00 GMT - Wed, 02 Aug 2023 23:59:59 GMT

File type
ASCII text, with very long lines (30837)
Size
5.6 kB (5631 bytes)
Hash
109d1ed85cd01f9cdab73a4cac5bf80d
d6c6498ad46de2d8e2008a8ff68e364ae7f16b32
8b3a74fe462f5b3c0635995fd721a60eb640e237680b0b532b96711f2823e8bc

HTTP Headers

GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: cdnjs.cloudflare.com
Connection: keep-alive
Referer: https://update.okaynotification.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 30 Apr 2023 19:57:16 GMT
content-type: text/css; charset=utf-8
content-length: 5631
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-7918"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1553747
expires: Fri, 19 Apr 2024 19:57:16 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zOslNoGw8jeGdM4YyNR9d3ULwdnwo1wemAx8sMUnT1j7wy1o1NaqjA6g2QuW8pqMas7cHAqXX9NEgAKvb0RJFyPFPleagdpNgwGohLkYvTWZrqKrfnvkGwPUTQRn9DfWt73FHq5z"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7c025a4f8fe3b4ed-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

142.250.74.106

200 OK

31 kB

URL GET HTTP/3
ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://letter.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint78:8B:BB:40:DD:1D:5B:E9:7B:AA:CC:94:45:44:7F:FD:56:6E:E4:60
ValidityMon, 03 Apr 2023 08:24:24 GMT - Mon, 26 Jun 2023 08:24:23 GMT

File type
ASCII text, with very long lines (65451)
Size
31 kB (31021 bytes)
Hash
903bc7a7e510f87aa5d0201eb59a0832
ac9aa4dd94cde1bcba9037e94087138b127e41fc
41a7ac8150cc9f38421451d5143c1ffec7a1f1fafbf7a7fc0f51b98ad699cf8f

HTTP Headers

GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: ajax.googleapis.com
Connection: keep-alive
Referer: https://update.okaynotification.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31021
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 29 Apr 2023 13:45:37 GMT
expires: Sun, 28 Apr 2024 13:45:37 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 108699
last-modified: Fri, 08 May 2020 07:05:03 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

update.okaynotification.com/js2/t/video2/style.css

188.114.97.1

26 kB

URL
update.okaynotification.com/js2/t/video2/style.css
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with CRLF line terminators
Size
26 kB (25457 bytes)
Hash
61fadcc0fac3d7335dd2800ceef516f0
7bc11bfe730f610c74351741706b5415a4a59fd2
65b1b23954405e06a63d48694adee3a33acb76c83bbd360c95aa8ec97feb6a98

HTTP Headers

GET /js2/t/video2/style.css HTTP/1.1
Host: update.okaynotification.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: update.okaynotification.com
Connection: keep-alive
Referer: https://update.okaynotification.com/js2/t/video2/index.html
Cookie: jjj=4; u=31x4691x1543644ec8198b4c8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 30 Apr 2023 19:57:16 GMT
content-type: text/css
last-modified: Thu, 21 May 2020 13:08:20 GMT
vary: Accept-Encoding
etag: W/"5ec67d44-79a"
expires: Fri, 26 Apr 2024 12:41:26 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 285350
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S3jGnfHbXNQuxzgYRSQHQDT436Js8SsKQIIPXOhptf0xGfKDeBZGC1CkP2mqq%2B2jvUd3PDIJhaPsCW7H%2BZLpHNzWN7B%2ByagJmssrMx0HVLh7W0DIhfFu206ix6jKUpi1HHzOM4mHLx03CjCO9IA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c025a4f89e80b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

click.okaynotification.com/js2/t/video2/inc.js

104.21.84.214

62 kB

URL
click.okaynotification.com/js2/t/video2/inc.js
IP
104.21.84.214:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with CRLF line terminators
Size
62 kB (62349 bytes)
Hash
7c28dce86184b25ec0874ff61684286b
904deee87170755eb416f855e6cde05a3c0a54b3
f9a2072e3b9dc164919a19382ebd95e110bf91f81947357dfd877878fd2dd7c0

HTTP Headers

GET /js2/t/video2/inc.js HTTP/1.1
Host: click.okaynotification.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: click.okaynotification.com
Connection: keep-alive
Referer: https://click.okaynotification.com/js2/t/video2/index.html
Cookie: jjj=3; u=31x4691x1543644ec8198b4c8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 30 Apr 2023 19:57:15 GMT
content-type: application/javascript
last-modified: Mon, 16 Aug 2021 15:15:52 GMT
vary: Accept-Encoding
etag: W/"611a8128-3385"
expires: Sun, 28 Apr 2024 10:25:04 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 120731
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6%2B%2Blz42fjUtRCMfM%2FSpHZZ1%2BI0VVw7yDepdNnEJ%2FCadqcAnXC4SKN9lcS%2BnF7%2FG2mNxiNWIMJcGVOl2dHLslRB239WbqWp%2FsARl1FsIorlV4V3XwqWeAxUPP%2B%2BGOpixbj97zq11vczc3AM9WGw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c025a4d5b93fabc-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

104.17.25.14

200 OK

5.6 kB

URL GET HTTP/3
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://memorandum.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA9:11:71:07:07:92:48:7E:A9:3C:E8:32:25:3F:EB:AC:7D:51:7E:8F
ValidityWed, 03 Aug 2022 00:00:00 GMT - Wed, 02 Aug 2023 23:59:59 GMT

File type
ASCII text, with very long lines (30837)
Size
5.6 kB (5631 bytes)
Hash
109d1ed85cd01f9cdab73a4cac5bf80d
d6c6498ad46de2d8e2008a8ff68e364ae7f16b32
8b3a74fe462f5b3c0635995fd721a60eb640e237680b0b532b96711f2823e8bc

HTTP Headers

GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: cdnjs.cloudflare.com
Connection: keep-alive
Referer: https://now.okaynotification.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 30 Apr 2023 19:57:16 GMT
content-type: text/css; charset=utf-8
content-length: 5631
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-7918"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1553747
expires: Fri, 19 Apr 2024 19:57:16 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fiMieb1e6EePSzZQq9pDt1IEyCC2oYsMGjI9MNLw8sYvfOtqyNTkVhUJ7IBv2qNa5cM5%2FEOImGEGkfUW7drJHB7HEbr9jzl2rRWs9Vcprj0YIj74mLo6s36UhDgRiEa%2BcJm3BuA8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7c025a51cb4db4ed-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

142.250.74.106

200 OK

31 kB

URL GET HTTP/3
ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://letter.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint78:8B:BB:40:DD:1D:5B:E9:7B:AA:CC:94:45:44:7F:FD:56:6E:E4:60
ValidityMon, 03 Apr 2023 08:24:24 GMT - Mon, 26 Jun 2023 08:24:23 GMT

File type
ASCII text, with very long lines (65451)
Size
31 kB (31021 bytes)
Hash
903bc7a7e510f87aa5d0201eb59a0832
ac9aa4dd94cde1bcba9037e94087138b127e41fc
41a7ac8150cc9f38421451d5143c1ffec7a1f1fafbf7a7fc0f51b98ad699cf8f

HTTP Headers

GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: ajax.googleapis.com
Connection: keep-alive
Referer: https://now.okaynotification.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31021
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 29 Apr 2023 13:45:37 GMT
expires: Sun, 28 Apr 2024 13:45:37 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 108699
last-modified: Fri, 08 May 2020 07:05:03 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

update.okaynotification.com/js2/t/video2/index.html

188.114.97.1

30 kB

URL
update.okaynotification.com/js2/t/video2/index.html
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1051), with CRLF line terminators
Size
30 kB (30157 bytes)
Hash
7cf634d9c4487f1eb951466235d9d43b
f8e9a35ce875910132b06b6da86d71254e1f35b4
2a1099b9552c14808f72c7bfb6569086075030ff9c983979d1a9ee9b8f42bba7

HTTP Headers

GET /js2/t/video2/index.html HTTP/1.1
Host: update.okaynotification.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://click.okaynotification.com/
Cookie: jjj=4; u=31x4691x1543644ec8198b4c8
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 30 Apr 2023 19:57:16 GMT
content-type: text/html
last-modified: Fri, 09 Oct 2020 15:22:15 GMT
vary: Accept-Encoding
expires: Mon, 29 Apr 2024 19:57:16 GMT
cache-control: max-age=31536000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VExketmBosXQtkibvKL9%2B1mHj6l%2B%2B91TEtTnqUtA%2FnJBV4%2FQrS8qWX5waSZj8YnmfvAWIP%2BHa%2BeKwDxCicH0bQweFlHvAJeY2nJOdAF%2Bt87xzQ47ypkwQJZ1K8awYFlXX4j7p864ZIg4jAtIlmI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c025a4e78c40b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

mainstreamlp.s3-eu-west-1.amazonaws.com/cassandra/unnamed.gif

52.218.46.154

200 OK

56 kB

URL GET HTTP/1.1
mainstreamlp.s3-eu-west-1.amazonaws.com/cassandra/unnamed.gif
IP
52.218.46.154:443
ASN
#16509 AMAZON-02

Requested by
https://news.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate
IssuerAmazon
Subject*.s3-eu-west-1.amazonaws.com
Fingerprint65:68:E2:68:16:9C:A1:45:3E:AA:7F:E8:6C:8C:07:12:86:2D:DC:10
ValidityWed, 21 Sep 2022 00:00:00 GMT - Wed, 30 Aug 2023 23:59:59 GMT

File type
GIF image data, version 89a, 250 x 200\012- data
Size
56 kB (55495 bytes)
Hash
426e71e4e8b69c27ca1530ad8ea0f337
25491dd7883395b030d8e57364878ce642834e37
29439e6057faf7858a2ebb5844b6f2751386bd4c39648ea3c2c60d5e1a3f17f1

HTTP Headers

GET /cassandra/unnamed.gif HTTP/1.1
Host: mainstreamlp.s3-eu-west-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://now.okaynotification.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: qHO5bvUarTH4me/VejdBsRmI0MjPft0sCVqDwG2QT13MnULU42fCgZq+4IabHgL1F4RCwSMcuZc=
x-amz-request-id: 2N7YZ7KB2K7RFRX1
Date: Sun, 30 Apr 2023 19:57:17 GMT
Last-Modified: Wed, 20 May 2020 16:12:00 GMT
ETag: "426e71e4e8b69c27ca1530ad8ea0f337"
Accept-Ranges: bytes
Content-Type: image/gif
Server: AmazonS3
Content-Length: 55495

now.okaynotification.com/js2/t/video2/index.html

188.114.97.1

15 kB

URL
now.okaynotification.com/js2/t/video2/index.html
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1051), with CRLF line terminators
Size
15 kB (15031 bytes)
Hash
64cd8a1867e91682c7d219ca444c2f7f
a15cec5014d99d72fa2378719a3129088ba1b720
0f52ad3834d727629fc351028d2d74c10c5208cc93ab67f577d2983b44a57f6c

HTTP Headers

GET /js2/t/video2/index.html HTTP/1.1
Host: now.okaynotification.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://update.okaynotification.com/
Cookie: jjj=5; u=31x4691x1543644ec8198b4c8
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 30 Apr 2023 19:57:16 GMT
content-type: text/html
last-modified: Fri, 09 Oct 2020 15:22:15 GMT
vary: Accept-Encoding
expires: Mon, 29 Apr 2024 19:57:16 GMT
cache-control: max-age=31536000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uF9P9jwYu6TtIr%2FklDtmWJzaWeHy32SA%2FBk6EydUEdSlDl01UTCDoaPIeOoCIyJcIILkR7CtEpmsN0yEoMpPDQidXp3M9lVrpRCcHGZFnvqIRwba%2FNHYnISyDVc40c9SblvUkREdUUyloIU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c025a50cb440b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

142.250.74.106

200 OK

31 kB

URL GET HTTP/3
ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://letter.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint78:8B:BB:40:DD:1D:5B:E9:7B:AA:CC:94:45:44:7F:FD:56:6E:E4:60
ValidityMon, 03 Apr 2023 08:24:24 GMT - Mon, 26 Jun 2023 08:24:23 GMT

File type
ASCII text, with very long lines (65451)
Size
31 kB (31021 bytes)
Hash
903bc7a7e510f87aa5d0201eb59a0832
ac9aa4dd94cde1bcba9037e94087138b127e41fc
41a7ac8150cc9f38421451d5143c1ffec7a1f1fafbf7a7fc0f51b98ad699cf8f

HTTP Headers

GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: ajax.googleapis.com
Connection: keep-alive
Referer: https://read.okaynotification.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31021
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 29 Apr 2023 13:45:37 GMT
expires: Sun, 28 Apr 2024 13:45:37 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 108699
last-modified: Fri, 08 May 2020 07:05:03 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

mainstreamlp.s3-eu-west-1.amazonaws.com/cassandra/giphy.gif

52.218.46.154

25 kB

URL GET
mainstreamlp.s3-eu-west-1.amazonaws.com/cassandra/giphy.gif
IP
52.218.46.154:0
ASN
#16509 AMAZON-02

Requested by
https://note.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate
IssuerAmazon
Subject*.s3-eu-west-1.amazonaws.com
Fingerprint65:68:E2:68:16:9C:A1:45:3E:AA:7F:E8:6C:8C:07:12:86:2D:DC:10
ValidityWed, 21 Sep 2022 00:00:00 GMT - Wed, 30 Aug 2023 23:59:59 GMT

File type
GIF image data, version 89a, 480 x 480\012- data
Size
25 kB (24722 bytes)
Hash
7e3fce0b52710d1cff60184ab6957570
44d0b8f01481a72a93da9a5b37898d15d33e6ad6
b0f4b9ef95abb8ac47aeea2bedfbcd0df609b82a1c6cb4f73497a3b061929074

HTTP Headers

GET /cassandra/giphy.gif HTTP/1.1
Host: mainstreamlp.s3-eu-west-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://read.okaynotification.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: exnoumPr3w9kEHp0sT1D4a/fhgsHB2aMJdFmHTzpASz7bSi13JGFVYYa3w0sMMOWZUYXOe4iqd8=
x-amz-request-id: 2N7Z97PZ1HM4Z95Y
Date: Sun, 30 Apr 2023 19:57:17 GMT
Last-Modified: Wed, 20 May 2020 16:30:23 GMT
ETag: "7e3fce0b52710d1cff60184ab6957570"
Accept-Ranges: bytes
Content-Type: image/gif
Server: AmazonS3
Content-Length: 24722

mainstreamlp.s3-eu-west-1.amazonaws.com/cassandra/unnamed.gif

52.218.46.154

200 OK

56 kB

URL GET HTTP/1.1
mainstreamlp.s3-eu-west-1.amazonaws.com/cassandra/unnamed.gif
IP
52.218.46.154:443
ASN
#16509 AMAZON-02

Requested by
https://news.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate
IssuerAmazon
Subject*.s3-eu-west-1.amazonaws.com
Fingerprint65:68:E2:68:16:9C:A1:45:3E:AA:7F:E8:6C:8C:07:12:86:2D:DC:10
ValidityWed, 21 Sep 2022 00:00:00 GMT - Wed, 30 Aug 2023 23:59:59 GMT

File type
GIF image data, version 89a, 250 x 200\012- data
Size
56 kB (55495 bytes)
Hash
426e71e4e8b69c27ca1530ad8ea0f337
25491dd7883395b030d8e57364878ce642834e37
29439e6057faf7858a2ebb5844b6f2751386bd4c39648ea3c2c60d5e1a3f17f1

HTTP Headers

GET /cassandra/unnamed.gif HTTP/1.1
Host: mainstreamlp.s3-eu-west-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://read.okaynotification.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: /+4TShIWCQXJ9N1jMykELvWB4p2TXchiPLFbhEpGcWJw/KexvlLOA/0403FuQGMrvbpR1HKBzI0=
x-amz-request-id: 2N7ZDETFVAZKJ5JH
Date: Sun, 30 Apr 2023 19:57:17 GMT
Last-Modified: Wed, 20 May 2020 16:12:00 GMT
ETag: "426e71e4e8b69c27ca1530ad8ea0f337"
Accept-Ranges: bytes
Content-Type: image/gif
Server: AmazonS3
Content-Length: 55495

read.okaynotification.com/js2/t/video2/inc.js

188.114.97.1

9.1 kB

URL
read.okaynotification.com/js2/t/video2/inc.js
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with CRLF line terminators
Size
9.1 kB (9058 bytes)
Hash
e287b8fdd03afb692d6eed6e084e0632
ec545b22ce4ec45605951fda19d34725179d5569
2b18f62ab5514d86271b6c6915c793f45d4d6e16019461c818a37dcb175ef63a

HTTP Headers

GET /js2/t/video2/inc.js HTTP/1.1
Host: read.okaynotification.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: read.okaynotification.com
Connection: keep-alive
Referer: https://read.okaynotification.com/js2/t/video2/index.html
Cookie: jjj=6; u=31x4691x1543644ec8198b4c8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 30 Apr 2023 19:57:16 GMT
content-type: application/javascript
last-modified: Mon, 16 Aug 2021 15:15:52 GMT
vary: Accept-Encoding
etag: W/"611a8128-3385"
expires: Sun, 28 Apr 2024 10:25:05 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 120731
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7O5Zvh0T9%2BpSrf3K3AOTXZqKhVczZbgz7ZKHIxn47eRPVe3HSIp8ezYaFQXfFVIbQmdm%2FKTPcsyTwY2d8UTKbKKC0dpal13bk0ICWY8l3yex28NCJR4%2FJ80JsPOASACQQrcR53pHjutbZ2ZO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c025a53eed60b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

142.250.74.106

200 OK

31 kB

URL GET HTTP/3
ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://letter.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint78:8B:BB:40:DD:1D:5B:E9:7B:AA:CC:94:45:44:7F:FD:56:6E:E4:60
ValidityMon, 03 Apr 2023 08:24:24 GMT - Mon, 26 Jun 2023 08:24:23 GMT

File type
ASCII text, with very long lines (65451)
Size
31 kB (31021 bytes)
Hash
903bc7a7e510f87aa5d0201eb59a0832
ac9aa4dd94cde1bcba9037e94087138b127e41fc
41a7ac8150cc9f38421451d5143c1ffec7a1f1fafbf7a7fc0f51b98ad699cf8f

HTTP Headers

GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: ajax.googleapis.com
Connection: keep-alive
Referer: https://readnow.okaynotification.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31021
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 29 Apr 2023 13:45:37 GMT
expires: Sun, 28 Apr 2024 13:45:37 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 108700
last-modified: Fri, 08 May 2020 07:05:03 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

mainstreamlp.s3-eu-west-1.amazonaws.com/cassandra/giphy.gif

52.218.46.154

25 kB

URL GET
mainstreamlp.s3-eu-west-1.amazonaws.com/cassandra/giphy.gif
IP
52.218.46.154:0
ASN
#16509 AMAZON-02

Requested by
https://note.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate
IssuerAmazon
Subject*.s3-eu-west-1.amazonaws.com
Fingerprint65:68:E2:68:16:9C:A1:45:3E:AA:7F:E8:6C:8C:07:12:86:2D:DC:10
ValidityWed, 21 Sep 2022 00:00:00 GMT - Wed, 30 Aug 2023 23:59:59 GMT

File type
GIF image data, version 89a, 480 x 480\012- data
Size
25 kB (24722 bytes)
Hash
7e3fce0b52710d1cff60184ab6957570
44d0b8f01481a72a93da9a5b37898d15d33e6ad6
b0f4b9ef95abb8ac47aeea2bedfbcd0df609b82a1c6cb4f73497a3b061929074

HTTP Headers

GET /cassandra/giphy.gif HTTP/1.1
Host: mainstreamlp.s3-eu-west-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://readnow.okaynotification.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: WHMqGI0+lGYeqVXDCh7KiXcM49xlck1+KoW78VTOLvPu1VnVjjQy7OHEnyMDF5QN9PNR2UfCGE4=
x-amz-request-id: VC7EFQDDM2ZPN4J0
Date: Sun, 30 Apr 2023 19:57:18 GMT
Last-Modified: Wed, 20 May 2020 16:30:23 GMT
ETag: "7e3fce0b52710d1cff60184ab6957570"
Accept-Ranges: bytes
Content-Type: image/gif
Server: AmazonS3
Content-Length: 24722

mainstreamlp.s3-eu-west-1.amazonaws.com/cassandra/unnamed.gif

52.218.46.154

200 OK

56 kB

URL GET HTTP/1.1
mainstreamlp.s3-eu-west-1.amazonaws.com/cassandra/unnamed.gif
IP
52.218.46.154:443
ASN
#16509 AMAZON-02

Requested by
https://news.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate
IssuerAmazon
Subject*.s3-eu-west-1.amazonaws.com
Fingerprint65:68:E2:68:16:9C:A1:45:3E:AA:7F:E8:6C:8C:07:12:86:2D:DC:10
ValidityWed, 21 Sep 2022 00:00:00 GMT - Wed, 30 Aug 2023 23:59:59 GMT

File type
GIF image data, version 89a, 250 x 200\012- data
Size
56 kB (55495 bytes)
Hash
426e71e4e8b69c27ca1530ad8ea0f337
25491dd7883395b030d8e57364878ce642834e37
29439e6057faf7858a2ebb5844b6f2751386bd4c39648ea3c2c60d5e1a3f17f1

HTTP Headers

GET /cassandra/unnamed.gif HTTP/1.1
Host: mainstreamlp.s3-eu-west-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://readnow.okaynotification.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: hnP38xozawAZRT89A1fN42ZvD5CB44VmTb8cS5WnGgiBB7tubMssq3kcDEReU3+CzULOKDg+FA8=
x-amz-request-id: VC76FNZVGEFFSZ3W
Date: Sun, 30 Apr 2023 19:57:18 GMT
Last-Modified: Wed, 20 May 2020 16:12:00 GMT
ETag: "426e71e4e8b69c27ca1530ad8ea0f337"
Accept-Ranges: bytes
Content-Type: image/gif
Server: AmazonS3
Content-Length: 55495

cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

104.17.25.14

200 OK

5.6 kB

URL GET HTTP/3
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://memorandum.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA9:11:71:07:07:92:48:7E:A9:3C:E8:32:25:3F:EB:AC:7D:51:7E:8F
ValidityWed, 03 Aug 2022 00:00:00 GMT - Wed, 02 Aug 2023 23:59:59 GMT

File type
ASCII text, with very long lines (30837)
Size
5.6 kB (5631 bytes)
Hash
109d1ed85cd01f9cdab73a4cac5bf80d
d6c6498ad46de2d8e2008a8ff68e364ae7f16b32
8b3a74fe462f5b3c0635995fd721a60eb640e237680b0b532b96711f2823e8bc

HTTP Headers

GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: cdnjs.cloudflare.com
Connection: keep-alive
Referer: https://unread.okaynotification.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 30 Apr 2023 19:57:17 GMT
content-type: text/css; charset=utf-8
content-length: 5631
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-7918"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1553748
expires: Fri, 19 Apr 2024 19:57:17 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MJ3UEGf9zu%2Fy%2FuSxfT6JFjoe2uAHHIUiPYjBF9nnBz8S7YpWK08N2Lna6CMXdS5yMiO3qzV5krqreIhKZAoh7HdosJnkUM49bE2%2BTy0lhakkDXWSZw3Glf00mTlSioiWxVRf94jR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7c025a59492bb4ed-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

142.250.74.106

200 OK

31 kB

URL GET HTTP/3
ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://letter.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint78:8B:BB:40:DD:1D:5B:E9:7B:AA:CC:94:45:44:7F:FD:56:6E:E4:60
ValidityMon, 03 Apr 2023 08:24:24 GMT - Mon, 26 Jun 2023 08:24:23 GMT

File type
ASCII text, with very long lines (65451)
Size
31 kB (31021 bytes)
Hash
903bc7a7e510f87aa5d0201eb59a0832
ac9aa4dd94cde1bcba9037e94087138b127e41fc
41a7ac8150cc9f38421451d5143c1ffec7a1f1fafbf7a7fc0f51b98ad699cf8f

HTTP Headers

GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: ajax.googleapis.com
Connection: keep-alive
Referer: https://unread.okaynotification.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31021
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 29 Apr 2023 13:45:37 GMT
expires: Sun, 28 Apr 2024 13:45:37 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 108700
last-modified: Fri, 08 May 2020 07:05:03 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

mainstreamlp.s3-eu-west-1.amazonaws.com/cassandra/giphy.gif

52.218.46.154

25 kB

URL GET
mainstreamlp.s3-eu-west-1.amazonaws.com/cassandra/giphy.gif
IP
52.218.46.154:0
ASN
#16509 AMAZON-02

Requested by
https://note.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate
IssuerAmazon
Subject*.s3-eu-west-1.amazonaws.com
Fingerprint65:68:E2:68:16:9C:A1:45:3E:AA:7F:E8:6C:8C:07:12:86:2D:DC:10
ValidityWed, 21 Sep 2022 00:00:00 GMT - Wed, 30 Aug 2023 23:59:59 GMT

File type
GIF image data, version 89a, 480 x 480\012- data
Size
25 kB (24722 bytes)
Hash
7e3fce0b52710d1cff60184ab6957570
44d0b8f01481a72a93da9a5b37898d15d33e6ad6
b0f4b9ef95abb8ac47aeea2bedfbcd0df609b82a1c6cb4f73497a3b061929074

HTTP Headers

GET /cassandra/giphy.gif HTTP/1.1
Host: mainstreamlp.s3-eu-west-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://unread.okaynotification.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: me1sA04N0r4SnVeNZP0qCmnswHE7v40MUM8BBphAZk++dHU3HZTNcCUY6z6DuQoygCPMB8IFqCE=
x-amz-request-id: VC7B1KCRH0P3KR37
Date: Sun, 30 Apr 2023 19:57:18 GMT
Last-Modified: Wed, 20 May 2020 16:30:23 GMT
ETag: "7e3fce0b52710d1cff60184ab6957570"
Accept-Ranges: bytes
Content-Type: image/gif
Server: AmazonS3
Content-Length: 24722

mainstreamlp.s3-eu-west-1.amazonaws.com/cassandra/unnamed.gif

52.218.46.154

200 OK

56 kB

URL GET HTTP/1.1
mainstreamlp.s3-eu-west-1.amazonaws.com/cassandra/unnamed.gif
IP
52.218.46.154:443
ASN
#16509 AMAZON-02

Requested by
https://news.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate
IssuerAmazon
Subject*.s3-eu-west-1.amazonaws.com
Fingerprint65:68:E2:68:16:9C:A1:45:3E:AA:7F:E8:6C:8C:07:12:86:2D:DC:10
ValidityWed, 21 Sep 2022 00:00:00 GMT - Wed, 30 Aug 2023 23:59:59 GMT

File type
GIF image data, version 89a, 250 x 200\012- data
Size
56 kB (55495 bytes)
Hash
426e71e4e8b69c27ca1530ad8ea0f337
25491dd7883395b030d8e57364878ce642834e37
29439e6057faf7858a2ebb5844b6f2751386bd4c39648ea3c2c60d5e1a3f17f1

HTTP Headers

GET /cassandra/unnamed.gif HTTP/1.1
Host: mainstreamlp.s3-eu-west-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://unread.okaynotification.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: 43ib7SFNr6WGJXDrpt8BRnZxcL8hwMBritiMLbRZIWnyAGY12mXyZnxJ9Z7uG7DkB6bUc232wpc=
x-amz-request-id: VC70782040PYV601
Date: Sun, 30 Apr 2023 19:57:18 GMT
Last-Modified: Wed, 20 May 2020 16:12:00 GMT
ETag: "426e71e4e8b69c27ca1530ad8ea0f337"
Accept-Ranges: bytes
Content-Type: image/gif
Server: AmazonS3
Content-Length: 55495

cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

104.17.25.14

200 OK

5.6 kB

URL GET HTTP/3
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://memorandum.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA9:11:71:07:07:92:48:7E:A9:3C:E8:32:25:3F:EB:AC:7D:51:7E:8F
ValidityWed, 03 Aug 2022 00:00:00 GMT - Wed, 02 Aug 2023 23:59:59 GMT

File type
ASCII text, with very long lines (30837)
Size
5.6 kB (5631 bytes)
Hash
109d1ed85cd01f9cdab73a4cac5bf80d
d6c6498ad46de2d8e2008a8ff68e364ae7f16b32
8b3a74fe462f5b3c0635995fd721a60eb640e237680b0b532b96711f2823e8bc

HTTP Headers

GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: cdnjs.cloudflare.com
Connection: keep-alive
Referer: https://first.okaynotification.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 30 Apr 2023 19:57:17 GMT
content-type: text/css; charset=utf-8
content-length: 5631
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-7918"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1553748
expires: Fri, 19 Apr 2024 19:57:17 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nnxgu3GmT5%2Bg7l4FrvHHNnbvfM2NOvFs40OYI18uc6sjRaZrxRMsMuKkRtZhYyPg7%2F0gJ3SbARqhkHm%2FFk20rKm9LeF95JncdjKps9QrEQKT9xqkC9%2BZXWgsNXAZuwgTuWc7znN4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7c025a5b6c7ab4ed-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

142.250.74.106

200 OK

31 kB

URL GET HTTP/3
ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://letter.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint78:8B:BB:40:DD:1D:5B:E9:7B:AA:CC:94:45:44:7F:FD:56:6E:E4:60
ValidityMon, 03 Apr 2023 08:24:24 GMT - Mon, 26 Jun 2023 08:24:23 GMT

File type
ASCII text, with very long lines (65451)
Size
31 kB (31021 bytes)
Hash
903bc7a7e510f87aa5d0201eb59a0832
ac9aa4dd94cde1bcba9037e94087138b127e41fc
41a7ac8150cc9f38421451d5143c1ffec7a1f1fafbf7a7fc0f51b98ad699cf8f

HTTP Headers

GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: ajax.googleapis.com
Connection: keep-alive
Referer: https://first.okaynotification.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31021
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 29 Apr 2023 13:45:37 GMT
expires: Sun, 28 Apr 2024 13:45:37 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 108700
last-modified: Fri, 08 May 2020 07:05:03 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

mainstreamlp.s3-eu-west-1.amazonaws.com/cassandra/giphy.gif

52.218.46.154

25 kB

URL GET
mainstreamlp.s3-eu-west-1.amazonaws.com/cassandra/giphy.gif
IP
52.218.46.154:0
ASN
#16509 AMAZON-02

Requested by
https://note.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate
IssuerAmazon
Subject*.s3-eu-west-1.amazonaws.com
Fingerprint65:68:E2:68:16:9C:A1:45:3E:AA:7F:E8:6C:8C:07:12:86:2D:DC:10
ValidityWed, 21 Sep 2022 00:00:00 GMT - Wed, 30 Aug 2023 23:59:59 GMT

File type
GIF image data, version 89a, 480 x 480\012- data
Size
25 kB (24722 bytes)
Hash
7e3fce0b52710d1cff60184ab6957570
44d0b8f01481a72a93da9a5b37898d15d33e6ad6
b0f4b9ef95abb8ac47aeea2bedfbcd0df609b82a1c6cb4f73497a3b061929074

HTTP Headers

GET /cassandra/giphy.gif HTTP/1.1
Host: mainstreamlp.s3-eu-west-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://first.okaynotification.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: HYOaOOO0lrCeNtW/UCCQ5HeP43W1okgzdsqrtsGf8UrBX18N6pbUgglF9DHmnPxq4OM7bSaJiD8=
x-amz-request-id: PJAJ5Q4E0ZZXSEMD
Date: Sun, 30 Apr 2023 19:57:19 GMT
Last-Modified: Wed, 20 May 2020 16:30:23 GMT
ETag: "7e3fce0b52710d1cff60184ab6957570"
Accept-Ranges: bytes
Content-Type: image/gif
Server: AmazonS3
Content-Length: 24722

readnow.okaynotification.com/js2/t/video2/index.html

188.114.97.1

64 kB

URL
readnow.okaynotification.com/js2/t/video2/index.html
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1051), with CRLF line terminators
Size
64 kB (63652 bytes)
Hash
84ac362d00cfbafe60336019f6887bab
2611fefcb0159f02d41fcd76b78a2eeeae11598d
e0687b6e563e1607b8e76a118a46e30ce8285471a2f8391fa25d398bf5ea3847

HTTP Headers

GET /js2/t/video2/index.html HTTP/1.1
Host: readnow.okaynotification.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://read.okaynotification.com/
Cookie: jjj=7; u=31x4691x1543644ec8198b4c8
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 30 Apr 2023 19:57:17 GMT
content-type: text/html
last-modified: Fri, 09 Oct 2020 15:22:15 GMT
vary: Accept-Encoding
expires: Mon, 29 Apr 2024 19:57:17 GMT
cache-control: max-age=31536000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gYvxHhGxLv%2FUpcW7cYgt%2BeOcXc151clGlNHWX2aWkrlXoS1FrtT0KDOXYaaHlMyfqe6pmJDCnFU21AHvS8Uy16elJHRgeN4CwHs9KplY8BlmQkl6SokgvuHlWwjMLjHhu8oO4aMGKaMMErhyDXFw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c025a5518320b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

104.17.25.14

200 OK

5.6 kB

URL GET HTTP/3
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://memorandum.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA9:11:71:07:07:92:48:7E:A9:3C:E8:32:25:3F:EB:AC:7D:51:7E:8F
ValidityWed, 03 Aug 2022 00:00:00 GMT - Wed, 02 Aug 2023 23:59:59 GMT

File type
ASCII text, with very long lines (30837)
Size
5.6 kB (5631 bytes)
Hash
109d1ed85cd01f9cdab73a4cac5bf80d
d6c6498ad46de2d8e2008a8ff68e364ae7f16b32
8b3a74fe462f5b3c0635995fd721a60eb640e237680b0b532b96711f2823e8bc

HTTP Headers

GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: cdnjs.cloudflare.com
Connection: keep-alive
Referer: https://clik.okaynotification.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 30 Apr 2023 19:57:18 GMT
content-type: text/css; charset=utf-8
content-length: 5631
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-7918"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1553749
expires: Fri, 19 Apr 2024 19:57:18 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FJcU2Ncazy2Nc8sZJeozSWinlr%2BT1XgGI%2BFN0GXtlHZNG3hNWN5%2FAEE3VPdORTV99xv3o7ETiDtGu%2BLvRxE9fi77fjIwyb5pF82lS12wiqjt8TsYLQPysjhgICP61NlspaSE%2B1%2Fn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7c025a5d6f50b4ed-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

unread.okaynotification.com/js2/t/video2/style.css

104.21.84.214

32 kB

URL
unread.okaynotification.com/js2/t/video2/style.css
IP
104.21.84.214:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with CRLF line terminators
Size
32 kB (31756 bytes)
Hash
4ac054e85f072c2ebef15f8836a0df88
8afdc567c7671fad4243bf26d3afd1c2ffc0cbcf
80ddb63a1b4bddc7ab0b75737595ac1d3879c21738482b18807f31091fc8455f

HTTP Headers

GET /js2/t/video2/style.css HTTP/1.1
Host: unread.okaynotification.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: unread.okaynotification.com
Connection: keep-alive
Referer: https://unread.okaynotification.com/js2/t/video2/index.html
Cookie: jjj=8; u=31x4691x1543644ec8198b4c8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 30 Apr 2023 19:57:17 GMT
content-type: text/css
last-modified: Thu, 21 May 2020 13:08:20 GMT
vary: Accept-Encoding
etag: W/"5ec67d44-79a"
expires: Sun, 28 Apr 2024 10:25:05 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 120731
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xYrId0aXTqvtERRwdNbVOBQ2OUPPlLXk10EHLXmeHDt9LQyntHvvbfng9kR2t8Ods9UdmAVi7lHqSXzDrAiVXlZwni8IqEqbB3uKxudaP%2FmxUeruf8pNjjtU09bC63dQpQ5ucbPSh%2Fco5mkVDOU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c025a594f72fabc-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

mainstreamlp.s3-eu-west-1.amazonaws.com/cassandra/giphy.gif

52.218.46.154

25 kB

URL GET
mainstreamlp.s3-eu-west-1.amazonaws.com/cassandra/giphy.gif
IP
52.218.46.154:0
ASN
#16509 AMAZON-02

Requested by
https://note.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate
IssuerAmazon
Subject*.s3-eu-west-1.amazonaws.com
Fingerprint65:68:E2:68:16:9C:A1:45:3E:AA:7F:E8:6C:8C:07:12:86:2D:DC:10
ValidityWed, 21 Sep 2022 00:00:00 GMT - Wed, 30 Aug 2023 23:59:59 GMT

File type
GIF image data, version 89a, 480 x 480\012- data
Size
25 kB (24722 bytes)
Hash
7e3fce0b52710d1cff60184ab6957570
44d0b8f01481a72a93da9a5b37898d15d33e6ad6
b0f4b9ef95abb8ac47aeea2bedfbcd0df609b82a1c6cb4f73497a3b061929074

HTTP Headers

GET /cassandra/giphy.gif HTTP/1.1
Host: mainstreamlp.s3-eu-west-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clik.okaynotification.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: Buv+v/QGuuQuWyJbxm4by0IToESDNQ/K8YwVIDQkAEKWUfQIsgJrjbnH35fL3bYehYa+me24TVM=
x-amz-request-id: PJASDRKF2N6D7KS9
Date: Sun, 30 Apr 2023 19:57:19 GMT
Last-Modified: Wed, 20 May 2020 16:30:23 GMT
ETag: "7e3fce0b52710d1cff60184ab6957570"
Accept-Ranges: bytes
Content-Type: image/gif
Server: AmazonS3
Content-Length: 24722

mainstreamlp.s3-eu-west-1.amazonaws.com/cassandra/unnamed.gif

52.218.46.154

200 OK

56 kB

URL GET HTTP/1.1
mainstreamlp.s3-eu-west-1.amazonaws.com/cassandra/unnamed.gif
IP
52.218.46.154:443
ASN
#16509 AMAZON-02

Requested by
https://news.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate
IssuerAmazon
Subject*.s3-eu-west-1.amazonaws.com
Fingerprint65:68:E2:68:16:9C:A1:45:3E:AA:7F:E8:6C:8C:07:12:86:2D:DC:10
ValidityWed, 21 Sep 2022 00:00:00 GMT - Wed, 30 Aug 2023 23:59:59 GMT

File type
GIF image data, version 89a, 250 x 200\012- data
Size
56 kB (55495 bytes)
Hash
426e71e4e8b69c27ca1530ad8ea0f337
25491dd7883395b030d8e57364878ce642834e37
29439e6057faf7858a2ebb5844b6f2751386bd4c39648ea3c2c60d5e1a3f17f1

HTTP Headers

GET /cassandra/unnamed.gif HTTP/1.1
Host: mainstreamlp.s3-eu-west-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clik.okaynotification.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: 9XC7Vb+gJCHA8eOYUfQguprj/sfCDwrQHqodgmp3KB9Kk+gHwXnBzdljPXpEAqFYNsOhmcW8uh8=
x-amz-request-id: PJAX1D3AFM2KY9TA
Date: Sun, 30 Apr 2023 19:57:19 GMT
Last-Modified: Wed, 20 May 2020 16:12:00 GMT
ETag: "426e71e4e8b69c27ca1530ad8ea0f337"
Accept-Ranges: bytes
Content-Type: image/gif
Server: AmazonS3
Content-Length: 55495

cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

104.17.25.14

200 OK

5.6 kB

URL GET HTTP/3
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://memorandum.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA9:11:71:07:07:92:48:7E:A9:3C:E8:32:25:3F:EB:AC:7D:51:7E:8F
ValidityWed, 03 Aug 2022 00:00:00 GMT - Wed, 02 Aug 2023 23:59:59 GMT

File type
ASCII text, with very long lines (30837)
Size
5.6 kB (5631 bytes)
Hash
109d1ed85cd01f9cdab73a4cac5bf80d
d6c6498ad46de2d8e2008a8ff68e364ae7f16b32
8b3a74fe462f5b3c0635995fd721a60eb640e237680b0b532b96711f2823e8bc

HTTP Headers

GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: cdnjs.cloudflare.com
Connection: keep-alive
Referer: https://information.okaynotification.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 30 Apr 2023 19:57:18 GMT
content-type: text/css; charset=utf-8
content-length: 5631
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-7918"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1553749
expires: Fri, 19 Apr 2024 19:57:18 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RrZEl9A4WopLLhKBpEcG7DzJfn%2BHnNAHIGqlueJ94psK0AocQ%2FkUG%2FPtiSIiIdSXADpwh1tN6eR16hzS%2BWN%2BnAdmf7%2BVCYQ%2FE%2FEyLk6SLGxreFZgtKg%2F7SgOWcq5mXm9SbxX0FSu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7c025a600b30b4ed-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

142.250.74.106

200 OK

31 kB

URL GET HTTP/3
ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://letter.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint78:8B:BB:40:DD:1D:5B:E9:7B:AA:CC:94:45:44:7F:FD:56:6E:E4:60
ValidityMon, 03 Apr 2023 08:24:24 GMT - Mon, 26 Jun 2023 08:24:23 GMT

File type
ASCII text, with very long lines (65451)
Size
31 kB (31021 bytes)
Hash
903bc7a7e510f87aa5d0201eb59a0832
ac9aa4dd94cde1bcba9037e94087138b127e41fc
41a7ac8150cc9f38421451d5143c1ffec7a1f1fafbf7a7fc0f51b98ad699cf8f

HTTP Headers

GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: ajax.googleapis.com
Connection: keep-alive
Referer: https://information.okaynotification.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31021
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 29 Apr 2023 13:45:37 GMT
expires: Sun, 28 Apr 2024 13:45:37 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 108701
last-modified: Fri, 08 May 2020 07:05:03 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

first.okaynotification.com/js2/t/video2/index.html

104.21.84.214

30 kB

URL
first.okaynotification.com/js2/t/video2/index.html
IP
104.21.84.214:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1051), with CRLF line terminators
Size
30 kB (30157 bytes)
Hash
7cf634d9c4487f1eb951466235d9d43b
f8e9a35ce875910132b06b6da86d71254e1f35b4
2a1099b9552c14808f72c7bfb6569086075030ff9c983979d1a9ee9b8f42bba7

HTTP Headers

GET /js2/t/video2/index.html HTTP/1.1
Host: first.okaynotification.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://unread.okaynotification.com/
Cookie: jjj=9; u=31x4691x1543644ec8198b4c8
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 30 Apr 2023 19:57:17 GMT
content-type: text/html
last-modified: Fri, 09 Oct 2020 15:22:15 GMT
vary: Accept-Encoding
expires: Mon, 29 Apr 2024 19:57:17 GMT
cache-control: max-age=31536000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FhoKoRU5jqNSnjXN738TBJGKh%2FPosqHAZzBBBgxj6a45Aco3x%2BmxG5UUD2IJalrUOy2joymedq%2FZKON57lOmkJGof5wZzElAmbGYA%2BRKFCHy3QaYJp525VQxlwh3Z5kbyL5Z%2BctW%2F7b07QpJIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c025a5a5899fabc-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

mainstreamlp.s3-eu-west-1.amazonaws.com/cassandra/unnamed.gif

52.218.46.154

200 OK

56 kB

URL GET HTTP/1.1
mainstreamlp.s3-eu-west-1.amazonaws.com/cassandra/unnamed.gif
IP
52.218.46.154:443
ASN
#16509 AMAZON-02

Requested by
https://news.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate
IssuerAmazon
Subject*.s3-eu-west-1.amazonaws.com
Fingerprint65:68:E2:68:16:9C:A1:45:3E:AA:7F:E8:6C:8C:07:12:86:2D:DC:10
ValidityWed, 21 Sep 2022 00:00:00 GMT - Wed, 30 Aug 2023 23:59:59 GMT

File type
GIF image data, version 89a, 250 x 200\012- data
Size
56 kB (55495 bytes)
Hash
426e71e4e8b69c27ca1530ad8ea0f337
25491dd7883395b030d8e57364878ce642834e37
29439e6057faf7858a2ebb5844b6f2751386bd4c39648ea3c2c60d5e1a3f17f1

HTTP Headers

GET /cassandra/unnamed.gif HTTP/1.1
Host: mainstreamlp.s3-eu-west-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://information.okaynotification.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: YRcMwf3Gg8xWiBvJeLapAoGsVj3He4AuyBqGMXPv408BryuBjMFu029q2RdzWPR29vraWzGS8e0=
x-amz-request-id: PJARTWFZJWVXN83X
Date: Sun, 30 Apr 2023 19:57:19 GMT
Last-Modified: Wed, 20 May 2020 16:12:00 GMT
ETag: "426e71e4e8b69c27ca1530ad8ea0f337"
Accept-Ranges: bytes
Content-Type: image/gif
Server: AmazonS3
Content-Length: 55495

ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

142.250.74.106

200 OK

31 kB

URL GET HTTP/3
ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://letter.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint78:8B:BB:40:DD:1D:5B:E9:7B:AA:CC:94:45:44:7F:FD:56:6E:E4:60
ValidityMon, 03 Apr 2023 08:24:24 GMT - Mon, 26 Jun 2023 08:24:23 GMT

File type
ASCII text, with very long lines (65451)
Size
31 kB (31021 bytes)
Hash
903bc7a7e510f87aa5d0201eb59a0832
ac9aa4dd94cde1bcba9037e94087138b127e41fc
41a7ac8150cc9f38421451d5143c1ffec7a1f1fafbf7a7fc0f51b98ad699cf8f

HTTP Headers

GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: ajax.googleapis.com
Connection: keep-alive
Referer: https://important.okaynotification.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31021
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 29 Apr 2023 13:45:37 GMT
expires: Sun, 28 Apr 2024 13:45:37 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 108702
last-modified: Fri, 08 May 2020 07:05:03 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

104.17.25.14

200 OK

5.6 kB

URL GET HTTP/3
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://memorandum.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA9:11:71:07:07:92:48:7E:A9:3C:E8:32:25:3F:EB:AC:7D:51:7E:8F
ValidityWed, 03 Aug 2022 00:00:00 GMT - Wed, 02 Aug 2023 23:59:59 GMT

File type
ASCII text, with very long lines (30837)
Size
5.6 kB (5631 bytes)
Hash
109d1ed85cd01f9cdab73a4cac5bf80d
d6c6498ad46de2d8e2008a8ff68e364ae7f16b32
8b3a74fe462f5b3c0635995fd721a60eb640e237680b0b532b96711f2823e8bc

HTTP Headers

GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: cdnjs.cloudflare.com
Connection: keep-alive
Referer: https://important.okaynotification.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 30 Apr 2023 19:57:19 GMT
content-type: text/css; charset=utf-8
content-length: 5631
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-7918"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1553750
expires: Fri, 19 Apr 2024 19:57:19 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lZc3UtlfV0V0MPb53EHbO3TGBbj%2FrkdCaQneKmyxNbbjS%2F6N2yDZFZ9PFqMjqrwrcnQyNits5ZOc5PvTr5L5hfL2Vi1nSZ2NwAj3CJzctg84pmH%2FXN5LS1CslzktTM0pZBB%2FdYzM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7c025a625868b4ed-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

mainstreamlp.s3-eu-west-1.amazonaws.com/cassandra/giphy.gif

52.218.46.154

25 kB

URL GET
mainstreamlp.s3-eu-west-1.amazonaws.com/cassandra/giphy.gif
IP
52.218.46.154:0
ASN
#16509 AMAZON-02

Requested by
https://note.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate
IssuerAmazon
Subject*.s3-eu-west-1.amazonaws.com
Fingerprint65:68:E2:68:16:9C:A1:45:3E:AA:7F:E8:6C:8C:07:12:86:2D:DC:10
ValidityWed, 21 Sep 2022 00:00:00 GMT - Wed, 30 Aug 2023 23:59:59 GMT

File type
GIF image data, version 89a, 480 x 480\012- data
Size
25 kB (24722 bytes)
Hash
7e3fce0b52710d1cff60184ab6957570
44d0b8f01481a72a93da9a5b37898d15d33e6ad6
b0f4b9ef95abb8ac47aeea2bedfbcd0df609b82a1c6cb4f73497a3b061929074

HTTP Headers

GET /cassandra/giphy.gif HTTP/1.1
Host: mainstreamlp.s3-eu-west-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://important.okaynotification.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: Yd21SY6N8FjuR0KkUEZ4rJhmrCmEyYBc3J7W/LuaMxuj2d9XOIX7zZ78kVlcCeK+FdYk0FV/6mA=
x-amz-request-id: DN8JJYF0KMTMXWM9
Date: Sun, 30 Apr 2023 19:57:20 GMT
Last-Modified: Wed, 20 May 2020 16:30:23 GMT
ETag: "7e3fce0b52710d1cff60184ab6957570"
Accept-Ranges: bytes
Content-Type: image/gif
Server: AmazonS3
Content-Length: 24722

mainstreamlp.s3-eu-west-1.amazonaws.com/cassandra/unnamed.gif

52.218.46.154

200 OK

56 kB

URL GET HTTP/1.1
mainstreamlp.s3-eu-west-1.amazonaws.com/cassandra/unnamed.gif
IP
52.218.46.154:443
ASN
#16509 AMAZON-02

Requested by
https://news.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate
IssuerAmazon
Subject*.s3-eu-west-1.amazonaws.com
Fingerprint65:68:E2:68:16:9C:A1:45:3E:AA:7F:E8:6C:8C:07:12:86:2D:DC:10
ValidityWed, 21 Sep 2022 00:00:00 GMT - Wed, 30 Aug 2023 23:59:59 GMT

File type
GIF image data, version 89a, 250 x 200\012- data
Size
56 kB (55495 bytes)
Hash
426e71e4e8b69c27ca1530ad8ea0f337
25491dd7883395b030d8e57364878ce642834e37
29439e6057faf7858a2ebb5844b6f2751386bd4c39648ea3c2c60d5e1a3f17f1

HTTP Headers

GET /cassandra/unnamed.gif HTTP/1.1
Host: mainstreamlp.s3-eu-west-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://important.okaynotification.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: QAknk0BLGhTh/oljBLMhdxUT+qFiJHQhd7gOtCGhVOqDvc1Nl8iQ76J2QEXJ8ergSGAtPE1DkbY=
x-amz-request-id: DN8YS2TRD239GETV
Date: Sun, 30 Apr 2023 19:57:20 GMT
Last-Modified: Wed, 20 May 2020 16:12:00 GMT
ETag: "426e71e4e8b69c27ca1530ad8ea0f337"
Accept-Ranges: bytes
Content-Type: image/gif
Server: AmazonS3
Content-Length: 55495

cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

104.17.25.14

200 OK

5.6 kB

URL GET HTTP/3
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://memorandum.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA9:11:71:07:07:92:48:7E:A9:3C:E8:32:25:3F:EB:AC:7D:51:7E:8F
ValidityWed, 03 Aug 2022 00:00:00 GMT - Wed, 02 Aug 2023 23:59:59 GMT

File type
ASCII text, with very long lines (30837)
Size
5.6 kB (5631 bytes)
Hash
109d1ed85cd01f9cdab73a4cac5bf80d
d6c6498ad46de2d8e2008a8ff68e364ae7f16b32
8b3a74fe462f5b3c0635995fd721a60eb640e237680b0b532b96711f2823e8bc

HTTP Headers

GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: cdnjs.cloudflare.com
Connection: keep-alive
Referer: https://big.okaynotification.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 30 Apr 2023 19:57:19 GMT
content-type: text/css; charset=utf-8
content-length: 5631
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-7918"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1553750
expires: Fri, 19 Apr 2024 19:57:19 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=roEusaW88t0SzU1jVjuobpqDEhIntnjsqooPUv%2F2dq17vF6aaQe%2BtQKTanJlVjvKj5gFCwC1VsoqWlShZsiyk8lJH0ua%2FBwu4ts%2FzaCIyH4CmlkvwxT%2BiBd93uVLQOAiqH8sZHv6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7c025a649ce9b4ed-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

142.250.74.106

200 OK

31 kB

URL GET HTTP/3
ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://letter.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint78:8B:BB:40:DD:1D:5B:E9:7B:AA:CC:94:45:44:7F:FD:56:6E:E4:60
ValidityMon, 03 Apr 2023 08:24:24 GMT - Mon, 26 Jun 2023 08:24:23 GMT

File type
ASCII text, with very long lines (65451)
Size
31 kB (31021 bytes)
Hash
903bc7a7e510f87aa5d0201eb59a0832
ac9aa4dd94cde1bcba9037e94087138b127e41fc
41a7ac8150cc9f38421451d5143c1ffec7a1f1fafbf7a7fc0f51b98ad699cf8f

HTTP Headers

GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: ajax.googleapis.com
Connection: keep-alive
Referer: https://big.okaynotification.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31021
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 29 Apr 2023 13:45:37 GMT
expires: Sun, 28 Apr 2024 13:45:37 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 108702
last-modified: Fri, 08 May 2020 07:05:03 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

mainstreamlp.s3-eu-west-1.amazonaws.com/cassandra/giphy.gif

52.218.46.154

25 kB

URL GET
mainstreamlp.s3-eu-west-1.amazonaws.com/cassandra/giphy.gif
IP
52.218.46.154:0
ASN
#16509 AMAZON-02

Requested by
https://note.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate
IssuerAmazon
Subject*.s3-eu-west-1.amazonaws.com
Fingerprint65:68:E2:68:16:9C:A1:45:3E:AA:7F:E8:6C:8C:07:12:86:2D:DC:10
ValidityWed, 21 Sep 2022 00:00:00 GMT - Wed, 30 Aug 2023 23:59:59 GMT

File type
GIF image data, version 89a, 480 x 480\012- data
Size
25 kB (24722 bytes)
Hash
7e3fce0b52710d1cff60184ab6957570
44d0b8f01481a72a93da9a5b37898d15d33e6ad6
b0f4b9ef95abb8ac47aeea2bedfbcd0df609b82a1c6cb4f73497a3b061929074

HTTP Headers

GET /cassandra/giphy.gif HTTP/1.1
Host: mainstreamlp.s3-eu-west-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://big.okaynotification.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: ceG3fkgdV+RCXCR2kFWKR9KShpKU9JuUD2b97PGdjPZ7dgnSyTfXEex2+lIRw/Aj0sjJAyjwXTI=
x-amz-request-id: DN8M57495HAFBR45
Date: Sun, 30 Apr 2023 19:57:20 GMT
Last-Modified: Wed, 20 May 2020 16:30:23 GMT
ETag: "7e3fce0b52710d1cff60184ab6957570"
Accept-Ranges: bytes
Content-Type: image/gif
Server: AmazonS3
Content-Length: 24722

clik.okaynotification.com/js2/t/video2/inc.js

188.114.97.1

62 kB

URL
clik.okaynotification.com/js2/t/video2/inc.js
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with CRLF line terminators
Size
62 kB (62349 bytes)
Hash
7c28dce86184b25ec0874ff61684286b
904deee87170755eb416f855e6cde05a3c0a54b3
f9a2072e3b9dc164919a19382ebd95e110bf91f81947357dfd877878fd2dd7c0

HTTP Headers

GET /js2/t/video2/inc.js HTTP/1.1
Host: clik.okaynotification.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: clik.okaynotification.com
Connection: keep-alive
Referer: https://clik.okaynotification.com/js2/t/video2/index.html
Cookie: jjj=10; u=31x4691x1543644ec8198b4c8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 30 Apr 2023 19:57:18 GMT
content-type: application/javascript
last-modified: Mon, 16 Aug 2021 15:15:52 GMT
vary: Accept-Encoding
etag: W/"611a8128-3385"
expires: Sun, 28 Apr 2024 17:28:50 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 95308
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B5e237h55g78TKwfJCsrVHmCdUzSse%2BP4kWwQXiB9wjHBpe4xWyB3q%2BC7BFmoV2UHW%2BrwmSq%2Fgmmj6Z8JZjxvMIQvJRtYT%2FE5qJqq2Nz4C9HeQh1bdf8809p21M%2Fw739NmvR9Ex2kmuUlSfx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c025a5d69bb0b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

104.17.25.14

200 OK

5.6 kB

URL GET HTTP/3
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://memorandum.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA9:11:71:07:07:92:48:7E:A9:3C:E8:32:25:3F:EB:AC:7D:51:7E:8F
ValidityWed, 03 Aug 2022 00:00:00 GMT - Wed, 02 Aug 2023 23:59:59 GMT

File type
ASCII text, with very long lines (30837)
Size
5.6 kB (5631 bytes)
Hash
109d1ed85cd01f9cdab73a4cac5bf80d
d6c6498ad46de2d8e2008a8ff68e364ae7f16b32
8b3a74fe462f5b3c0635995fd721a60eb640e237680b0b532b96711f2823e8bc

HTTP Headers

GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: cdnjs.cloudflare.com
Connection: keep-alive
Referer: https://crit.okaynotification.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 30 Apr 2023 19:57:19 GMT
content-type: text/css; charset=utf-8
content-length: 5631
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-7918"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1553750
expires: Fri, 19 Apr 2024 19:57:19 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NNwdrmEk7qCtjl74lmsJ5s5OnC%2Fs0PDFJTtwVIl8wZSJDcfNpyFlk18RyHaUOyeoHoAEn5MSh0vVLRdpLE3jox%2FINWhTM8%2Bgom8QzZQyheRpUoZSS2KH9Ef33r4ZuQWsxYJ2ZJS7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7c025a669876b4ed-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

important.okaynotification.com/js2/t/video2/inc.js

188.114.97.1

34 kB

URL
important.okaynotification.com/js2/t/video2/inc.js
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with CRLF line terminators
Size
34 kB (34448 bytes)
Hash
d452447ba00b18822a2f6db40406f63f
8d08282dcd3d0ed1fc191fe94b2efa708f56e5b3
8412ec06e1027b221f1e5a6354e86f36a8c006b15b12311d63db35b51d043859

HTTP Headers

GET /js2/t/video2/inc.js HTTP/1.1
Host: important.okaynotification.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: important.okaynotification.com
Connection: keep-alive
Referer: https://important.okaynotification.com/js2/t/video2/index.html
Cookie: jjj=12; u=31x4691x1543644ec8198b4c8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 30 Apr 2023 19:57:19 GMT
content-type: application/javascript
last-modified: Mon, 16 Aug 2021 15:15:52 GMT
vary: Accept-Encoding
etag: W/"611a8128-3385"
expires: Sun, 28 Apr 2024 17:28:55 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 95304
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zyhQOSORD87TPsO94WUOwjdl0j26t7wiAAZeyfFHehbNu3BKm3r56PaZDblTd4EJ3qu9oxMXW7LGiVFIQjxPuha9J97mCA7sx1T2V%2FaGlmRTjTF48eMLn6IUXRgtnQInOVzoHvkQLvPfYc2zCgASK%2BQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c025a625faa0b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

crit.okaynotification.com/js2/t/video2/index.html

104.21.84.214

29 kB

URL
crit.okaynotification.com/js2/t/video2/index.html
IP
104.21.84.214:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1051), with CRLF line terminators
Size
29 kB (29422 bytes)
Hash
f6da507a38cbe2d9fa102d3f6a26db5f
9f6639cf958cf5e501cda7ea325c7703ee908dc8
0382880d1a9d8dbecd536d721ffbd7738c16e2f476b10c65d479979207190d2a

HTTP Headers

GET /js2/t/video2/index.html HTTP/1.1
Host: crit.okaynotification.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://big.okaynotification.com/
Cookie: jjj=14; u=31x4691x1543644ec8198b4c8
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 30 Apr 2023 19:57:19 GMT
content-type: text/html
last-modified: Fri, 09 Oct 2020 15:22:15 GMT
vary: Accept-Encoding
expires: Mon, 29 Apr 2024 19:57:19 GMT
cache-control: max-age=31536000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MIrqvsvg4ewutw%2F7qmQH%2FXgW%2B17QtRheBi5lBm6D%2FxAU4pnFkU1L6UoBM9b5R6E6Dgsalwa%2FYR5LniJ%2Bn2fFnCjPo07jXVov%2B8U1yAC71Alfo%2BMrnk0QHfYITY2EP%2FQD3dgSzcQKp3BWRldo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c025a65bb22fabc-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

crit.okaynotification.com/js2/t/video2/style.css

104.21.84.214

56 kB

URL
crit.okaynotification.com/js2/t/video2/style.css
IP
104.21.84.214:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with CRLF line terminators
Size
56 kB (56230 bytes)
Hash
446f763128f9de2231529833843c0066
aef0c520d6e3933f132e69d5285e514b62362475
0056858631d29437477f09462ff55924738930607d9db7e550c4c68402a7978b

HTTP Headers

GET /js2/t/video2/style.css HTTP/1.1
Host: crit.okaynotification.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: crit.okaynotification.com
Connection: keep-alive
Referer: https://crit.okaynotification.com/js2/t/video2/index.html
Cookie: jjj=14; u=31x4691x1543644ec8198b4c8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 30 Apr 2023 19:57:19 GMT
content-type: text/css
last-modified: Thu, 21 May 2020 13:08:20 GMT
vary: Accept-Encoding
etag: W/"5ec67d44-79a"
expires: Sun, 28 Apr 2024 15:00:07 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 104232
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CgCj83gMWJE5FKGZP4ELTkJ%2FAobj%2B4TO9FhLXuVEu01mQUni8EZUd8D45nKsU1%2B59Aa16y3uJGdK6qUKW%2Fp9ak7JjUc0%2FkkiEEOf8u9n%2F%2FpZbywXuzrUFK6HOAdzXt3pOm0QeBKfY0%2Bdz%2Bi7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c025a669bf6fabc-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

104.17.25.14

200 OK

5.6 kB

URL GET HTTP/3
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://memorandum.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA9:11:71:07:07:92:48:7E:A9:3C:E8:32:25:3F:EB:AC:7D:51:7E:8F
ValidityWed, 03 Aug 2022 00:00:00 GMT - Wed, 02 Aug 2023 23:59:59 GMT

File type
ASCII text, with very long lines (30837)
Size
5.6 kB (5631 bytes)
Hash
109d1ed85cd01f9cdab73a4cac5bf80d
d6c6498ad46de2d8e2008a8ff68e364ae7f16b32
8b3a74fe462f5b3c0635995fd721a60eb640e237680b0b532b96711f2823e8bc

HTTP Headers

GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: cdnjs.cloudflare.com
Connection: keep-alive
Referer: https://directive.okaynotification.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 30 Apr 2023 19:57:20 GMT
content-type: text/css; charset=utf-8
content-length: 5631
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-7918"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1553751
expires: Fri, 19 Apr 2024 19:57:20 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uLQqWgrsNtvntMkmWCqeLJYBzGZ%2F%2BP3Em4O4NcQSUH5GqI%2FvuwZpRozbn8kWLMk3KJ2MMYkuh3BdEcQ1nsiYCgFpYZgJXn6J1CvU7jTNMwx8SV8Z79QzZG1wlxmGqkknM%2BnZP4by"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7c025a68cc4fb4ed-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

142.250.74.106

200 OK

31 kB

URL GET HTTP/3
ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://letter.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint78:8B:BB:40:DD:1D:5B:E9:7B:AA:CC:94:45:44:7F:FD:56:6E:E4:60
ValidityMon, 03 Apr 2023 08:24:24 GMT - Mon, 26 Jun 2023 08:24:23 GMT

File type
ASCII text, with very long lines (65451)
Size
31 kB (31021 bytes)
Hash
903bc7a7e510f87aa5d0201eb59a0832
ac9aa4dd94cde1bcba9037e94087138b127e41fc
41a7ac8150cc9f38421451d5143c1ffec7a1f1fafbf7a7fc0f51b98ad699cf8f

HTTP Headers

GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: ajax.googleapis.com
Connection: keep-alive
Referer: https://directive.okaynotification.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31021
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 29 Apr 2023 13:45:37 GMT
expires: Sun, 28 Apr 2024 13:45:37 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 108703
last-modified: Fri, 08 May 2020 07:05:03 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

directive.okaynotification.com/js2/t/video2/style.css

104.21.84.214

26 kB

URL
directive.okaynotification.com/js2/t/video2/style.css
IP
104.21.84.214:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with CRLF line terminators
Size
26 kB (25457 bytes)
Hash
61fadcc0fac3d7335dd2800ceef516f0
7bc11bfe730f610c74351741706b5415a4a59fd2
65b1b23954405e06a63d48694adee3a33acb76c83bbd360c95aa8ec97feb6a98

HTTP Headers

GET /js2/t/video2/style.css HTTP/1.1
Host: directive.okaynotification.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: directive.okaynotification.com
Connection: keep-alive
Referer: https://directive.okaynotification.com/js2/t/video2/index.html
Cookie: jjj=15; u=31x4691x1543644ec8198b4c8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 30 Apr 2023 19:57:20 GMT
content-type: text/css
last-modified: Thu, 21 May 2020 13:08:20 GMT
vary: Accept-Encoding
etag: W/"5ec67d44-79a"
expires: Sun, 28 Apr 2024 17:28:57 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 95303
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cDioMrTB%2BWmTfmhQOB6%2BlzEGGIOfU%2FmUOw%2F6wb4btn4C3ZKUzfbPoFKXpDsW0Y2x0IQ5MzmDk303JcCZ7Ua%2FY0WDbN8x%2B8g73nSN%2Fy7gTc%2FDg%2FHzLNy35ioKfRAsAZIEFNNinPMC6y2ryCRVqJ%2BLx%2F4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c025a68cde8fabc-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

mainstreamlp.s3-eu-west-1.amazonaws.com/cassandra/unnamed.gif

52.218.46.154

200 OK

56 kB

URL GET HTTP/1.1
mainstreamlp.s3-eu-west-1.amazonaws.com/cassandra/unnamed.gif
IP
52.218.46.154:443
ASN
#16509 AMAZON-02

Requested by
https://news.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate
IssuerAmazon
Subject*.s3-eu-west-1.amazonaws.com
Fingerprint65:68:E2:68:16:9C:A1:45:3E:AA:7F:E8:6C:8C:07:12:86:2D:DC:10
ValidityWed, 21 Sep 2022 00:00:00 GMT - Wed, 30 Aug 2023 23:59:59 GMT

File type
GIF image data, version 89a, 250 x 200\012- data
Size
56 kB (55495 bytes)
Hash
426e71e4e8b69c27ca1530ad8ea0f337
25491dd7883395b030d8e57364878ce642834e37
29439e6057faf7858a2ebb5844b6f2751386bd4c39648ea3c2c60d5e1a3f17f1

HTTP Headers

GET /cassandra/unnamed.gif HTTP/1.1
Host: mainstreamlp.s3-eu-west-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://directive.okaynotification.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: 5xI3443IegE1jtJD/u/tMS4ORn7hchss63vxjhO2OT/w7/SBABmuG48uIEcb1nfWhO3nukn5Oss=
x-amz-request-id: RH6T0V2BKSNVD8XP
Date: Sun, 30 Apr 2023 19:57:21 GMT
Last-Modified: Wed, 20 May 2020 16:12:00 GMT
ETag: "426e71e4e8b69c27ca1530ad8ea0f337"
Accept-Ranges: bytes
Content-Type: image/gif
Server: AmazonS3
Content-Length: 55495

crit.okaynotification.com/js2/t/video2/inc.js

104.21.84.214

9.1 kB

URL
crit.okaynotification.com/js2/t/video2/inc.js
IP
104.21.84.214:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with CRLF line terminators
Size
9.1 kB (9058 bytes)
Hash
e287b8fdd03afb692d6eed6e084e0632
ec545b22ce4ec45605951fda19d34725179d5569
2b18f62ab5514d86271b6c6915c793f45d4d6e16019461c818a37dcb175ef63a

HTTP Headers

GET /js2/t/video2/inc.js HTTP/1.1
Host: crit.okaynotification.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: crit.okaynotification.com
Connection: keep-alive
Referer: https://crit.okaynotification.com/js2/t/video2/index.html
Cookie: jjj=14; u=31x4691x1543644ec8198b4c8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 30 Apr 2023 19:57:19 GMT
content-type: application/javascript
last-modified: Mon, 16 Aug 2021 15:15:52 GMT
vary: Accept-Encoding
etag: W/"611a8128-3385"
expires: Sun, 28 Apr 2024 17:28:57 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 95302
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NWrWo2r9OZpJKrVOjZ0iwRpljZOtTEstjX88LFCeia%2F9D4WC5IUIP5bEc%2BUVX0QQYVw0e8x6M1zB%2FYQXIxl9lHIeFhPUzS2WMnrPcgdNY7NjxPhquPRewVJQC9Lkhu6W0AMXhPsySZqOrC%2Bz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c025a669bfafabc-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

142.250.74.106

200 OK

31 kB

URL GET HTTP/3
ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://letter.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint78:8B:BB:40:DD:1D:5B:E9:7B:AA:CC:94:45:44:7F:FD:56:6E:E4:60
ValidityMon, 03 Apr 2023 08:24:24 GMT - Mon, 26 Jun 2023 08:24:23 GMT

File type
ASCII text, with very long lines (65451)
Size
31 kB (31021 bytes)
Hash
903bc7a7e510f87aa5d0201eb59a0832
ac9aa4dd94cde1bcba9037e94087138b127e41fc
41a7ac8150cc9f38421451d5143c1ffec7a1f1fafbf7a7fc0f51b98ad699cf8f

HTTP Headers

GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: ajax.googleapis.com
Connection: keep-alive
Referer: https://letter.okaynotification.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31021
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 29 Apr 2023 13:45:37 GMT
expires: Sun, 28 Apr 2024 13:45:37 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 108703
last-modified: Fri, 08 May 2020 07:05:03 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

directive.okaynotification.com/js2/t/video2/index.html

104.21.84.214

30 kB

URL
directive.okaynotification.com/js2/t/video2/index.html
IP
104.21.84.214:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1051), with CRLF line terminators
Size
30 kB (30187 bytes)
Hash
c56a08490cd2b83c9714b2452dc7416c
d9391f2533b209e2eb8b9f1972d4778db3ad675c
9bcf73338b495130ddf4e6f9849a670a23d82d617d04e643390194b08c82ab41

HTTP Headers

GET /js2/t/video2/index.html HTTP/1.1
Host: directive.okaynotification.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crit.okaynotification.com/
Cookie: jjj=15; u=31x4691x1543644ec8198b4c8
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 30 Apr 2023 19:57:20 GMT
content-type: text/html
last-modified: Fri, 09 Oct 2020 15:22:15 GMT
vary: Accept-Encoding
expires: Mon, 29 Apr 2024 19:57:20 GMT
cache-control: max-age=31536000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y3GIp5%2BjsXJYWVepO4k1OM9UHVqS3uZpyTPuggkXbWdCFFQ%2FJ0pqf4WsYj0i9a2RTQxrdpyoXeMAKBvvAPbAInsuzmxhaKJ37f7WI6Tf75%2FmsXjfAscMyj4F4sHDLztwK9vtVCi1wmYy4%2Fg2B%2F3rLHA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c025a67ccfbfabc-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

mainstreamlp.s3-eu-west-1.amazonaws.com/cassandra/unnamed.gif

52.218.46.154

200 OK

56 kB

URL GET HTTP/1.1
mainstreamlp.s3-eu-west-1.amazonaws.com/cassandra/unnamed.gif
IP
52.218.46.154:443
ASN
#16509 AMAZON-02

Requested by
https://news.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate
IssuerAmazon
Subject*.s3-eu-west-1.amazonaws.com
Fingerprint65:68:E2:68:16:9C:A1:45:3E:AA:7F:E8:6C:8C:07:12:86:2D:DC:10
ValidityWed, 21 Sep 2022 00:00:00 GMT - Wed, 30 Aug 2023 23:59:59 GMT

File type
GIF image data, version 89a, 250 x 200\012- data
Size
56 kB (55495 bytes)
Hash
426e71e4e8b69c27ca1530ad8ea0f337
25491dd7883395b030d8e57364878ce642834e37
29439e6057faf7858a2ebb5844b6f2751386bd4c39648ea3c2c60d5e1a3f17f1

HTTP Headers

GET /cassandra/unnamed.gif HTTP/1.1
Host: mainstreamlp.s3-eu-west-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://letter.okaynotification.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: KHM4kK4V3LXTNycDAgbgIqmDL0S4/n9zWix2/oDnIbaFaL+hmb+MTKQD1sbUhncuWb0EzD4DjZ8=
x-amz-request-id: RH6YEF57VVV8KHD8
Date: Sun, 30 Apr 2023 19:57:21 GMT
Last-Modified: Wed, 20 May 2020 16:12:00 GMT
ETag: "426e71e4e8b69c27ca1530ad8ea0f337"
Accept-Ranges: bytes
Content-Type: image/gif
Server: AmazonS3
Content-Length: 55495

letter.okaynotification.com/js2/t/video2/index.html

104.21.84.214

36 kB

URL
letter.okaynotification.com/js2/t/video2/index.html
IP
104.21.84.214:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1051), with CRLF line terminators
Size
36 kB (35721 bytes)
Hash
d56cc6d834dafc3c16a5b81b16c06b34
de53f4508f80241d2d0d451b9e427aac12b08642
c44a9fce2960f3b42f211bd48a37c501f2bb575adfc6ce4edf153f0f6b1cb585

HTTP Headers

GET /js2/t/video2/index.html HTTP/1.1
Host: letter.okaynotification.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://directive.okaynotification.com/
Cookie: jjj=16; u=31x4691x1543644ec8198b4c8
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 30 Apr 2023 19:57:20 GMT
content-type: text/html
last-modified: Fri, 09 Oct 2020 15:22:15 GMT
vary: Accept-Encoding
expires: Mon, 29 Apr 2024 19:57:20 GMT
cache-control: max-age=31536000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y7w7KnSLsG1r%2FCblxlG14%2F8OWvqWtJLkp2V4GRjmeLwKFrHL%2FWzuO7fC%2BCjlTNdKxurrn6QM5DVsrv0yugzyYjDN9HiEt9pYsMR5hTQ1gb4PYTDEZZXcW2Ppf9jgBvUsYZY9gkfkuwlTxhy%2FuOE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c025a69decefabc-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

104.17.25.14

200 OK

5.6 kB

URL GET HTTP/3
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://memorandum.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA9:11:71:07:07:92:48:7E:A9:3C:E8:32:25:3F:EB:AC:7D:51:7E:8F
ValidityWed, 03 Aug 2022 00:00:00 GMT - Wed, 02 Aug 2023 23:59:59 GMT

File type
ASCII text, with very long lines (30837)
Size
5.6 kB (5631 bytes)
Hash
109d1ed85cd01f9cdab73a4cac5bf80d
d6c6498ad46de2d8e2008a8ff68e364ae7f16b32
8b3a74fe462f5b3c0635995fd721a60eb640e237680b0b532b96711f2823e8bc

HTTP Headers

GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: cdnjs.cloudflare.com
Connection: keep-alive
Referer: https://memo.okaynotification.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 30 Apr 2023 19:57:20 GMT
content-type: text/css; charset=utf-8
content-length: 5631
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-7918"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1553751
expires: Fri, 19 Apr 2024 19:57:20 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yz9W9SnXp%2Bf653SOWcCaKJRcwddIMzmGZEGUd6KLtZ4WpPePeaLxVJZZHprTJqmTps80f%2F7i%2B%2BzRXVuXizRtorQz7sMy9AEx0bW3ZWfPRxOZ5whgpmYGUS%2F6WBZa1NyyuhBzhbuj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7c025a6cbb99b4ed-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

mainstreamlp.s3-eu-west-1.amazonaws.com/cassandra/giphy.gif

52.218.46.154

25 kB

URL GET
mainstreamlp.s3-eu-west-1.amazonaws.com/cassandra/giphy.gif
IP
52.218.46.154:0
ASN
#16509 AMAZON-02

Requested by
https://note.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate
IssuerAmazon
Subject*.s3-eu-west-1.amazonaws.com
Fingerprint65:68:E2:68:16:9C:A1:45:3E:AA:7F:E8:6C:8C:07:12:86:2D:DC:10
ValidityWed, 21 Sep 2022 00:00:00 GMT - Wed, 30 Aug 2023 23:59:59 GMT

File type
GIF image data, version 89a, 480 x 480\012- data
Size
25 kB (24722 bytes)
Hash
7e3fce0b52710d1cff60184ab6957570
44d0b8f01481a72a93da9a5b37898d15d33e6ad6
b0f4b9ef95abb8ac47aeea2bedfbcd0df609b82a1c6cb4f73497a3b061929074

HTTP Headers

GET /cassandra/giphy.gif HTTP/1.1
Host: mainstreamlp.s3-eu-west-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://memo.okaynotification.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: G1GwiGPCKvzZ4LmX9tOB1VkFmAr2HEYcc4Rnk8XUf6YlrHWFxOnhsA1q0xQJug0hyRWI1qMLaGU=
x-amz-request-id: RH6JQHCT358NPN68
Date: Sun, 30 Apr 2023 19:57:21 GMT
Last-Modified: Wed, 20 May 2020 16:30:23 GMT
ETag: "7e3fce0b52710d1cff60184ab6957570"
Accept-Ranges: bytes
Content-Type: image/gif
Server: AmazonS3
Content-Length: 24722

mainstreamlp.s3-eu-west-1.amazonaws.com/cassandra/unnamed.gif

52.218.46.154

200 OK

56 kB

URL GET HTTP/1.1
mainstreamlp.s3-eu-west-1.amazonaws.com/cassandra/unnamed.gif
IP
52.218.46.154:443
ASN
#16509 AMAZON-02

Requested by
https://news.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate
IssuerAmazon
Subject*.s3-eu-west-1.amazonaws.com
Fingerprint65:68:E2:68:16:9C:A1:45:3E:AA:7F:E8:6C:8C:07:12:86:2D:DC:10
ValidityWed, 21 Sep 2022 00:00:00 GMT - Wed, 30 Aug 2023 23:59:59 GMT

File type
GIF image data, version 89a, 250 x 200\012- data
Size
56 kB (55495 bytes)
Hash
426e71e4e8b69c27ca1530ad8ea0f337
25491dd7883395b030d8e57364878ce642834e37
29439e6057faf7858a2ebb5844b6f2751386bd4c39648ea3c2c60d5e1a3f17f1

HTTP Headers

GET /cassandra/unnamed.gif HTTP/1.1
Host: mainstreamlp.s3-eu-west-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://memo.okaynotification.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: CYUe/EbWtWs9M3d/mm+mykFVmZ6iXO6dV+cG39cP7WOPnN45uBZq/4I2p7iCOj3saJvhiPp8P20=
x-amz-request-id: RH6HD012Z7MFK3MJ
Date: Sun, 30 Apr 2023 19:57:21 GMT
Last-Modified: Wed, 20 May 2020 16:12:00 GMT
ETag: "426e71e4e8b69c27ca1530ad8ea0f337"
Accept-Ranges: bytes
Content-Type: image/gif
Server: AmazonS3
Content-Length: 55495

memorandum.okaynotification.com/js2/t/video2/index.html

188.114.97.1

10 kB

URL
memorandum.okaynotification.com/js2/t/video2/index.html
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1051), with CRLF line terminators
Size
10 kB (10331 bytes)
Hash
5b1a27a94112efc1f91e5b578465fcad
6e21149abfc451cf5b99d5d247afa66ee2bd9bde
64fc3c9df87d6d9f26745d52bd015f0949646d76c7ef03afe29a07d18432f13f

HTTP Headers

GET /js2/t/video2/index.html HTTP/1.1
Host: memorandum.okaynotification.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://memo.okaynotification.com/
Cookie: jjj=18; u=31x4691x1543644ec8198b4c8
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 30 Apr 2023 19:57:21 GMT
content-type: text/html
last-modified: Fri, 09 Oct 2020 15:22:15 GMT
vary: Accept-Encoding
expires: Mon, 29 Apr 2024 19:57:21 GMT
cache-control: max-age=31536000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x35r6YlF%2FEM0%2BiTYEYfTVQoj2MEb9xjqmTgsh0gv2snuPxrFynXjoIqJQx4OmEXallz9rjb6rSnP3Bs7mjNJZClgDXP6g%2FQMsEgKe%2Fdjz%2BzIvMrBbeosqTofDyF3zwDRKyFIrARf%2BR60gsRMrN%2B1YI1A"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c025a6e0e460b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

142.250.74.106

200 OK

31 kB

URL GET HTTP/3
ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://letter.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint78:8B:BB:40:DD:1D:5B:E9:7B:AA:CC:94:45:44:7F:FD:56:6E:E4:60
ValidityMon, 03 Apr 2023 08:24:24 GMT - Mon, 26 Jun 2023 08:24:23 GMT

File type
ASCII text, with very long lines (65451)
Size
31 kB (31021 bytes)
Hash
903bc7a7e510f87aa5d0201eb59a0832
ac9aa4dd94cde1bcba9037e94087138b127e41fc
41a7ac8150cc9f38421451d5143c1ffec7a1f1fafbf7a7fc0f51b98ad699cf8f

HTTP Headers

GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: ajax.googleapis.com
Connection: keep-alive
Referer: https://memorandum.okaynotification.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31021
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 29 Apr 2023 13:45:37 GMT
expires: Sun, 28 Apr 2024 13:45:37 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 108704
last-modified: Fri, 08 May 2020 07:05:03 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

mainstreamlp.s3-eu-west-1.amazonaws.com/cassandra/unnamed.gif

52.218.46.154

200 OK

56 kB

URL GET HTTP/1.1
mainstreamlp.s3-eu-west-1.amazonaws.com/cassandra/unnamed.gif
IP
52.218.46.154:443
ASN
#16509 AMAZON-02

Requested by
https://news.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate
IssuerAmazon
Subject*.s3-eu-west-1.amazonaws.com
Fingerprint65:68:E2:68:16:9C:A1:45:3E:AA:7F:E8:6C:8C:07:12:86:2D:DC:10
ValidityWed, 21 Sep 2022 00:00:00 GMT - Wed, 30 Aug 2023 23:59:59 GMT

File type
GIF image data, version 89a, 250 x 200\012- data
Size
56 kB (55495 bytes)
Hash
426e71e4e8b69c27ca1530ad8ea0f337
25491dd7883395b030d8e57364878ce642834e37
29439e6057faf7858a2ebb5844b6f2751386bd4c39648ea3c2c60d5e1a3f17f1

HTTP Headers

GET /cassandra/unnamed.gif HTTP/1.1
Host: mainstreamlp.s3-eu-west-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://memorandum.okaynotification.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: iyiVsD+4oW+Z5VDJ+ah1IQGXyMAGtzj4pxaSYLuuBB7lntUWnbIeBz49AUCr0v0I/m/vtp590MM=
x-amz-request-id: N80HHTB8NE2606TH
Date: Sun, 30 Apr 2023 19:57:22 GMT
Last-Modified: Wed, 20 May 2020 16:12:00 GMT
ETag: "426e71e4e8b69c27ca1530ad8ea0f337"
Accept-Ranges: bytes
Content-Type: image/gif
Server: AmazonS3
Content-Length: 55495

memo.okaynotification.com/js2/t/video2/index.html

188.114.97.1

31 kB

URL
memo.okaynotification.com/js2/t/video2/index.html
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1051), with CRLF line terminators
Size
31 kB (30892 bytes)
Hash
1d018158b0da4b2c372da889143b7c83
f6b07baadcecaf3d861d15851e22aa4e6fc4afa5
a485d0653d9410bfd75d0f4deaf611651872e8a8ac8727dd92d9c7ed3b498491

HTTP Headers

GET /js2/t/video2/index.html HTTP/1.1
Host: memo.okaynotification.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://letter.okaynotification.com/
Cookie: jjj=17; u=31x4691x1543644ec8198b4c8
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 30 Apr 2023 19:57:20 GMT
content-type: text/html
last-modified: Fri, 09 Oct 2020 15:22:15 GMT
vary: Accept-Encoding
expires: Mon, 29 Apr 2024 19:57:20 GMT
cache-control: max-age=31536000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2bbLYwAyfIZaeVFsOh4p3Bvwji%2F6j1yYtNJGU%2B47nLWoEBRPugH8ArLFjxd6Mmkp38fGQRK4ELjPCj2AmsKFsaIiQWZgoXAlRrgtIfF7Ea%2FMsqTevURy%2FR9TMnKgbcVA4vjHbVX84%2FJ5GX%2F9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c025a6bfb610b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

104.17.25.14

200 OK

5.6 kB

URL GET HTTP/3
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://memorandum.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA9:11:71:07:07:92:48:7E:A9:3C:E8:32:25:3F:EB:AC:7D:51:7E:8F
ValidityWed, 03 Aug 2022 00:00:00 GMT - Wed, 02 Aug 2023 23:59:59 GMT

File type
ASCII text, with very long lines (30837)
Size
5.6 kB (5631 bytes)
Hash
109d1ed85cd01f9cdab73a4cac5bf80d
d6c6498ad46de2d8e2008a8ff68e364ae7f16b32
8b3a74fe462f5b3c0635995fd721a60eb640e237680b0b532b96711f2823e8bc

HTTP Headers

GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: cdnjs.cloudflare.com
Connection: keep-alive
Referer: https://news.okaynotification.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 30 Apr 2023 19:57:21 GMT
content-type: text/css; charset=utf-8
content-length: 5631
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-7918"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1553752
expires: Fri, 19 Apr 2024 19:57:21 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VW2BxzDYMnP3DhuW%2BMZFoIUF5O2H9Fa8m8Y6Fcwgq6Eh9I1v48SwlUUuujsNEf37nAtpvQ0s9q2MiULEX7mr7b44%2FmPVZOLvFk1YYE%2FdZz9NcZoUKvC6H91dmvwruA4%2F2REpUnv7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7c025a70dba3b4ed-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

memorandum.okaynotification.com/js2/t/video2/inc.js

188.114.97.1

34 kB

URL
memorandum.okaynotification.com/js2/t/video2/inc.js
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with CRLF line terminators
Size
34 kB (34448 bytes)
Hash
d452447ba00b18822a2f6db40406f63f
8d08282dcd3d0ed1fc191fe94b2efa708f56e5b3
8412ec06e1027b221f1e5a6354e86f36a8c006b15b12311d63db35b51d043859

HTTP Headers

GET /js2/t/video2/inc.js HTTP/1.1
Host: memorandum.okaynotification.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: memorandum.okaynotification.com
Connection: keep-alive
Referer: https://memorandum.okaynotification.com/js2/t/video2/index.html
Cookie: jjj=18; u=31x4691x1543644ec8198b4c8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 30 Apr 2023 19:57:21 GMT
content-type: application/javascript
last-modified: Mon, 16 Aug 2021 15:15:52 GMT
vary: Accept-Encoding
etag: W/"611a8128-3385"
expires: Sun, 28 Apr 2024 17:28:59 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 95302
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7gs%2Fp1ogsdnXvwb6vQocvSel9p7zFNrTgrKSWYIoffjYveTtciVEQC9l8d7ZrLdwVs0RHxHqRrztkeAYLTZRY5P0ltiRjKOE1bMMavVF68S1Dp%2BUQLT14uKRjccc3f%2FgJJ%2FheVpJ2oKjpUmFe13xOyPl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c025a6edf180b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

mainstreamlp.s3-eu-west-1.amazonaws.com/cassandra/giphy.gif

52.218.46.154

25 kB

URL GET
mainstreamlp.s3-eu-west-1.amazonaws.com/cassandra/giphy.gif
IP
52.218.46.154:0
ASN
#16509 AMAZON-02

Requested by
https://note.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate
IssuerAmazon
Subject*.s3-eu-west-1.amazonaws.com
Fingerprint65:68:E2:68:16:9C:A1:45:3E:AA:7F:E8:6C:8C:07:12:86:2D:DC:10
ValidityWed, 21 Sep 2022 00:00:00 GMT - Wed, 30 Aug 2023 23:59:59 GMT

File type
GIF image data, version 89a, 480 x 480\012- data
Size
25 kB (24722 bytes)
Hash
7e3fce0b52710d1cff60184ab6957570
44d0b8f01481a72a93da9a5b37898d15d33e6ad6
b0f4b9ef95abb8ac47aeea2bedfbcd0df609b82a1c6cb4f73497a3b061929074

HTTP Headers

GET /cassandra/giphy.gif HTTP/1.1
Host: mainstreamlp.s3-eu-west-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news.okaynotification.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: +AYlEzuFqvRPri9ZE/3sYISqOOUItXh3bGbZaLUyz3W4r2n+lSITT0IBQLilPBKbtY1T9rqnciQ=
x-amz-request-id: N80SS24P7WNKTHAW
Date: Sun, 30 Apr 2023 19:57:22 GMT
Last-Modified: Wed, 20 May 2020 16:30:23 GMT
ETag: "7e3fce0b52710d1cff60184ab6957570"
Accept-Ranges: bytes
Content-Type: image/gif
Server: AmazonS3
Content-Length: 24722

news.okaynotification.com/js2/t/video2/style.css

188.114.97.1

56 kB

URL
news.okaynotification.com/js2/t/video2/style.css
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with CRLF line terminators
Size
56 kB (56230 bytes)
Hash
446f763128f9de2231529833843c0066
aef0c520d6e3933f132e69d5285e514b62362475
0056858631d29437477f09462ff55924738930607d9db7e550c4c68402a7978b

HTTP Headers

GET /js2/t/video2/style.css HTTP/1.1
Host: news.okaynotification.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: news.okaynotification.com
Connection: keep-alive
Referer: https://news.okaynotification.com/js2/t/video2/index.html
Cookie: jjj=19; u=31x4691x1543644ec8198b4c8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 30 Apr 2023 19:57:21 GMT
content-type: text/css
last-modified: Thu, 21 May 2020 13:08:20 GMT
vary: Accept-Encoding
etag: W/"5ec67d44-79a"
expires: Sun, 28 Apr 2024 15:00:09 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 104232
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WR2pBiKW8AybpmUGF%2BqbQjB16iyh4T%2BmDYlhPRZAxOWMb9VIL03PcVKKA8Pjpg8EMJUxnHThdblxV%2BQYWRHFbykbKQldp6gJ39umWLqiKr0%2FMs6Z3fvhsr5vPPEEJa899tV32Ipm6grGWt8k"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c025a70d9f80b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

letter.okaynotification.com/js2/t/video2/inc.js

104.21.84.214

12 kB

URL
letter.okaynotification.com/js2/t/video2/inc.js
IP
104.21.84.214:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with CRLF line terminators
Size
12 kB (12485 bytes)
Hash
21381d506f7bf0633a2d53c810629571
9bccfe5aabb0478fe1f98a4fbb6d633b69a6190e
874edb502239ed75e62a4ea8d76cf79c41f8d4078555b0f257a7e4774eeb8bf7

HTTP Headers

GET /js2/t/video2/inc.js HTTP/1.1
Host: letter.okaynotification.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: letter.okaynotification.com
Connection: keep-alive
Referer: https://letter.okaynotification.com/js2/t/video2/index.html
Cookie: jjj=16; u=31x4691x1543644ec8198b4c8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 30 Apr 2023 19:57:20 GMT
content-type: application/javascript
last-modified: Mon, 16 Aug 2021 15:15:52 GMT
vary: Accept-Encoding
etag: W/"611a8128-3385"
expires: Sun, 28 Apr 2024 17:28:58 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 95302
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QkwN33KJ5LfmB5hOQ8EbivDkD2BER2koTLMe24x3%2B37X%2F6Twel6Aw5MbJe3qd7Kj2v42xuTLuXojxCO9ddjKk1V07p9VOUb6miRkeMHJmWwLP01c57BrSEnuRrU2W7tioQMS4IaRx%2Byb4P3owQA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c025a6adfa4fabc-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

142.250.74.106

200 OK

31 kB

URL GET HTTP/3
ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://letter.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint78:8B:BB:40:DD:1D:5B:E9:7B:AA:CC:94:45:44:7F:FD:56:6E:E4:60
ValidityMon, 03 Apr 2023 08:24:24 GMT - Mon, 26 Jun 2023 08:24:23 GMT

File type
ASCII text, with very long lines (65451)
Size
31 kB (31021 bytes)
Hash
903bc7a7e510f87aa5d0201eb59a0832
ac9aa4dd94cde1bcba9037e94087138b127e41fc
41a7ac8150cc9f38421451d5143c1ffec7a1f1fafbf7a7fc0f51b98ad699cf8f

HTTP Headers

GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: ajax.googleapis.com
Connection: keep-alive
Referer: https://note.okaynotification.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31021
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 29 Apr 2023 13:45:37 GMT
expires: Sun, 28 Apr 2024 13:45:37 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 108704
last-modified: Fri, 08 May 2020 07:05:03 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

news.okaynotification.com/js2/t/video2/index.html

188.114.97.1

35 kB

URL
news.okaynotification.com/js2/t/video2/index.html
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1051), with CRLF line terminators
Size
35 kB (34857 bytes)
Hash
e99118478f506f81f83c4bcb02af6714
24fcf6c78b5e3054b8c7e6e2337d6e30c9d93cfc
5765d6c612b52ecebe42ffc2ac10d5c61273ef52b799c5b367bed5143a850607

HTTP Headers

GET /js2/t/video2/index.html HTTP/1.1
Host: news.okaynotification.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://memorandum.okaynotification.com/
Cookie: jjj=19; u=31x4691x1543644ec8198b4c8
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 30 Apr 2023 19:57:21 GMT
content-type: text/html
last-modified: Fri, 09 Oct 2020 15:22:15 GMT
vary: Accept-Encoding
expires: Mon, 29 Apr 2024 19:57:21 GMT
cache-control: max-age=31536000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PLAcwulE%2FEFnsiHiTrGzfvQVkT0mKVu%2FvtBKJZCRwUu2mmgg%2F6WWAxEYihJrgipDdXAWsjnQfRGUwQPYKhWVgR9F%2F5jdR4hFJ59FrZh29jFPX%2FE4J5DcUrWFl5TfoyVPJJqlqrdqvIbNlNhq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c025a7029220b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

mainstreamlp.s3-eu-west-1.amazonaws.com/cassandra/unnamed.gif

52.218.46.154

200 OK

56 kB

URL GET HTTP/1.1
mainstreamlp.s3-eu-west-1.amazonaws.com/cassandra/unnamed.gif
IP
52.218.46.154:443
ASN
#16509 AMAZON-02

Requested by
https://news.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate
IssuerAmazon
Subject*.s3-eu-west-1.amazonaws.com
Fingerprint65:68:E2:68:16:9C:A1:45:3E:AA:7F:E8:6C:8C:07:12:86:2D:DC:10
ValidityWed, 21 Sep 2022 00:00:00 GMT - Wed, 30 Aug 2023 23:59:59 GMT

File type
GIF image data, version 89a, 250 x 200\012- data
Size
56 kB (55495 bytes)
Hash
426e71e4e8b69c27ca1530ad8ea0f337
25491dd7883395b030d8e57364878ce642834e37
29439e6057faf7858a2ebb5844b6f2751386bd4c39648ea3c2c60d5e1a3f17f1

HTTP Headers

GET /cassandra/unnamed.gif HTTP/1.1
Host: mainstreamlp.s3-eu-west-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://note.okaynotification.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: VYgzVhEkf+0Lvk7y43RzKDUqYrFJTFa8WceBPyf1NubfBgVnJTFuWyJ3Q5K83mpQAIwP04fc+JY=
x-amz-request-id: N80P4APYHXE4C7T9
Date: Sun, 30 Apr 2023 19:57:22 GMT
Last-Modified: Wed, 20 May 2020 16:12:00 GMT
ETag: "426e71e4e8b69c27ca1530ad8ea0f337"
Accept-Ranges: bytes
Content-Type: image/gif
Server: AmazonS3
Content-Length: 55495

cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

104.17.25.14

200 OK

5.6 kB

URL GET HTTP/3
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://memorandum.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA9:11:71:07:07:92:48:7E:A9:3C:E8:32:25:3F:EB:AC:7D:51:7E:8F
ValidityWed, 03 Aug 2022 00:00:00 GMT - Wed, 02 Aug 2023 23:59:59 GMT

File type
ASCII text, with very long lines (30837)
Size
5.6 kB (5631 bytes)
Hash
109d1ed85cd01f9cdab73a4cac5bf80d
d6c6498ad46de2d8e2008a8ff68e364ae7f16b32
8b3a74fe462f5b3c0635995fd721a60eb640e237680b0b532b96711f2823e8bc

HTTP Headers

GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: cdnjs.cloudflare.com
Connection: keep-alive
Referer: https://word.okaynotification.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 30 Apr 2023 19:57:22 GMT
content-type: text/css; charset=utf-8
content-length: 5631
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-7918"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1553753
expires: Fri, 19 Apr 2024 19:57:22 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GeOVSYXStmcSJJqY%2Fn7BA6ydr2beNlfpcFhPR4tuAZzfSgsB1%2FVTdD0d4Ta7OR04V2BFsoNIviQAg5hE0X5NyN5jmjnsikfk6ggjXThKvcmy37Z87KBKeJYDbQI8f7RX8kYx0CQY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7c025a751b26b4ed-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

unread.okaynotification.com/js2/t/video2/inc.js

104.21.84.214

34 kB

URL
unread.okaynotification.com/js2/t/video2/inc.js
IP
104.21.84.214:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with CRLF line terminators
Size
34 kB (34448 bytes)
Hash
d452447ba00b18822a2f6db40406f63f
8d08282dcd3d0ed1fc191fe94b2efa708f56e5b3
8412ec06e1027b221f1e5a6354e86f36a8c006b15b12311d63db35b51d043859

HTTP Headers

GET /js2/t/video2/inc.js HTTP/1.1
Host: unread.okaynotification.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: unread.okaynotification.com
Connection: keep-alive
Referer: https://unread.okaynotification.com/js2/t/video2/index.html
Cookie: jjj=8; u=31x4691x1543644ec8198b4c8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 30 Apr 2023 19:57:17 GMT
content-type: application/javascript
last-modified: Mon, 16 Aug 2021 15:15:52 GMT
vary: Accept-Encoding
etag: W/"611a8128-3385"
expires: Sun, 28 Apr 2024 10:25:06 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 120731
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0htYvBBN8jF28GaqQkDD8G9pQLOsaTLqyR1m8DkJMBzrxuO%2BZMlhsICbTybiNx7TE99HqDd08K1gJB481tuCg8ybVn6kWzmTfxbLWArqwimpDwc4p2I33EvlsVx4ljxucDS9FLPrUxemzh4WUNA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c025a595f73fabc-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

click.okaynotification.com/js2/t/video2/index.html

104.21.84.214

30 kB

URL
click.okaynotification.com/js2/t/video2/index.html
IP
104.21.84.214:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1051), with CRLF line terminators
Size
30 kB (30157 bytes)
Hash
7cf634d9c4487f1eb951466235d9d43b
f8e9a35ce875910132b06b6da86d71254e1f35b4
2a1099b9552c14808f72c7bfb6569086075030ff9c983979d1a9ee9b8f42bba7

HTTP Headers

GET /js2/t/video2/index.html HTTP/1.1
Host: click.okaynotification.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://notice.okaynotification.com/
Cookie: jjj=3; u=31x4691x1543644ec8198b4c8
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 30 Apr 2023 19:57:15 GMT
content-type: text/html
last-modified: Fri, 09 Oct 2020 15:22:15 GMT
vary: Accept-Encoding
expires: Mon, 29 Apr 2024 19:57:15 GMT
cache-control: max-age=31536000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vbwx8L4vORBoAyL1PB6fbxSxJG1U3MmE1r5DhbxXmEJKSvP%2Bzvm7dfL3pPCJBLKYP%2BBCf0dx2nXtbV%2FuwCmqt0jL4PtFdO73zHz%2FK957AaDy9pRwUTB8jkiKhFAZ8bbIP6MUIcsR19DY3qR9vA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c025a4c6f5bb4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

word.okaynotification.com/js2/t/video2/index.html

188.114.97.1

60 kB

URL
word.okaynotification.com/js2/t/video2/index.html
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1051), with CRLF line terminators
Size
60 kB (60225 bytes)
Hash
291bf03d15a76f032f9ebc22ffc5675c
b1b8d9247783d0c7dbe9c2ea154f1d3421561988
22662f082136316da80b89bc6b6c6d28bbd720f53c4ee51c67a2ef5c09b55f96

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js2/t/video2/index.html HTTP/1.1
Host: word.okaynotification.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://note.okaynotification.com/
Cookie: jjj=21; u=31x4691x1543644ec8198b4c8
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 30 Apr 2023 19:57:21 GMT
content-type: text/html
last-modified: Fri, 09 Oct 2020 15:22:15 GMT
vary: Accept-Encoding
expires: Mon, 29 Apr 2024 19:57:21 GMT
cache-control: max-age=31536000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V%2BdnnZFQ3LlxNP8SOg8%2FWArrDYG1BJ2mt%2F3vX2pZdHZQ9kcML0stY0kcVZxkSRa7TVmku0SXAn%2BH2Q0L1FuUiughVjBaUgtg%2B9C17Aj8nSjxoUXEnzb7X4LsJjTDf1BUt4F2RfOQNfEohTuY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c025a73ed7f0b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

104.17.25.14

200 OK

5.6 kB

URL GET HTTP/3
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://memorandum.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA9:11:71:07:07:92:48:7E:A9:3C:E8:32:25:3F:EB:AC:7D:51:7E:8F
ValidityWed, 03 Aug 2022 00:00:00 GMT - Wed, 02 Aug 2023 23:59:59 GMT

File type
ASCII text, with very long lines (30837)
Size
5.6 kB (5631 bytes)
Hash
109d1ed85cd01f9cdab73a4cac5bf80d
d6c6498ad46de2d8e2008a8ff68e364ae7f16b32
8b3a74fe462f5b3c0635995fd721a60eb640e237680b0b532b96711f2823e8bc

HTTP Headers

GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: cdnjs.cloudflare.com
Connection: keep-alive
Referer: https://cannonball.okaynotification.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 30 Apr 2023 19:57:22 GMT
content-type: text/css; charset=utf-8
content-length: 5631
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-7918"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1553753
expires: Fri, 19 Apr 2024 19:57:22 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K1NfAx3UUkqrWtPcyoQId2M1XeC0Vril4h7Mu1iUaGsP27F3%2FkPNVmhphlR7ZcIYBIlQr6%2Bs2tRbouCb6qijYdnlrmyWnYAOC2vHgfP995RNY4hLaVG%2BBqxvOnc%2FLfOVIaFSxCDh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7c025a781872b4ed-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

142.250.74.106

200 OK

31 kB

URL GET HTTP/3
ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://letter.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint78:8B:BB:40:DD:1D:5B:E9:7B:AA:CC:94:45:44:7F:FD:56:6E:E4:60
ValidityMon, 03 Apr 2023 08:24:24 GMT - Mon, 26 Jun 2023 08:24:23 GMT

File type
ASCII text, with very long lines (65451)
Size
31 kB (31021 bytes)
Hash
903bc7a7e510f87aa5d0201eb59a0832
ac9aa4dd94cde1bcba9037e94087138b127e41fc
41a7ac8150cc9f38421451d5143c1ffec7a1f1fafbf7a7fc0f51b98ad699cf8f

HTTP Headers

GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: ajax.googleapis.com
Connection: keep-alive
Referer: https://cannonball.okaynotification.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31021
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 29 Apr 2023 13:45:37 GMT
expires: Sun, 28 Apr 2024 13:45:37 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 108705
last-modified: Fri, 08 May 2020 07:05:03 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

mainstreamlp.s3-eu-west-1.amazonaws.com/cassandra/unnamed.gif

52.218.46.154

200 OK

56 kB

URL GET HTTP/1.1
mainstreamlp.s3-eu-west-1.amazonaws.com/cassandra/unnamed.gif
IP
52.218.46.154:443
ASN
#16509 AMAZON-02

Requested by
https://news.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate
IssuerAmazon
Subject*.s3-eu-west-1.amazonaws.com
Fingerprint65:68:E2:68:16:9C:A1:45:3E:AA:7F:E8:6C:8C:07:12:86:2D:DC:10
ValidityWed, 21 Sep 2022 00:00:00 GMT - Wed, 30 Aug 2023 23:59:59 GMT

File type
GIF image data, version 89a, 250 x 200\012- data
Size
56 kB (55495 bytes)
Hash
426e71e4e8b69c27ca1530ad8ea0f337
25491dd7883395b030d8e57364878ce642834e37
29439e6057faf7858a2ebb5844b6f2751386bd4c39648ea3c2c60d5e1a3f17f1

HTTP Headers

GET /cassandra/unnamed.gif HTTP/1.1
Host: mainstreamlp.s3-eu-west-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cannonball.okaynotification.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: NHjj7K694SKO8KTG4kWSsRnHDSBK16lSqQH6IX9yNkGhzn178OsYy8yn1YH69X+KIbESadOUwCo=
x-amz-request-id: K4N25HDV4KJDTH8Y
Date: Sun, 30 Apr 2023 19:57:23 GMT
Last-Modified: Wed, 20 May 2020 16:12:00 GMT
ETag: "426e71e4e8b69c27ca1530ad8ea0f337"
Accept-Ranges: bytes
Content-Type: image/gif
Server: AmazonS3
Content-Length: 55495

cannonball.okaynotification.com/js2/t/video2/index.html

188.114.97.1

30 kB

URL
cannonball.okaynotification.com/js2/t/video2/index.html
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1051), with CRLF line terminators
Size
30 kB (30157 bytes)
Hash
7cf634d9c4487f1eb951466235d9d43b
f8e9a35ce875910132b06b6da86d71254e1f35b4
2a1099b9552c14808f72c7bfb6569086075030ff9c983979d1a9ee9b8f42bba7

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js2/t/video2/index.html HTTP/1.1
Host: cannonball.okaynotification.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://word.okaynotification.com/
Cookie: jjj=22; u=31x4691x1543644ec8198b4c8
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 30 Apr 2023 19:57:22 GMT
content-type: text/html
last-modified: Fri, 09 Oct 2020 15:22:15 GMT
vary: Accept-Encoding
expires: Mon, 29 Apr 2024 19:57:22 GMT
cache-control: max-age=31536000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DnQmKemJ4ii3t9zhTz7VDwn%2BmOh%2BmoRXdcY7A4hGiPRicThTHiYSYLJJSK8x%2Ff%2FIlrY1slCFaJIJOPsM4QoFEz0%2Bwdh2ZAdtXNwVXpW9bzX7U54eTE8JtAhXGYC7Pvn8%2BmBnFVHNw5FXF0xmYd8yl3sc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c025a7668a90b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

104.17.25.14

200 OK

5.6 kB

URL GET HTTP/3
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://memorandum.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA9:11:71:07:07:92:48:7E:A9:3C:E8:32:25:3F:EB:AC:7D:51:7E:8F
ValidityWed, 03 Aug 2022 00:00:00 GMT - Wed, 02 Aug 2023 23:59:59 GMT

File type
ASCII text, with very long lines (30837)
Size
5.6 kB (5631 bytes)
Hash
109d1ed85cd01f9cdab73a4cac5bf80d
d6c6498ad46de2d8e2008a8ff68e364ae7f16b32
8b3a74fe462f5b3c0635995fd721a60eb640e237680b0b532b96711f2823e8bc

HTTP Headers

GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: cdnjs.cloudflare.com
Connection: keep-alive
Referer: https://bulletin.okaynotification.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 30 Apr 2023 19:57:23 GMT
content-type: text/css; charset=utf-8
content-length: 5631
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-7918"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1553754
expires: Fri, 19 Apr 2024 19:57:23 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vl7uxKO7SIRsW%2BArvOXoEgtn6eS6bzRMq2fiIPPuyIbD0Czv6mIZ%2F8djUYQkiJEcFFW%2FU74xLZxa65UUzmpyyuAv%2F0djc%2BJwuFckQzkwWV3C0XCR5SlnmQRCKi5VN2ps2EHiYn8M"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7c025a7bbdd1b4ed-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

mainstreamlp.s3-eu-west-1.amazonaws.com/cassandra/giphy.gif

52.218.46.154

25 kB

URL GET
mainstreamlp.s3-eu-west-1.amazonaws.com/cassandra/giphy.gif
IP
52.218.46.154:0
ASN
#16509 AMAZON-02

Requested by
https://note.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate
IssuerAmazon
Subject*.s3-eu-west-1.amazonaws.com
Fingerprint65:68:E2:68:16:9C:A1:45:3E:AA:7F:E8:6C:8C:07:12:86:2D:DC:10
ValidityWed, 21 Sep 2022 00:00:00 GMT - Wed, 30 Aug 2023 23:59:59 GMT

File type
GIF image data, version 89a, 480 x 480\012- data
Size
25 kB (24722 bytes)
Hash
7e3fce0b52710d1cff60184ab6957570
44d0b8f01481a72a93da9a5b37898d15d33e6ad6
b0f4b9ef95abb8ac47aeea2bedfbcd0df609b82a1c6cb4f73497a3b061929074

HTTP Headers

GET /cassandra/giphy.gif HTTP/1.1
Host: mainstreamlp.s3-eu-west-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bulletin.okaynotification.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: uf035pE8Fcfi4FkJcCiBfK0vRf+1T1VHjionlFcs3fmRDVgqQ/K9yZ+6ds2RL/jVUzILR6FDf3g=
x-amz-request-id: 5R3FN9H5DP2ADTS5
Date: Sun, 30 Apr 2023 19:57:24 GMT
Last-Modified: Wed, 20 May 2020 16:30:23 GMT
ETag: "7e3fce0b52710d1cff60184ab6957570"
Accept-Ranges: bytes
Content-Type: image/gif
Server: AmazonS3
Content-Length: 24722

word.okaynotification.com/js2/t/video2/inc.js

188.114.97.1

59 kB

URL
word.okaynotification.com/js2/t/video2/inc.js
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with CRLF line terminators
Size
59 kB (58922 bytes)
Hash
4dd768e4bcb420c52e6df1122e041b14
033a248325d1c6bcc2a7427e349716aa7855c32f
36f52bc449a96c0b44a07ad23bbf42d0b146294ab19ce7325f431fae6bff7800

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js2/t/video2/inc.js HTTP/1.1
Host: word.okaynotification.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: word.okaynotification.com
Connection: keep-alive
Referer: https://word.okaynotification.com/js2/t/video2/index.html
Cookie: jjj=21; u=31x4691x1543644ec8198b4c8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 30 Apr 2023 19:57:22 GMT
content-type: application/javascript
last-modified: Mon, 16 Aug 2021 15:15:52 GMT
vary: Accept-Encoding
etag: W/"611a8128-3385"
expires: Sun, 28 Apr 2024 15:00:10 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 104232
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D%2BmtKpkZ1oK0auMAt0kKtpkFlqO72SOTpD%2Ff6YCmNU%2FULXXSsLBTz50lBmwXcNpMf%2FbmuCdEmpPaEG1dV3K%2Fns7oe76VWEV0DHZJ0zx8VPmI%2FxqhgNG4%2F16H9WDBsONHnKraFmmP%2BtnlLcQK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c025a752ed10b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

142.250.74.106

200 OK

31 kB

URL GET HTTP/3
ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://letter.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint78:8B:BB:40:DD:1D:5B:E9:7B:AA:CC:94:45:44:7F:FD:56:6E:E4:60
ValidityMon, 03 Apr 2023 08:24:24 GMT - Mon, 26 Jun 2023 08:24:23 GMT

File type
ASCII text, with very long lines (65451)
Size
31 kB (31021 bytes)
Hash
903bc7a7e510f87aa5d0201eb59a0832
ac9aa4dd94cde1bcba9037e94087138b127e41fc
41a7ac8150cc9f38421451d5143c1ffec7a1f1fafbf7a7fc0f51b98ad699cf8f

HTTP Headers

GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: ajax.googleapis.com
Connection: keep-alive
Referer: https://bulletin.okaynotification.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31021
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 29 Apr 2023 13:45:37 GMT
expires: Sun, 28 Apr 2024 13:45:37 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 108706
last-modified: Fri, 08 May 2020 07:05:03 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

cannonball.okaynotification.com/js2/t/video2/inc.js

188.114.97.1

12 kB

URL
cannonball.okaynotification.com/js2/t/video2/inc.js
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with CRLF line terminators
Size
12 kB (12485 bytes)
Hash
21381d506f7bf0633a2d53c810629571
9bccfe5aabb0478fe1f98a4fbb6d633b69a6190e
874edb502239ed75e62a4ea8d76cf79c41f8d4078555b0f257a7e4774eeb8bf7

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js2/t/video2/inc.js HTTP/1.1
Host: cannonball.okaynotification.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: cannonball.okaynotification.com
Connection: keep-alive
Referer: https://cannonball.okaynotification.com/js2/t/video2/index.html
Cookie: jjj=22; u=31x4691x1543644ec8198b4c8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 30 Apr 2023 19:57:22 GMT
content-type: application/javascript
last-modified: Mon, 16 Aug 2021 15:15:52 GMT
vary: Accept-Encoding
etag: W/"611a8128-3385"
expires: Sun, 28 Apr 2024 17:29:02 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 95300
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ucYHtK5C5cvtsranYgRI31hO7NU%2FyvptV4tLkd7OOTH4EzZn5WhjupRBnfABkIHl610aWT0EaQ6n48Geto6%2BKaVb5WDldRPJhpjzNGJC%2B6pIpAM1Z0YoPLreuc6uyIJLz0kBQ5KhMBiahkEG%2FXkTAN%2Fx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c025a784af80b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

142.250.74.106

200 OK

31 kB

URL GET HTTP/3
ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://letter.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint78:8B:BB:40:DD:1D:5B:E9:7B:AA:CC:94:45:44:7F:FD:56:6E:E4:60
ValidityMon, 03 Apr 2023 08:24:24 GMT - Mon, 26 Jun 2023 08:24:23 GMT

File type
ASCII text, with very long lines (65451)
Size
31 kB (31021 bytes)
Hash
903bc7a7e510f87aa5d0201eb59a0832
ac9aa4dd94cde1bcba9037e94087138b127e41fc
41a7ac8150cc9f38421451d5143c1ffec7a1f1fafbf7a7fc0f51b98ad699cf8f

HTTP Headers

GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: ajax.googleapis.com
Connection: keep-alive
Referer: https://warning.okaynotification.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31021
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 29 Apr 2023 13:45:37 GMT
expires: Sun, 28 Apr 2024 13:45:37 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 108706
last-modified: Fri, 08 May 2020 07:05:03 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

mainstreamlp.s3-eu-west-1.amazonaws.com/cassandra/giphy.gif

52.218.46.154

25 kB

URL GET
mainstreamlp.s3-eu-west-1.amazonaws.com/cassandra/giphy.gif
IP
52.218.46.154:0
ASN
#16509 AMAZON-02

Requested by
https://note.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate
IssuerAmazon
Subject*.s3-eu-west-1.amazonaws.com
Fingerprint65:68:E2:68:16:9C:A1:45:3E:AA:7F:E8:6C:8C:07:12:86:2D:DC:10
ValidityWed, 21 Sep 2022 00:00:00 GMT - Wed, 30 Aug 2023 23:59:59 GMT

File type
GIF image data, version 89a, 480 x 480\012- data
Size
25 kB (24722 bytes)
Hash
7e3fce0b52710d1cff60184ab6957570
44d0b8f01481a72a93da9a5b37898d15d33e6ad6
b0f4b9ef95abb8ac47aeea2bedfbcd0df609b82a1c6cb4f73497a3b061929074

HTTP Headers

GET /cassandra/giphy.gif HTTP/1.1
Host: mainstreamlp.s3-eu-west-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://warning.okaynotification.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: Prsc2afGQxqcG02iWjv2lB0sMNgRmgKTbGPdDerkAqMOjFVf1Zdh49SHzbaRk2g4skAov7Cnu2M=
x-amz-request-id: 5R3EHNTVFX33GAEW
Date: Sun, 30 Apr 2023 19:57:24 GMT
Last-Modified: Wed, 20 May 2020 16:30:23 GMT
ETag: "7e3fce0b52710d1cff60184ab6957570"
Accept-Ranges: bytes
Content-Type: image/gif
Server: AmazonS3
Content-Length: 24722

mainstreamlp.s3-eu-west-1.amazonaws.com/cassandra/unnamed.gif

52.218.46.154

200 OK

56 kB

URL GET HTTP/1.1
mainstreamlp.s3-eu-west-1.amazonaws.com/cassandra/unnamed.gif
IP
52.218.46.154:443
ASN
#16509 AMAZON-02

Requested by
https://news.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate
IssuerAmazon
Subject*.s3-eu-west-1.amazonaws.com
Fingerprint65:68:E2:68:16:9C:A1:45:3E:AA:7F:E8:6C:8C:07:12:86:2D:DC:10
ValidityWed, 21 Sep 2022 00:00:00 GMT - Wed, 30 Aug 2023 23:59:59 GMT

File type
GIF image data, version 89a, 250 x 200\012- data
Size
56 kB (55495 bytes)
Hash
426e71e4e8b69c27ca1530ad8ea0f337
25491dd7883395b030d8e57364878ce642834e37
29439e6057faf7858a2ebb5844b6f2751386bd4c39648ea3c2c60d5e1a3f17f1

HTTP Headers

GET /cassandra/unnamed.gif HTTP/1.1
Host: mainstreamlp.s3-eu-west-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://warning.okaynotification.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: jmHf08TQ3wU6mXbAluZIbcigXTax6Nw80gViXhKjikzfLVVcNoOUQzqqvAbhG55dzj6gI/NsU5Q=
x-amz-request-id: 5R3399CMJ5DSY9CD
Date: Sun, 30 Apr 2023 19:57:24 GMT
Last-Modified: Wed, 20 May 2020 16:12:00 GMT
ETag: "426e71e4e8b69c27ca1530ad8ea0f337"
Accept-Ranges: bytes
Content-Type: image/gif
Server: AmazonS3
Content-Length: 55495

cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

104.17.25.14

200 OK

5.6 kB

URL GET HTTP/3
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://memorandum.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA9:11:71:07:07:92:48:7E:A9:3C:E8:32:25:3F:EB:AC:7D:51:7E:8F
ValidityWed, 03 Aug 2022 00:00:00 GMT - Wed, 02 Aug 2023 23:59:59 GMT

File type
ASCII text, with very long lines (30837)
Size
5.6 kB (5631 bytes)
Hash
109d1ed85cd01f9cdab73a4cac5bf80d
d6c6498ad46de2d8e2008a8ff68e364ae7f16b32
8b3a74fe462f5b3c0635995fd721a60eb640e237680b0b532b96711f2823e8bc

HTTP Headers

GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: cdnjs.cloudflare.com
Connection: keep-alive
Referer: https://alert.okaynotification.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 30 Apr 2023 19:57:24 GMT
content-type: text/css; charset=utf-8
content-length: 5631
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-7918"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1553755
expires: Fri, 19 Apr 2024 19:57:24 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WMWbcc406qCDZrL6yN3Jg%2FlYmX%2F0Lpl8cFE4hRlu%2Fb18HGf%2BENg8N7USzDA%2BrNTEKtp2i1nrjjwmW1pY0ecXdTxyPmfLzgn7uXUt3or0OVD5lOnTzR5yqiX25aXun6RL5SrFuym9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7c025a83ca05b4ed-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

142.250.74.106

200 OK

31 kB

URL GET HTTP/3
ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://letter.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint78:8B:BB:40:DD:1D:5B:E9:7B:AA:CC:94:45:44:7F:FD:56:6E:E4:60
ValidityMon, 03 Apr 2023 08:24:24 GMT - Mon, 26 Jun 2023 08:24:23 GMT

File type
ASCII text, with very long lines (65451)
Size
31 kB (31021 bytes)
Hash
903bc7a7e510f87aa5d0201eb59a0832
ac9aa4dd94cde1bcba9037e94087138b127e41fc
41a7ac8150cc9f38421451d5143c1ffec7a1f1fafbf7a7fc0f51b98ad699cf8f

HTTP Headers

GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: ajax.googleapis.com
Connection: keep-alive
Referer: https://alert.okaynotification.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31021
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 29 Apr 2023 13:45:37 GMT
expires: Sun, 28 Apr 2024 13:45:37 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 108707
last-modified: Fri, 08 May 2020 07:05:03 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

warning.okaynotification.com/js2/t/video2/index.html

104.21.84.214

30 kB

URL
warning.okaynotification.com/js2/t/video2/index.html
IP
104.21.84.214:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1051), with CRLF line terminators
Size
30 kB (30157 bytes)
Hash
7cf634d9c4487f1eb951466235d9d43b
f8e9a35ce875910132b06b6da86d71254e1f35b4
2a1099b9552c14808f72c7bfb6569086075030ff9c983979d1a9ee9b8f42bba7

HTTP Headers

GET /js2/t/video2/index.html HTTP/1.1
Host: warning.okaynotification.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bulletin.okaynotification.com/
Cookie: jjj=24; u=31x4691x1543644ec8198b4c8
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 30 Apr 2023 19:57:23 GMT
content-type: text/html
last-modified: Fri, 09 Oct 2020 15:22:15 GMT
vary: Accept-Encoding
expires: Mon, 29 Apr 2024 19:57:23 GMT
cache-control: max-age=31536000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PJzSijDD%2BY3LqE4UiEVLSrO2r1xG%2BoU%2BNAgWf1tMMROO9WmWQFglr8fRRh0v8%2BUsIuxwp%2FXGaJLwZJGLQnkrQKHK9Elyg%2BHRv9Wl%2BOTB%2B0R0KW30Mh2okhiTWqAFCfs1Vbi3kJ7M1VJ3%2FyXnLO%2FU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c025a7db829fabc-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

mainstreamlp.s3-eu-west-1.amazonaws.com/cassandra/unnamed.gif

52.218.46.154

200 OK

56 kB

URL GET HTTP/1.1
mainstreamlp.s3-eu-west-1.amazonaws.com/cassandra/unnamed.gif
IP
52.218.46.154:443
ASN
#16509 AMAZON-02

Requested by
https://news.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate
IssuerAmazon
Subject*.s3-eu-west-1.amazonaws.com
Fingerprint65:68:E2:68:16:9C:A1:45:3E:AA:7F:E8:6C:8C:07:12:86:2D:DC:10
ValidityWed, 21 Sep 2022 00:00:00 GMT - Wed, 30 Aug 2023 23:59:59 GMT

File type
GIF image data, version 89a, 250 x 200\012- data
Size
56 kB (55495 bytes)
Hash
426e71e4e8b69c27ca1530ad8ea0f337
25491dd7883395b030d8e57364878ce642834e37
29439e6057faf7858a2ebb5844b6f2751386bd4c39648ea3c2c60d5e1a3f17f1

HTTP Headers

GET /cassandra/unnamed.gif HTTP/1.1
Host: mainstreamlp.s3-eu-west-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alert.okaynotification.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: +fwie0Ghs3kYsPB/8ZkKZRkBqtTP1b6KwSt39DznnJ8olSrQxZDRbVLKJpkt7cATMmezEVaHt1s=
x-amz-request-id: YPVH2PTTHSQT32F1
Date: Sun, 30 Apr 2023 19:57:25 GMT
Last-Modified: Wed, 20 May 2020 16:12:00 GMT
ETag: "426e71e4e8b69c27ca1530ad8ea0f337"
Accept-Ranges: bytes
Content-Type: image/gif
Server: AmazonS3
Content-Length: 55495

cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

104.17.25.14

200 OK

5.6 kB

URL GET HTTP/3
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://memorandum.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA9:11:71:07:07:92:48:7E:A9:3C:E8:32:25:3F:EB:AC:7D:51:7E:8F
ValidityWed, 03 Aug 2022 00:00:00 GMT - Wed, 02 Aug 2023 23:59:59 GMT

File type
ASCII text, with very long lines (30837)
Size
5.6 kB (5631 bytes)
Hash
109d1ed85cd01f9cdab73a4cac5bf80d
d6c6498ad46de2d8e2008a8ff68e364ae7f16b32
8b3a74fe462f5b3c0635995fd721a60eb640e237680b0b532b96711f2823e8bc

HTTP Headers

GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: cdnjs.cloudflare.com
Connection: keep-alive
Referer: https://communication.okaynotification.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 30 Apr 2023 19:57:25 GMT
content-type: text/css; charset=utf-8
content-length: 5631
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-7918"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1553756
expires: Fri, 19 Apr 2024 19:57:25 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HUU8pwb2hjc0rmDx6N7Pj4BwrYYzXKMmfDmUAsXSQgymEJvY7CFYEX0x3P30ij0%2BoyDkkFih2155gzAO4Vd9U3tE5X6f%2B6H9mCYnL79PaYfxW2fY4G8Eb2zwzSGoJmM65NgLh5uG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7c025a877fefb4ed-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

142.250.74.106

200 OK

31 kB

URL GET HTTP/3
ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://letter.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint78:8B:BB:40:DD:1D:5B:E9:7B:AA:CC:94:45:44:7F:FD:56:6E:E4:60
ValidityMon, 03 Apr 2023 08:24:24 GMT - Mon, 26 Jun 2023 08:24:23 GMT

File type
ASCII text, with very long lines (65451)
Size
31 kB (31021 bytes)
Hash
903bc7a7e510f87aa5d0201eb59a0832
ac9aa4dd94cde1bcba9037e94087138b127e41fc
41a7ac8150cc9f38421451d5143c1ffec7a1f1fafbf7a7fc0f51b98ad699cf8f

HTTP Headers

GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: ajax.googleapis.com
Connection: keep-alive
Referer: https://communication.okaynotification.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31021
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 29 Apr 2023 13:45:37 GMT
expires: Sun, 28 Apr 2024 13:45:37 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 108708
last-modified: Fri, 08 May 2020 07:05:03 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

mainstreamlp.s3-eu-west-1.amazonaws.com/cassandra/giphy.gif

52.218.46.154

25 kB

URL GET
mainstreamlp.s3-eu-west-1.amazonaws.com/cassandra/giphy.gif
IP
52.218.46.154:0
ASN
#16509 AMAZON-02

Requested by
https://note.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate
IssuerAmazon
Subject*.s3-eu-west-1.amazonaws.com
Fingerprint65:68:E2:68:16:9C:A1:45:3E:AA:7F:E8:6C:8C:07:12:86:2D:DC:10
ValidityWed, 21 Sep 2022 00:00:00 GMT - Wed, 30 Aug 2023 23:59:59 GMT

File type
GIF image data, version 89a, 480 x 480\012- data
Size
25 kB (24722 bytes)
Hash
7e3fce0b52710d1cff60184ab6957570
44d0b8f01481a72a93da9a5b37898d15d33e6ad6
b0f4b9ef95abb8ac47aeea2bedfbcd0df609b82a1c6cb4f73497a3b061929074

HTTP Headers

GET /cassandra/giphy.gif HTTP/1.1
Host: mainstreamlp.s3-eu-west-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://communication.okaynotification.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: eCsJYhKgVXE5ylyWyEcYjARvwxCRK3hHqpRyU5GSy4ZyFagdPc0ftSU4hz32G11uWZjjRvhwCjs=
x-amz-request-id: 3DC3W8T02CW0ZQEP
Date: Sun, 30 Apr 2023 19:57:26 GMT
Last-Modified: Wed, 20 May 2020 16:30:23 GMT
ETag: "7e3fce0b52710d1cff60184ab6957570"
Accept-Ranges: bytes
Content-Type: image/gif
Server: AmazonS3
Content-Length: 24722

communication.okaynotification.com/js2/t/video2/index.html

188.114.97.1

60 kB

URL
communication.okaynotification.com/js2/t/video2/index.html
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1051), with CRLF line terminators
Size
60 kB (60195 bytes)
Hash
39c33794b92185d0b18ba56916f9695c
6b237ffccced85682f409a926ca0e34084f0d293
20272a89bf8047590a1c8590b5bada0c2bdf7719595c520654c51cd4aae34ec2

HTTP Headers

GET /js2/t/video2/index.html HTTP/1.1
Host: communication.okaynotification.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alert.okaynotification.com/
Cookie: jjj=26; u=31x4691x1543644ec8198b4c8
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 30 Apr 2023 19:57:24 GMT
content-type: text/html
last-modified: Fri, 09 Oct 2020 15:22:15 GMT
vary: Accept-Encoding
expires: Mon, 29 Apr 2024 19:57:24 GMT
cache-control: max-age=31536000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4ZD%2FfKZOGqJVZrjga9O4dExmKoS2I%2FAVKnAtFC57TqjOI0GMvEjgvAu89aGraTz9infmCpZ48NWlXiJJM6wX7jlKVDSGqVrrEd%2FKtZi7vVNHo42MaKcS35lm2gqtFUHfSHPZvaYwyW13PtJXFlBF4luFvK5M"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c025a8589460b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

104.17.25.14

200 OK

5.6 kB

URL GET HTTP/3
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://memorandum.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA9:11:71:07:07:92:48:7E:A9:3C:E8:32:25:3F:EB:AC:7D:51:7E:8F
ValidityWed, 03 Aug 2022 00:00:00 GMT - Wed, 02 Aug 2023 23:59:59 GMT

File type
ASCII text, with very long lines (30837)
Size
5.6 kB (5631 bytes)
Hash
109d1ed85cd01f9cdab73a4cac5bf80d
d6c6498ad46de2d8e2008a8ff68e364ae7f16b32
8b3a74fe462f5b3c0635995fd721a60eb640e237680b0b532b96711f2823e8bc

HTTP Headers

GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: cdnjs.cloudflare.com
Connection: keep-alive
Referer: https://communique.okaynotification.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 30 Apr 2023 19:57:25 GMT
content-type: text/css; charset=utf-8
content-length: 5631
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-7918"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1553756
expires: Fri, 19 Apr 2024 19:57:25 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OqSoRS0M44gDwMsFPSynfo9tkkZq0m00t64pyw05b39wMQZxfJP0qE5L1%2BZqr%2Fx5OPMS1CfdE3zkvnvlSlsCEWJ2i9VmS1HhQdofATEavTaOrS19sD1ZkCsuYfvO3enPkQ%2F2vB9m"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7c025a8caf92b4ed-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

alert.okaynotification.com/js2/t/video2/index.html

188.114.97.1

36 kB

URL
alert.okaynotification.com/js2/t/video2/index.html
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1051), with CRLF line terminators
Size
36 kB (35721 bytes)
Hash
d56cc6d834dafc3c16a5b81b16c06b34
de53f4508f80241d2d0d451b9e427aac12b08642
c44a9fce2960f3b42f211bd48a37c501f2bb575adfc6ce4edf153f0f6b1cb585

HTTP Headers

GET /js2/t/video2/index.html HTTP/1.1
Host: alert.okaynotification.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://warning.okaynotification.com/
Cookie: jjj=25; u=31x4691x1543644ec8198b4c8
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 30 Apr 2023 19:57:24 GMT
content-type: text/html
last-modified: Fri, 09 Oct 2020 15:22:15 GMT
vary: Accept-Encoding
expires: Mon, 29 Apr 2024 19:57:24 GMT
cache-control: max-age=31536000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hHWH5qEXbQhqRBYUPDrgWKDRktY1wjKfPegBcBJGckpfFOz%2B2wacZba3wbdokHiFGUjOWKW1Ye%2FglJkt2OM4wz83eSBTiROlNHRkdYeI%2BEoC7e%2FwihWfkzHuSwzp17a%2BbV%2FtvQg%2FTQ2hX%2FYARQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c025a81ad020b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

mainstreamlp.s3-eu-west-1.amazonaws.com/cassandra/giphy.gif

52.218.46.154

25 kB

URL GET
mainstreamlp.s3-eu-west-1.amazonaws.com/cassandra/giphy.gif
IP
52.218.46.154:0
ASN
#16509 AMAZON-02

Requested by
https://note.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate
IssuerAmazon
Subject*.s3-eu-west-1.amazonaws.com
Fingerprint65:68:E2:68:16:9C:A1:45:3E:AA:7F:E8:6C:8C:07:12:86:2D:DC:10
ValidityWed, 21 Sep 2022 00:00:00 GMT - Wed, 30 Aug 2023 23:59:59 GMT

File type
GIF image data, version 89a, 480 x 480\012- data
Size
25 kB (24722 bytes)
Hash
7e3fce0b52710d1cff60184ab6957570
44d0b8f01481a72a93da9a5b37898d15d33e6ad6
b0f4b9ef95abb8ac47aeea2bedfbcd0df609b82a1c6cb4f73497a3b061929074

HTTP Headers

GET /cassandra/giphy.gif HTTP/1.1
Host: mainstreamlp.s3-eu-west-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://communique.okaynotification.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: xdve0AOuFxe3oLLHSbX9Spu3AbfV5XtnKfO7C7pQ50DalfyF9lrpQUjaSVzJ5shhIW9Tx5186Jk=
x-amz-request-id: 3DC6NADEG9BK219X
Date: Sun, 30 Apr 2023 19:57:26 GMT
Last-Modified: Wed, 20 May 2020 16:30:23 GMT
ETag: "7e3fce0b52710d1cff60184ab6957570"
Accept-Ranges: bytes
Content-Type: image/gif
Server: AmazonS3
Content-Length: 24722

communication.okaynotification.com/js2/t/video2/style.css

188.114.97.1

56 kB

URL
communication.okaynotification.com/js2/t/video2/style.css
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with CRLF line terminators
Size
56 kB (56230 bytes)
Hash
446f763128f9de2231529833843c0066
aef0c520d6e3933f132e69d5285e514b62362475
0056858631d29437477f09462ff55924738930607d9db7e550c4c68402a7978b

HTTP Headers

GET /js2/t/video2/style.css HTTP/1.1
Host: communication.okaynotification.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: communication.okaynotification.com
Connection: keep-alive
Referer: https://communication.okaynotification.com/js2/t/video2/index.html
Cookie: jjj=26; u=31x4691x1543644ec8198b4c8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 30 Apr 2023 19:57:25 GMT
content-type: text/css
last-modified: Thu, 21 May 2020 13:08:20 GMT
vary: Accept-Encoding
etag: W/"5ec67d44-79a"
expires: Sun, 28 Apr 2024 14:43:12 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 105253
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iJzE1okbupLstTmvJKSR1LhTyL21QJSwPDRRp6hD3CFDpQPKeBvLRZNoE88cwn64m1FEi1iHOhTjzP79qGT%2F%2FJDvrZ2p1Z9GM23lez4SMs050pSvhvlUT47xrHd7HF7yL0%2BWF99mSwUCTMiNeqrPltw97y7L"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c025a876b810b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

104.17.25.14

200 OK

5.6 kB

URL GET HTTP/3
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://memorandum.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA9:11:71:07:07:92:48:7E:A9:3C:E8:32:25:3F:EB:AC:7D:51:7E:8F
ValidityWed, 03 Aug 2022 00:00:00 GMT - Wed, 02 Aug 2023 23:59:59 GMT

File type
ASCII text, with very long lines (30837)
Size
5.6 kB (5631 bytes)
Hash
109d1ed85cd01f9cdab73a4cac5bf80d
d6c6498ad46de2d8e2008a8ff68e364ae7f16b32
8b3a74fe462f5b3c0635995fd721a60eb640e237680b0b532b96711f2823e8bc

HTTP Headers

GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: cdnjs.cloudflare.com
Connection: keep-alive
Referer: https://declaration.okaynotification.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 30 Apr 2023 19:57:26 GMT
content-type: text/css; charset=utf-8
content-length: 5631
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-7918"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1553757
expires: Fri, 19 Apr 2024 19:57:26 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=brhAdBTljySXwvuv%2Fd4NxTv8AKidSAVQV56lOM%2FEcGqIXU3J9V1HjG9Pwhi3tCraVE8Cmdf9EysJ5eozXfUcmLnwl3lSSPclqnyYjsVGmb7OXrusM1qao7mI8Y80J8FrADPoNkId"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7c025a8f6c7eb4ed-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

142.250.74.106

200 OK

31 kB

URL GET HTTP/3
ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://letter.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint78:8B:BB:40:DD:1D:5B:E9:7B:AA:CC:94:45:44:7F:FD:56:6E:E4:60
ValidityMon, 03 Apr 2023 08:24:24 GMT - Mon, 26 Jun 2023 08:24:23 GMT

File type
ASCII text, with very long lines (65451)
Size
31 kB (31021 bytes)
Hash
903bc7a7e510f87aa5d0201eb59a0832
ac9aa4dd94cde1bcba9037e94087138b127e41fc
41a7ac8150cc9f38421451d5143c1ffec7a1f1fafbf7a7fc0f51b98ad699cf8f

HTTP Headers

GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: ajax.googleapis.com
Connection: keep-alive
Referer: https://declaration.okaynotification.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31021
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 29 Apr 2023 13:45:37 GMT
expires: Sun, 28 Apr 2024 13:45:37 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 108709
last-modified: Fri, 08 May 2020 07:05:03 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

mainstreamlp.s3-eu-west-1.amazonaws.com/cassandra/giphy.gif

52.218.46.154

25 kB

URL GET
mainstreamlp.s3-eu-west-1.amazonaws.com/cassandra/giphy.gif
IP
52.218.46.154:0
ASN
#16509 AMAZON-02

Requested by
https://note.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate
IssuerAmazon
Subject*.s3-eu-west-1.amazonaws.com
Fingerprint65:68:E2:68:16:9C:A1:45:3E:AA:7F:E8:6C:8C:07:12:86:2D:DC:10
ValidityWed, 21 Sep 2022 00:00:00 GMT - Wed, 30 Aug 2023 23:59:59 GMT

File type
GIF image data, version 89a, 480 x 480\012- data
Size
25 kB (24722 bytes)
Hash
7e3fce0b52710d1cff60184ab6957570
44d0b8f01481a72a93da9a5b37898d15d33e6ad6
b0f4b9ef95abb8ac47aeea2bedfbcd0df609b82a1c6cb4f73497a3b061929074

HTTP Headers

GET /cassandra/giphy.gif HTTP/1.1
Host: mainstreamlp.s3-eu-west-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://declaration.okaynotification.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: 8HF9E76rB9ELFhfY8Z+pedAP+UjyNY+Wy8dFE3tr03U40jRGezWggW1XV2/Nqg59d0GYYKnBV+Q=
x-amz-request-id: CEMPXBC4E6FA72BJ
Date: Sun, 30 Apr 2023 19:57:27 GMT
Last-Modified: Wed, 20 May 2020 16:30:23 GMT
ETag: "7e3fce0b52710d1cff60184ab6957570"
Accept-Ranges: bytes
Content-Type: image/gif
Server: AmazonS3
Content-Length: 24722

mainstreamlp.s3-eu-west-1.amazonaws.com/cassandra/unnamed.gif

52.218.46.154

200 OK

56 kB

URL GET HTTP/1.1
mainstreamlp.s3-eu-west-1.amazonaws.com/cassandra/unnamed.gif
IP
52.218.46.154:443
ASN
#16509 AMAZON-02

Requested by
https://news.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate
IssuerAmazon
Subject*.s3-eu-west-1.amazonaws.com
Fingerprint65:68:E2:68:16:9C:A1:45:3E:AA:7F:E8:6C:8C:07:12:86:2D:DC:10
ValidityWed, 21 Sep 2022 00:00:00 GMT - Wed, 30 Aug 2023 23:59:59 GMT

File type
GIF image data, version 89a, 250 x 200\012- data
Size
56 kB (55495 bytes)
Hash
426e71e4e8b69c27ca1530ad8ea0f337
25491dd7883395b030d8e57364878ce642834e37
29439e6057faf7858a2ebb5844b6f2751386bd4c39648ea3c2c60d5e1a3f17f1

HTTP Headers

GET /cassandra/unnamed.gif HTTP/1.1
Host: mainstreamlp.s3-eu-west-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://declaration.okaynotification.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: A1upuRYdNPKkJ8XUlOPCFQJ36D93EYofO5W1NF9H5S0gbleoc3sXSysqzOXAZuRA6yat66ZMsXE=
x-amz-request-id: CEMHQ8Z0MAVCZ6DG
Date: Sun, 30 Apr 2023 19:57:27 GMT
Last-Modified: Wed, 20 May 2020 16:12:00 GMT
ETag: "426e71e4e8b69c27ca1530ad8ea0f337"
Accept-Ranges: bytes
Content-Type: image/gif
Server: AmazonS3
Content-Length: 55495

big.okaynotification.com/js2/t/video2/inc.js

104.21.84.214

12 kB

URL
big.okaynotification.com/js2/t/video2/inc.js
IP
104.21.84.214:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with CRLF line terminators
Size
12 kB (12485 bytes)
Hash
21381d506f7bf0633a2d53c810629571
9bccfe5aabb0478fe1f98a4fbb6d633b69a6190e
874edb502239ed75e62a4ea8d76cf79c41f8d4078555b0f257a7e4774eeb8bf7

HTTP Headers

GET /js2/t/video2/inc.js HTTP/1.1
Host: big.okaynotification.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: big.okaynotification.com
Connection: keep-alive
Referer: https://big.okaynotification.com/js2/t/video2/index.html
Cookie: jjj=13; u=31x4691x1543644ec8198b4c8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 30 Apr 2023 19:57:19 GMT
content-type: application/javascript
last-modified: Mon, 16 Aug 2021 15:15:52 GMT
vary: Accept-Encoding
etag: W/"611a8128-3385"
expires: Sun, 28 Apr 2024 17:28:56 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 95303
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t60IG1m9ONiYdGw8w0TLTe7fpYnUlt%2Fn2BdeJpmZL5kMscF4IfXjzewVpOmgA2M%2F%2BEai1V58PkPIQldB%2Bcuma38LRhNt%2F5Jyr0DEGIFc5%2FaNexp6bySf25lgGEZM8ar%2FrClT4z8VaW4p%2FMU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c025a64aa1efabc-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

142.250.74.106

200 OK

31 kB

URL GET HTTP/3
ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://letter.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint78:8B:BB:40:DD:1D:5B:E9:7B:AA:CC:94:45:44:7F:FD:56:6E:E4:60
ValidityMon, 03 Apr 2023 08:24:24 GMT - Mon, 26 Jun 2023 08:24:23 GMT

File type
ASCII text, with very long lines (65451)
Size
31 kB (31021 bytes)
Hash
903bc7a7e510f87aa5d0201eb59a0832
ac9aa4dd94cde1bcba9037e94087138b127e41fc
41a7ac8150cc9f38421451d5143c1ffec7a1f1fafbf7a7fc0f51b98ad699cf8f

HTTP Headers

GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: ajax.googleapis.com
Connection: keep-alive
Referer: https://report.okaynotification.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31021
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 29 Apr 2023 13:45:37 GMT
expires: Sun, 28 Apr 2024 13:45:37 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 108709
last-modified: Fri, 08 May 2020 07:05:03 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

report.okaynotification.com/js2/t/video2/style.css

188.114.97.1

26 kB

URL
report.okaynotification.com/js2/t/video2/style.css
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with CRLF line terminators
Size
26 kB (25457 bytes)
Hash
61fadcc0fac3d7335dd2800ceef516f0
7bc11bfe730f610c74351741706b5415a4a59fd2
65b1b23954405e06a63d48694adee3a33acb76c83bbd360c95aa8ec97feb6a98

HTTP Headers

GET /js2/t/video2/style.css HTTP/1.1
Host: report.okaynotification.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: report.okaynotification.com
Connection: keep-alive
Referer: https://report.okaynotification.com/js2/t/video2/index.html
Cookie: jjj=29; u=31x4691x1543644ec8198b4c8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 30 Apr 2023 19:57:26 GMT
content-type: text/css
last-modified: Thu, 21 May 2020 13:08:20 GMT
vary: Accept-Encoding
etag: W/"5ec67d44-79a"
expires: Sun, 28 Apr 2024 15:00:15 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 104231
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OAKOfb37hWhSbnATZxsWcxlTkgdhhDdMtt4rnYoW3an13T961IcG0k7GOLuXAHKs9zYtXa3sDeIv7UKIRcn4Q5KAv71tzZKCiPY%2FEnIBw6BmrZS7CCKvXHDFIm1DIKnX4zAgDrkQFAghJcdWy40%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c025a92884a0b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

declaration.okaynotification.com/js2/t/video2/index.html

104.21.84.214

60 kB

URL
declaration.okaynotification.com/js2/t/video2/index.html
IP
104.21.84.214:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1051), with CRLF line terminators
Size
60 kB (60195 bytes)
Hash
39c33794b92185d0b18ba56916f9695c
6b237ffccced85682f409a926ca0e34084f0d293
20272a89bf8047590a1c8590b5bada0c2bdf7719595c520654c51cd4aae34ec2

HTTP Headers

GET /js2/t/video2/index.html HTTP/1.1
Host: declaration.okaynotification.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://communique.okaynotification.com/
Cookie: jjj=28; u=31x4691x1543644ec8198b4c8
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 30 Apr 2023 19:57:26 GMT
content-type: text/html
last-modified: Fri, 09 Oct 2020 15:22:15 GMT
vary: Accept-Encoding
expires: Mon, 29 Apr 2024 19:57:26 GMT
cache-control: max-age=31536000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HHVeGVAMxi0thkw%2B7OKXreYEvgvQkRItLed0xBKspNwnWN%2FXgqCMnFsOW0S9E9HlbYFPFRtevqvHu5ed5miFfelVn%2BwM9pzz%2B%2FS6TBgccvuELpk%2BI4iqRjKP%2FFHK1QFZtXL%2FbXea7RUvuMe5ADiFw9llrw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c025a8e3870fabc-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

report.okaynotification.com/js2/t/video2/index.html

188.114.97.1

10 kB

URL
report.okaynotification.com/js2/t/video2/index.html
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1051), with CRLF line terminators
Size
10 kB (10331 bytes)
Hash
5b1a27a94112efc1f91e5b578465fcad
6e21149abfc451cf5b99d5d247afa66ee2bd9bde
64fc3c9df87d6d9f26745d52bd015f0949646d76c7ef03afe29a07d18432f13f

HTTP Headers

GET /js2/t/video2/index.html HTTP/1.1
Host: report.okaynotification.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://declaration.okaynotification.com/
Cookie: jjj=29; u=31x4691x1543644ec8198b4c8
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 30 Apr 2023 19:57:26 GMT
content-type: text/html
last-modified: Fri, 09 Oct 2020 15:22:15 GMT
vary: Accept-Encoding
expires: Mon, 29 Apr 2024 19:57:26 GMT
cache-control: max-age=31536000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KfHjPMfvN9ACENtnpMRrayFRVj%2Fe%2F04FjXUYpeC%2FTJ6mYNySVv3%2BII06XU%2BC%2FBD9zX%2Bx593jUZwN3QPTYGp01H1cx2va2PMoqpihsPztovwqqh8zoTJ%2BRqFtf5AcHWUGNpzakx7u9qRRYzNRS3I%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c025a915ed60b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

142.250.74.106

200 OK

31 kB

URL GET HTTP/3
ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://letter.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint78:8B:BB:40:DD:1D:5B:E9:7B:AA:CC:94:45:44:7F:FD:56:6E:E4:60
ValidityMon, 03 Apr 2023 08:24:24 GMT - Mon, 26 Jun 2023 08:24:23 GMT

File type
ASCII text, with very long lines (65451)
Size
31 kB (31021 bytes)
Hash
903bc7a7e510f87aa5d0201eb59a0832
ac9aa4dd94cde1bcba9037e94087138b127e41fc
41a7ac8150cc9f38421451d5143c1ffec7a1f1fafbf7a7fc0f51b98ad699cf8f

HTTP Headers

GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: ajax.googleapis.com
Connection: keep-alive
Referer: https://statement.okaynotification.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31021
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 29 Apr 2023 13:45:37 GMT
expires: Sun, 28 Apr 2024 13:45:37 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 108710
last-modified: Fri, 08 May 2020 07:05:03 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

mainstreamlp.s3-eu-west-1.amazonaws.com/cassandra/giphy.gif

52.218.46.154

25 kB

URL GET
mainstreamlp.s3-eu-west-1.amazonaws.com/cassandra/giphy.gif
IP
52.218.46.154:0
ASN
#16509 AMAZON-02

Requested by
https://note.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate
IssuerAmazon
Subject*.s3-eu-west-1.amazonaws.com
Fingerprint65:68:E2:68:16:9C:A1:45:3E:AA:7F:E8:6C:8C:07:12:86:2D:DC:10
ValidityWed, 21 Sep 2022 00:00:00 GMT - Wed, 30 Aug 2023 23:59:59 GMT

File type
GIF image data, version 89a, 480 x 480\012- data
Size
25 kB (24722 bytes)
Hash
7e3fce0b52710d1cff60184ab6957570
44d0b8f01481a72a93da9a5b37898d15d33e6ad6
b0f4b9ef95abb8ac47aeea2bedfbcd0df609b82a1c6cb4f73497a3b061929074

HTTP Headers

GET /cassandra/giphy.gif HTTP/1.1
Host: mainstreamlp.s3-eu-west-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://statement.okaynotification.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: FWLt9FVz6qdhjLqijI+3FMXdvr7vUYE8iGuHvXFe1vyOtfam3+4SMVEEJhbRs7AWF7cHn9WcRYQ=
x-amz-request-id: 0M13Q44QMW4HC911
Date: Sun, 30 Apr 2023 19:57:28 GMT
Last-Modified: Wed, 20 May 2020 16:30:23 GMT
ETag: "7e3fce0b52710d1cff60184ab6957570"
Accept-Ranges: bytes
Content-Type: image/gif
Server: AmazonS3
Content-Length: 24722

communique.okaynotification.com/js2/t/video2/index.html

188.114.97.1

62 kB

URL
communique.okaynotification.com/js2/t/video2/index.html
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1051), with CRLF line terminators
Size
62 kB (61665 bytes)
Hash
d7c4fbdf23dfa61b16cacd6d72903e05
f0e8239b2aec228a4fa6539d1cc589fd33a9422b
3512e8c2a28f64becae8740177b7115094275238d5022eeec827c10573ab9aeb

HTTP Headers

GET /js2/t/video2/index.html HTTP/1.1
Host: communique.okaynotification.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://communication.okaynotification.com/
Cookie: jjj=27; u=31x4691x1543644ec8198b4c8
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 30 Apr 2023 19:57:25 GMT
content-type: text/html
last-modified: Fri, 09 Oct 2020 15:22:15 GMT
vary: Accept-Encoding
expires: Mon, 29 Apr 2024 19:57:25 GMT
cache-control: max-age=31536000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=raK8G5yaso%2FFO6HexEK%2BuWvPy7iPx7Z4pnYI%2BkfQ5ndtUjhDT%2FlpbSEemWd8xO8%2BAVndo31LF20oRI5jZuV%2Brqm9YDLYFsCSfA4TedvzNoxYDKCkdYlGs65g1PiFTyDudWFDSnZCop3w49W1%2FbQbYl3h"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c025a89ade90b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

104.17.25.14

200 OK

5.6 kB

URL GET HTTP/3
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://memorandum.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA9:11:71:07:07:92:48:7E:A9:3C:E8:32:25:3F:EB:AC:7D:51:7E:8F
ValidityWed, 03 Aug 2022 00:00:00 GMT - Wed, 02 Aug 2023 23:59:59 GMT

File type
ASCII text, with very long lines (30837)
Size
5.6 kB (5631 bytes)
Hash
109d1ed85cd01f9cdab73a4cac5bf80d
d6c6498ad46de2d8e2008a8ff68e364ae7f16b32
8b3a74fe462f5b3c0635995fd721a60eb640e237680b0b532b96711f2823e8bc

HTTP Headers

GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: cdnjs.cloudflare.com
Connection: keep-alive
Referer: https://release.okaynotification.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 30 Apr 2023 19:57:27 GMT
content-type: text/css; charset=utf-8
content-length: 5631
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-7918"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1553758
expires: Fri, 19 Apr 2024 19:57:27 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wvlRJa2XXY9ZgDojNsFkC%2BlhedpNJnaMmn4fkgvNnbHL6MxYZwRXUgaa4IlsvogkXNBWW%2FdefAZpCw1xW%2FxIaniCu8hVtEUBOIDQ7q4IOsmRu66zTF2uXOmGTmPdtcU%2Fw9VzCnQK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7c025a97caf7b4ed-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

142.250.74.106

200 OK

31 kB

URL GET HTTP/3
ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://letter.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint78:8B:BB:40:DD:1D:5B:E9:7B:AA:CC:94:45:44:7F:FD:56:6E:E4:60
ValidityMon, 03 Apr 2023 08:24:24 GMT - Mon, 26 Jun 2023 08:24:23 GMT

File type
ASCII text, with very long lines (65451)
Size
31 kB (31021 bytes)
Hash
903bc7a7e510f87aa5d0201eb59a0832
ac9aa4dd94cde1bcba9037e94087138b127e41fc
41a7ac8150cc9f38421451d5143c1ffec7a1f1fafbf7a7fc0f51b98ad699cf8f

HTTP Headers

GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: ajax.googleapis.com
Connection: keep-alive
Referer: https://release.okaynotification.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31021
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 29 Apr 2023 13:45:37 GMT
expires: Sun, 28 Apr 2024 13:45:37 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 108710
last-modified: Fri, 08 May 2020 07:05:03 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

memorandum.okaynotification.com/js2/t/video2/style.css

188.114.97.1

200 OK

1.9 kB

URL GET HTTP/3
memorandum.okaynotification.com/js2/t/video2/style.css
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://memorandum.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintB1:D5:9F:E1:6D:C2:1B:25:B9:9A:2A:65:BA:39:DC:3F:31:04:4F:59
ValidityThu, 26 Jan 2023 00:00:00 GMT - Thu, 25 Jan 2024 23:59:59 GMT

File type
ASCII text, with very long lines (2214), with no line terminators
Size
1.9 kB (1946 bytes)
Hash
dd2ca9d687f5dc6385a6cdca0f6e65e4
1e4f737002517a67735987867e78919735a8184b
80e8328a1ec1663f25e52852041cffcefded5c9ca0d9a0e2a965a70443b197f3

HTTP Headers

GET /js2/t/video2/style.css HTTP/1.1
Host: memorandum.okaynotification.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: memorandum.okaynotification.com
Connection: keep-alive
Referer: https://memorandum.okaynotification.com/js2/t/video2/index.html
Cookie: jjj=18; u=31x4691x1543644ec8198b4c8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 30 Apr 2023 19:57:21 GMT
content-type: text/css
last-modified: Thu, 21 May 2020 13:08:20 GMT
vary: Accept-Encoding
etag: W/"5ec67d44-79a"
expires: Sun, 28 Apr 2024 17:28:59 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 95302
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WAH9L9zEbdHTs7Xw%2Bybnmp%2Ff%2FD4EMewAnWsTKdLfc2VUzBHqEstRKe%2FzfHt6ZCvTfON%2BAhyYRT8Wj0VsJE%2FD3LQMSnwW6q%2FaZ%2F2wig3pJYe1Zt9%2BWcwzvT6KLtA3Rk0aIPnnw7J6R2jDUS2Y%2BtyRC%2Bcl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c025a6edf160b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

directive.okaynotification.com/js2/t/video2/index.html

104.21.84.214

200 OK

18 kB

URL User Request GET HTTP/3
directive.okaynotification.com/js2/t/video2/index.html
IP
104.21.84.214:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintB1:D5:9F:E1:6D:C2:1B:25:B9:9A:2A:65:BA:39:DC:3F:31:04:4F:59
ValidityThu, 26 Jan 2023 00:00:00 GMT - Thu, 25 Jan 2024 23:59:59 GMT

File type

Size
18 kB (18418 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /js2/t/video2/index.html HTTP/1.1
Host: directive.okaynotification.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crit.okaynotification.com/
Cookie: jjj=15; u=31x4691x1543644ec8198b4c8
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 30 Apr 2023 19:57:20 GMT
content-type: text/html
last-modified: Fri, 09 Oct 2020 15:22:15 GMT
vary: Accept-Encoding
expires: Mon, 29 Apr 2024 19:57:20 GMT
cache-control: max-age=31536000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y3GIp5%2BjsXJYWVepO4k1OM9UHVqS3uZpyTPuggkXbWdCFFQ%2FJ0pqf4WsYj0i9a2RTQxrdpyoXeMAKBvvAPbAInsuzmxhaKJ37f7WI6Tf75%2FmsXjfAscMyj4F4sHDLztwK9vtVCi1wmYy4%2Fg2B%2F3rLHA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c025a67ccfbfabc-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

news.okaynotification.com/js2/t/video2/inc.js

188.114.97.1

200 OK

13 kB

URL GET HTTP/3
news.okaynotification.com/js2/t/video2/inc.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://news.okaynotification.com/js2/t/video2/index.html#1=a&cinfo=eyJoYXNoTWFzayI6IjVlYzdmMmI2NjI0NDIiLCJhZ3JlZ2F0b3IiOiIwIiwiZmtTb3VyY2UiOiI0NjkxIiwiY291bnRyeUNvZGUiOiJOTyIsInYiOiIxIiwiY2FtcGFpZ25OYW1lIjoiV2F0Y2hNZWRpYTJOT21hZiIsImNhIjoiMSIsInVzZXJDb3VudHJ5IjoiTk8iLCJtb2JpbGVCcmFuZCI6IiIsIm9zVHlwZSI6IkdOVVwvTGludXgiLCJicm93c2VyTmFtZSI6IkZpcmVmb3giLCJtb2JpbGVUZXN0IjoiIiwiYWQiOm51bGwsIm5qdW1waGFzaCI6IjVhOTk4Nzk5ZGQ0MGYiLCJsaW5laWQiOiIzNjY0MjAiLCJ1bmlxaWQiOiIzMXg0NjkxeDE1NDM2NDRlYzgxOThiNGM4Iiwic3ViaWQiOiI0NjkxXzQ3NzUwXzQ2ODAxMDQiLCJtYWYiOjEsImNsX3NvdXJjZXAxIjoiMzYzOTkiLCJjbF9zb3VyY2VwMiI6IjQ2OTEtN19GWC1lSnhXYiIsIm9jIjoiMzF4NDY5MXgxNTQzNjQ0ZWM4MTk4YjRjOCIsImNpZCI6bnVsbH0=
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintB1:D5:9F:E1:6D:C2:1B:25:B9:9A:2A:65:BA:39:DC:3F:31:04:4F:59
ValidityThu, 26 Jan 2023 00:00:00 GMT - Thu, 25 Jan 2024 23:59:59 GMT

File type
ASCII text, with CRLF line terminators
Size
13 kB (13189 bytes)
Hash
9a9be219ee1af9949fead4edb3b92006
ebccab958c1822defac53ff518fe6feba81dff93
2ddf117c0bdd9df9cfe9776bdbcb7146341023d6959360705437d8ffbf7e43ed

HTTP Headers

GET /js2/t/video2/inc.js HTTP/1.1
Host: news.okaynotification.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: news.okaynotification.com
Connection: keep-alive
Referer: https://news.okaynotification.com/js2/t/video2/index.html
Cookie: jjj=19; u=31x4691x1543644ec8198b4c8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 30 Apr 2023 19:57:21 GMT
content-type: application/javascript
last-modified: Mon, 16 Aug 2021 15:15:52 GMT
vary: Accept-Encoding
etag: W/"611a8128-3385"
expires: Sun, 28 Apr 2024 15:00:09 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 104232
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2S8GYxI692CIC96GTCKrlNwHERhtOBUNth%2F316WpLfkibQEDPZRKfGyGF8M%2F6%2BSz99d5QMfOIpg3duQD9PjLGXy%2FmSIY8HoQlls%2FIt2y5tjQZ6WxTf8DdVUQCeKdYHD0z3K1wZjQ%2BORDS9G3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c025a70d9ff0b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

word.okaynotification.com/js2/t/video2/index.html

0.0.0.0

0 B

URL User Request GET
word.okaynotification.com/js2/t/video2/index.html
IP
0.0.0.0:0
ASN
#0

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js2/t/video2/index.html HTTP/1.1
Host: word.okaynotification.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://note.okaynotification.com/
Cookie: jjj=21; u=31x4691x1543644ec8198b4c8
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

crit.okaynotification.com/js2/t/video2/index.html

104.21.84.214

200 OK

18 kB

URL User Request GET HTTP/3
crit.okaynotification.com/js2/t/video2/index.html
IP
104.21.84.214:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintB1:D5:9F:E1:6D:C2:1B:25:B9:9A:2A:65:BA:39:DC:3F:31:04:4F:59
ValidityThu, 26 Jan 2023 00:00:00 GMT - Thu, 25 Jan 2024 23:59:59 GMT

File type

Size
18 kB (18418 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /js2/t/video2/index.html HTTP/1.1
Host: crit.okaynotification.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://big.okaynotification.com/
Cookie: jjj=14; u=31x4691x1543644ec8198b4c8
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 30 Apr 2023 19:57:19 GMT
content-type: text/html
last-modified: Fri, 09 Oct 2020 15:22:15 GMT
vary: Accept-Encoding
expires: Mon, 29 Apr 2024 19:57:19 GMT
cache-control: max-age=31536000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MIrqvsvg4ewutw%2F7qmQH%2FXgW%2B17QtRheBi5lBm6D%2FxAU4pnFkU1L6UoBM9b5R6E6Dgsalwa%2FYR5LniJ%2Bn2fFnCjPo07jXVov%2B8U1yAC71Alfo%2BMrnk0QHfYITY2EP%2FQD3dgSzcQKp3BWRldo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c025a65bb22fabc-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (2)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (146)

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type