note1s.com Open in urlscan Pro
151.139.128.10 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://note1s.com/notes/4RPMBNO
Submission: On May 23 via manual (May 23rd 2023, 8:04:11 am UTC) from US — Scanned from GE

Summary HTTP 114 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 38 IPs in 9 countries across 32 domains to perform 114 HTTP transactions. The main IP is 151.139.128.10, located in United States and belongs to STACKPATH-CDN, US. The main domain is note1s.com. The Cisco Umbrella rank of the primary domain is 665163.
TLS certificate: Issued by R3 on May 1st 2023. Valid for: 3 months.

This is the only time note1s.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
9	151.139.128.10 151.139.128.10	20446 (STACKPATH...) (STACKPATH-CDN)
3	216.58.212.138 216.58.212.138	15169 (GOOGLE) (GOOGLE)
2	104.17.25.14 104.17.25.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.186.104 142.250.186.104	15169 (GOOGLE) (GOOGLE)
8	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
2	95.110.204.9 95.110.204.9	31034 (ARUBA-ASN) (ARUBA-ASN)
1 1	54.69.228.114 54.69.228.114	16509 (AMAZON-02) (AMAZON-02)
1	52.92.177.161 52.92.177.161	16509 (AMAZON-02) (AMAZON-02)
1	70.32.23.110 70.32.23.110	55293 (A2HOSTING) (A2HOSTING)
3	18.66.192.91 18.66.192.91	16509 (AMAZON-02) (AMAZON-02)
22	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
3	142.250.186.163 142.250.186.163	15169 (GOOGLE) (GOOGLE)
1	142.250.186.74 142.250.186.74	15169 (GOOGLE) (GOOGLE)
2	172.217.16.206 172.217.16.206	15169 (GOOGLE) (GOOGLE)
7	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
1	18.66.192.12 18.66.192.12	16509 (AMAZON-02) (AMAZON-02)
1	18.66.192.30 18.66.192.30	16509 (AMAZON-02) (AMAZON-02)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	151.101.193.229 151.101.193.229	54113 (FASTLY) (FASTLY)
1	18.66.190.226 18.66.190.226	16509 (AMAZON-02) (AMAZON-02)
1	104.22.53.86 104.22.53.86	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	178.250.1.3 178.250.1.3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	172.217.18.1 172.217.18.1	15169 (GOOGLE) (GOOGLE)
2	35.190.39.111 35.190.39.111	15169 (GOOGLE) (GOOGLE)
1	54.154.153.235 54.154.153.235	16509 (AMAZON-02) (AMAZON-02)
1	162.19.138.118 162.19.138.118	16276 (OVH) (OVH)
2	178.250.1.11 178.250.1.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
12	142.250.185.129 142.250.185.129	15169 (GOOGLE) (GOOGLE)
1 5	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
3	142.250.184.227 142.250.184.227	15169 (GOOGLE) (GOOGLE)
4 6	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
2 4	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
2 3	185.89.210.141 185.89.210.141	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	142.250.181.228 142.250.181.228	15169 (GOOGLE) (GOOGLE)
3	142.250.185.198 142.250.185.198	15169 (GOOGLE) (GOOGLE)
1	91.228.74.208 91.228.74.208	16509 (AMAZON-02) (AMAZON-02)
2 2	37.157.6.233 37.157.6.233	198622 (ADFORM) (ADFORM)
2 2	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
2	172.217.0.67 172.217.0.67	15169 (GOOGLE) (GOOGLE)
114	38

9 151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net

note1s.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
traffic1s.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.58.212.138 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.104 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.110.204.9 (Arezzo, Italy)

ASN31034 (ARUBA-ASN, IT)
PTR: host9-204-110-95.serverdedicati.aruba.it

cdn.exmarketplace.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.69.228.114 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-69-228-114.us-west-2.compute.amazonaws.com

activerain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.92.177.161 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2-w.amazonaws.com

activerain-store.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 70.32.23.110 (United States)

ASN55293 (A2HOSTING, US)
PTR: mi3-ts14.a2hosting.com

www.davidmcelroy.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.66.192.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-192-91.muc50.r.cloudfront.net

quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.163 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.74 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f10.1e100.net

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.206 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.192.12 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-192-12.muc50.r.cloudfront.net

test.quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.192.30 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-192-30.muc50.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.193.229 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.190.226 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-190-226.muc50.r.cloudfront.net

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.22.53.86 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.18.1 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f1.1e100.net

432933d36f8bfe0508263c2d6765cb88.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.39.111 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 111.39.190.35.bc.googleusercontent.com

esp.rtbhouse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.154.153.235 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-153-235.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.118 (France)

ASN16276 (OVH, FR)
PTR: ns31533569.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 142.250.185.129 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.244.159.8 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.184.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.74.194 (Staten Island, United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.80.39.216 (Canada) 2 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.210.141 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.181.228 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f6.1e100.net

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.228.74.208 (United Kingdom)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.233 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.223.40.198 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.0.67 (United States)

ASN15169 (GOOGLE, US)
PTR: nuq04s19-in-f3.1e100.net

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
34	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 93 432933d36f8bfe0508263c2d6765cb88.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 132	223 KB
21	doubleclick.net 4 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184 googleads.g.doubleclick.net — Cisco Umbrella Rank: 34 cm.g.doubleclick.net — Cisco Umbrella Rank: 210 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 337	308 KB
8	gstatic.com fonts.gstatic.com www.gstatic.com csi.gstatic.com	46 KB
8	note1s.com note1s.com — Cisco Umbrella Rank: 665163	168 KB
5	openx.net oajs.openx.net Failed google-bidout-d.openx.net — Cisco Umbrella Rank: 2602 eu-u.openx.net — Cisco Umbrella Rank: 2294 us-u.openx.net — Cisco Umbrella Rank: 436	1 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 530	3 KB
4	consensu.org quantcast.mgr.consensu.org — Cisco Umbrella Rank: 3592 test.quantcast.mgr.consensu.org — Cisco Umbrella Rank: 22909	157 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35 ajax.googleapis.com — Cisco Umbrella Rank: 320	34 KB
3	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 276	68 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 214	3 KB
3	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 68 www.google.com — Cisco Umbrella Rank: 2	2 KB
2	adsrvr.org 2 redirects match.adsrvr.org — Cisco Umbrella Rank: 306	971 B
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 562	1 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 181	107 KB
2	criteo.com gum.criteo.com — Cisco Umbrella Rank: 413	7 KB
2	rtbhouse.com esp.rtbhouse.com — Cisco Umbrella Rank: 3109	315 B
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 862 id5-sync.com — Cisco Umbrella Rank: 421	18 KB
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1025 bcp.crwdcntrl.net — Cisco Umbrella Rank: 863	12 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 30	21 KB
2	exmarketplace.com cdn.exmarketplace.com — Cisco Umbrella Rank: 76597	21 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 199	88 KB
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 686	372 B
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 2334	8 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 639	13 KB
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 2631	2 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 344	897 B
1	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 2758	2 KB
1	traffic1s.com traffic1s.com — Cisco Umbrella Rank: 523063	6 KB
1	davidmcelroy.org www.davidmcelroy.org	37 KB
1	amazonaws.com activerain-store.s3.amazonaws.com — Cisco Umbrella Rank: 544332	451 KB
1	activerain.com 1 redirects activerain.com — Cisco Umbrella Rank: 403756	225 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	46 KB
114	32

	Domain	Requested by
19	pagead2.googlesyndication.com	note1s.com 432933d36f8bfe0508263c2d6765cb88.safeframe.googlesyndication.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com securepubads.g.doubleclick.net
12	tpc.googlesyndication.com	432933d36f8bfe0508263c2d6765cb88.safeframe.googlesyndication.com note1s.com tpc.googlesyndication.com securepubads.g.doubleclick.net
8	securepubads.g.doubleclick.net	note1s.com securepubads.g.doubleclick.net 432933d36f8bfe0508263c2d6765cb88.safeframe.googlesyndication.com
8	note1s.com	note1s.com
6	cm.g.doubleclick.net	4 redirects googleads.g.doubleclick.net google-bidout-d.openx.net
5	googleads.g.doubleclick.net	pagead2.googlesyndication.com 432933d36f8bfe0508263c2d6765cb88.safeframe.googlesyndication.com
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
3	s0.2mdn.net	note1s.com s0.2mdn.net
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	www.gstatic.com	note1s.com 432933d36f8bfe0508263c2d6765cb88.safeframe.googlesyndication.com
3	432933d36f8bfe0508263c2d6765cb88.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	fonts.gstatic.com	fonts.googleapis.com
3	quantcast.mgr.consensu.org	note1s.com
3	fonts.googleapis.com	note1s.com 432933d36f8bfe0508263c2d6765cb88.safeframe.googlesyndication.com
2	csi.gstatic.com	securepubads.g.doubleclick.net
2	googleads4.g.doubleclick.net	note1s.com
2	us-u.openx.net	google-bidout-d.openx.net
2	match.adsrvr.org	2 redirects
2	c1.adform.net	2 redirects
2	www.google.com	1 redirects tpc.googlesyndication.com
2	google-bidout-d.openx.net	1 redirects oa.openxcdn.net
2	www.googletagservices.com	432933d36f8bfe0508263c2d6765cb88.safeframe.googlesyndication.com note1s.com
2	gum.criteo.com	static.criteo.net gum.criteo.com
2	esp.rtbhouse.com	note1s.com
2	www.google-analytics.com	www.googletagmanager.com note1s.com
2	cdn.exmarketplace.com	note1s.com cdn.exmarketplace.com
2	cdnjs.cloudflare.com	note1s.com cdnjs.cloudflare.com
1	eu-u.openx.net	google-bidout-d.openx.net
1	cms.quantserve.com	google-bidout-d.openx.net
1	id5-sync.com	note1s.com
1	bcp.crwdcntrl.net	note1s.com
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	static.criteo.net	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	cdn.jsdelivr.net	securepubads.g.doubleclick.net
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	test.quantcast.mgr.consensu.org	note1s.com
1	ajax.googleapis.com	traffic1s.com
1	traffic1s.com	note1s.com
1	www.davidmcelroy.org	note1s.com
1	activerain-store.s3.amazonaws.com	note1s.com
1	activerain.com	1 redirects
1	www.googletagmanager.com	note1s.com
0	oajs.openx.net Failed	note1s.com
114	47

This site contains links to these domains. Also see Links.

Domain
click4r.com
anotepad.com
zenwriting.net
link1s.com
1shorten.com
kiemlua.com

Subject Issuer	Validity	Valid
note1s.com R3	`2023-05-01` - `2023-07-30`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.exmarketplace.com Sectigo RSA Domain Validation Secure Server CA	`2023-04-20` - `2024-05-05`	a year	crt.sh
davidmcelroy.org cPanel, Inc. Certification Authority	`2023-04-01` - `2023-06-30`	3 months	crt.sh
traffic1s.com R3	`2023-04-25` - `2023-07-24`	3 months	crt.sh
cmp.quantcast.com R3	`2023-04-14` - `2023-07-13`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2022-11-07` - `2023-12-06`	a year	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2023-04-28` - `2023-07-28`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
cdn.prod.uidapi.com R3	`2023-05-18` - `2023-08-16`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-24` - `2023-06-18`	3 months	crt.sh
oa.openxcdn.net GTS CA 1D4	`2023-03-30` - `2023-06-28`	3 months	crt.sh
esp.rtbhouse.com GTS CA 1D4	`2023-05-17` - `2023-08-15`	3 months	crt.sh
*.id5-sync.com R3	`2023-04-18` - `2023-07-17`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-12` - `2023-08-10`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh

This page contains 16 frames:

Primary Page: https://note1s.com/notes/4RPMBNO
Frame ID: 312BFBEAB4B51F59AEC570048D21570C
Requests: 46 HTTP requests in this frame

Frame: https://note1s.com/sbbi/?sbbpg=sbbShell&gprid=nJ
Frame ID: 921DF15867816F7AB572148085406568
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20190131/zrt_lookup.html
Frame ID: 32B005FDBF9B7782B029039F4E2703C5
Requests: 1 HTTP requests in this frame

Frame: https://432933d36f8bfe0508263c2d6765cb88.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 9B9FAAFA9ECE368408514B71432A9F44
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=note1s.com&gdpr=0&gdpr_consent=
Frame ID: E036724C8DE8A3BF8CD1344D73CE6330
Requests: 2 HTTP requests in this frame

Frame: https://432933d36f8bfe0508263c2d6765cb88.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 81E21ABF9357D16829E8E2FFE3FB2F8D
Requests: 21 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM6TkZIDEMGZ6MsDGLelnukBMAE&v=APEucNXnT7umSuWS6lcHRDximBcjlnrTSonLrbYF3giWefzw15sj_AsCN1GYAhMPCT0O_An4awcia-ybT1ig3LoUMqmPIx73NO9M5SVzF-T_ic6R6j0sEog
Frame ID: 4CFE659DF8D865602E65EA5264F5CB40
Requests: 5 HTTP requests in this frame

Frame: https://432933d36f8bfe0508263c2d6765cb88.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 4FBF1ECC3337DC61E90B2F5F48AD2E2E
Requests: 5 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?cc=1&plm=5
Frame ID: 7EEDB0079AB8FFBB6B2D294621CC39E4
Requests: 6 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 968CB4DC6CAC06AA8E38071C16483BDF
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 21741043D9DE2B2B2F49AD645044D88B
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 59E8E76648A293AA12A13BB3D9404976
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/b4kQu0tD4hSA-hVARc1fzzODE0daF2Vy-bPLW9uau78.js
Frame ID: DE2324ED2E6DD03BABD5A4710248DFD9
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/4320456394404654201/index.html
Frame ID: A7E463D7B153E84B83D3B5F7848DC272
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F7ED08E97D32447D1B7B9B3167CAB22A
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0BB6827EEF77C4E6271E1AB55586485C
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Note: What Is the goal of Tin Foil Hats

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Quantcast Choice (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

quantcast\.mgr\.consensu\.org

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

114
Requests

92 %
HTTPS

0 %
IPv6

32
Domains

47
Subdomains

38
IPs

9
Countries

1848 kB
Transfer

4607 kB
Size

34
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://click4r.com/posts/g/9759405/
Title: how do you make a tinfoil hat

Search URL Search Domain Scan URL

URL: https://anotepad.com/notes/rwhnjs9y
Title: people wearing tinfoil hats

Search URL Search Domain Scan URL

URL: https://zenwriting.net/bathplant2/why-do-people-wear-hats-crafted-from-tin-foil
Title: how do you make a tinfoil hat

Search URL Search Domain Scan URL

URL: https://link1s.com/
Title: Rút gọn link kiếm tiền

Search URL Search Domain Scan URL

URL: https://1shorten.com/
Title: All shorteners in One

Search URL Search Domain Scan URL

URL: https://kiemlua.com/
Title: Kiếm tiền Online

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7

https://activerain.com/image_store/uploads/5/8/6/7/4/ar137407108647685.jpg HTTP 301
https://activerain-store.s3.amazonaws.com/image_store/uploads/5/8/6/7/4/ar137407108647685.jpg

Request Chain 58

https://google-bidout-d.openx.net/w/1.0/pd?plm=5 HTTP 302
https://google-bidout-d.openx.net/w/1.0/pd?cc=1&plm=5

Request Chain 71

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECc9r0sVB7OZkzIhMr3CF00&google_cver=1&gdpr=0

Request Chain 72

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&gdpr=0&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZGxzd-EMtSqei-hh2Jg7nAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECc9r0sVB7OZkzIhMr3CF00&google_cver=1

Request Chain 73

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0 HTTP 302
https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEMEw0Ob0tQqVszexWYxMIBY&google_cver=1

Request Chain 74

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTgwMjIxNDIzODU5NDY3Mjk0Nw%3D%3D

Request Chain 79

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 84

https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8502093648898732359

Request Chain 85

https://match.adsrvr.org/track/cmf/openx?oxid=73a4dead-9e16-3859-41ec-634809776459&gdpr=0 HTTP 302
https://match.adsrvr.org/track/cmb/openx?oxid=73a4dead-9e16-3859-41ec-634809776459&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072971&val=1725630d-474d-47f2-8617-7228aec5d20e&ttd_puid=73a4dead-9e16-3859-41ec-634809776459&gdpr=0&gdpr_consent=

Request Chain 87

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELDGC43CMbHdmZnEHsnl7tA&google_cver=1

114 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 4RPMBNO Show response
note1s.com/notes/ 30 KB
14 KB 455ms
190ms Document
text/html 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://note1s.com/notes/4RPMBNO

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map3.hwcdn.net

Software

fbs / LarVPS

Resource Hash

c8009b78a37edd82e2291b29e8e0872bef9b0684b31f97f4f2596d1f7ee6c96f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-cache, private
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 23 May 2023 08:04:03 GMT
server: fbs
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-hw: 1684829043.cds273.fr8.hn,1684829043.cds323.fr8.sc,1684829043.waf1-node01-fra02.stackpath.systems.-.wx,1684829043.cds323.fr8.p
x-powered-by: LarVPS
x-xss-protection: 1; mode=block

GET
H2 200 css
fonts.googleapis.com/ 2 KB
959 B 413ms
140ms Stylesheet
text/css 216.58.212.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Nunito

Requested by

Host: note1s.com
URL: https://note1s.com/notes/4RPMBNO

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f10.1e100.net

Software

ESF /

Resource Hash

acb56c6f7cb5d7535893ca8f3ede167db52e709927be848f4285ab3d92973bb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://note1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 23 May 2023 08:04:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 23 May 2023 06:22:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 23 May 2023 08:04:04 GMT

GET
H2 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/ 58 KB
11 KB 396ms
140ms Stylesheet
text/css 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css

Requested by

Host: note1s.com
URL: https://note1s.com/notes/4RPMBNO

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://note1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 08:04:04 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1047154
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10462
last-modified: Mon, 13 Sep 2021 19:10:03 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "613fa20b-28de"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TDYQSBwgIFVaDq0Sjgu3NYA6LffeTbpOfjMInm7KxcJw%2BUTye5OMcPgneIvz6kUOTMRF8iL%2F8dMoz65A%2FJjxWAiFPQPq6GwRDW0psQ%2Fn%2FwuOMY%2FGjQMNikT%2BvNZ4q0oGCt5XIucA"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7cbbc936afc41c1e-FRA
expires: Sun, 12 May 2024 08:04:04 GMT

GET
H2 200 app.css
note1s.com/css/ 143 KB
28 KB 132ms
132ms Stylesheet
text/css 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://note1s.com/css/app.css?id=ebe28cb9d875b19bed6b
Requested by: Host: note1s.com
URL: https://note1s.com/notes/4RPMBNO
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: fbs /
Resource Hash: bb4e5956f130d6375ce85ca1225536f8852c4ca5b16ee74cb882ee40a4cbedd2

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://note1s.com/notes/4RPMBNO
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 08:04:04 GMT
content-encoding: gzip
last-modified: Tue, 09 May 2023 06:34:10 GMT
server: fbs
etag: W/"6459e962-23c92"
x-hw: 1684829044.cds273.fr8.hn,1684829044.cds323.fr8.c
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 27999

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 117 KB
46 KB 415ms
149ms Script
application/javascript 142.250.186.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-129758818-11

Requested by

Host: note1s.com
URL: https://note1s.com/notes/4RPMBNO

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

6b96a873c471652f2497fb867d90e2cd0c457d1f5e3ae2304f253711dfe2ae44

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://note1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 08:04:04 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46524
x-xss-protection: 0
last-modified: Tue, 23 May 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 23 May 2023 08:04:04 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 76 KB
25 KB 470ms
206ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: note1s.com
URL: https://note1s.com/notes/4RPMBNO

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

5b13e5520749c82f2ca91fc49455b44aba44f668074dc5c3a0be8c139bce9f9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://note1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 08:04:04 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25314
x-xss-protection: 0
server: cafe
etag: 210 / 19500 / m202305160101 / config-hash: 9567814645736669970
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 23 May 2023 08:04:04 GMT

GET
H/1.1 200
OK note1s.dfp.min.js Show response
cdn.exmarketplace.com/bidder/note1s/ 56 KB
18 KB 585ms
154ms Script
application/javascript 95.110.204.9
ARUBA-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.exmarketplace.com/bidder/note1s/note1s.dfp.min.js
Requested by: Host: note1s.com
URL: https://note1s.com/notes/4RPMBNO
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.110.204.9 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS: host9-204-110-95.serverdedicati.aruba.it
Software: nginx/1.20.1 /
Resource Hash: faedfeefc726ed56cbd58f17290f2ea5833f455f12098ebb287fca796a21eac2

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://note1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 May 2023 08:06:59 GMT
Content-Encoding: gzip
Via: 1.1 varnish (Varnish/5.2)
X-Cacheable: YES
age: 0
X-Cache: HIT
X-UnsetCookies: TRUE
Connection: keep-alive
Content-Length: 17810
Last-Modified: Fri, 19 May 2023 07:15:46 GMT
Server: nginx/1.20.1
ETag: "e1e7-5fc06b0a13ea5-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
X-Varnish: 927511924 870853169
Access-Control-Allow-Origin: *
cache-control: max-age=900
Accept-Ranges: bytes

GET
H2 200 logo.png
note1s.com/images/ 19 KB
19 KB 216ms
214ms Image
image/png 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://note1s.com/images/logo.png
Requested by: Host: note1s.com
URL: https://note1s.com/notes/4RPMBNO
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: fbs /
Resource Hash: 9f726a0127ce218459cccfbec762795e5897b91c4c3ed3aa653b982c2f35fbfc

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://note1s.com/notes/4RPMBNO
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 08:04:04 GMT
last-modified: Tue, 09 May 2023 14:22:05 GMT
server: fbs
etag: "645a570d-4d27"
x-hw: 1684829044.cds273.fr8.hn,1684829044.cds160.fr8.c
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 19751

GET
H/1.1

200
OK

ar137407108647685.jpg
activerain-store.s3.amazonaws.com/image_store/uploads/5/8/6/7/4/
Redirect Chain

https://activerain.com/image_store/uploads/5/8/6/7/4/ar137407108647685.jpg
https://activerain-store.s3.amazonaws.com/image_store/uploads/5/8/6/7/4/ar137407108647685.jpg

451 KB
451 KB

1077ms
438ms

Image
image/jpeg

52.92.177.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://activerain-store.s3.amazonaws.com/image_store/uploads/5/8/6/7/4/ar137407108647685.jpg
Requested by: Host: note1s.com
URL: https://note1s.com/notes/4RPMBNO
Protocol: HTTP/1.1
Server: 52.92.177.161 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 7be94252e155b8be9993b666eec4d0e53ea2da388b213d6fdd9ec27093884939

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://note1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 May 2023 08:04:07 GMT
Last-Modified: Sun, 17 Jan 2016 14:11:51 GMT
Server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:500/gname:nobody/uname:deploy/gid:99/mode:33188/mtime:1374071088/atime:1452755287/md5:52ff6f88e21694d4d099008dc15914b5/ctime:1434125888
x-amz-request-id: 6G0SYSGYN03BXXX7
ETag: "52ff6f88e21694d4d099008dc15914b5"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 461727
x-amz-id-2: EAhq/XV6h7tKaAd4SZY+lD2lvbnac3f0iKdcGr9CkXb7WEYSBxoQUYRITjHcJR/npZc6ovouAF4=

Redirect headers

x-runtime: 0.000768
date: Tue, 23 May 2023 08:04:05 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: text/html
location: https://activerain-store.s3.amazonaws.com/image_store/uploads/5/8/6/7/4/ar137407108647685.jpg
cache-control: no-cache
content-length: 157
x-request-id: 7da87ea3964158d7f5c62cc646b01706

GET
H2 200 Tinfoil-hat.jpg
www.davidmcelroy.org/wp-content/uploads/2012/01/ 36 KB
37 KB 1034ms
231ms Image
image/jpeg 70.32.23.110
A2HOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.davidmcelroy.org/wp-content/uploads/2012/01/Tinfoil-hat.jpg

Requested by

Host: note1s.com
URL: https://note1s.com/notes/4RPMBNO

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

70.32.23.110 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

mi3-ts14.a2hosting.com

Software

LiteSpeed /

Resource Hash

c75d7ae9e1e3e2237f11239ea4b9821504e59b57d49dd06a45c9e9995712d28b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://note1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 08:04:05 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Sun, 22 Jan 2012 05:43:43 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=604800, public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 37299
expires: Tue, 30 May 2023 08:04:05 GMT

GET
H2 200 site.js Show response
traffic1s.com/js/ 22 KB
6 KB 403ms
134ms Script
application/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://traffic1s.com/js/site.js?v=7

Requested by

Host: note1s.com
URL: https://note1s.com/notes/4RPMBNO

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map3.hwcdn.net

Software

nginx /

Resource Hash

271f3b24a9e7bfe207729f336ba2b31de3863ca7bd35ec9de2916478eed8771d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval';
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://note1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 08:04:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval';
last-modified: Wed, 19 Apr 2023 02:38:34 GMT
server: nginx
etag: W/"643f542a-5650"
x-frame-options: SAMEORIGIN
x-hw: 1684829044.cds055.fr8.hn,1684829044.cds203.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 5494
x-xss-protection: 1; mode=block

GET
H2 200 app.js Show response
note1s.com/js/ 258 KB
93 KB 131ms
130ms Script
application/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://note1s.com/js/app.js?id=0e83dba9e8630f1a1f92
Requested by: Host: note1s.com
URL: https://note1s.com/notes/4RPMBNO
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: fbs /
Resource Hash: 8b5da51cc7922a21ec9681c479cb6709d39d388235a4570c7f626ddd6174485d

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://note1s.com/notes/4RPMBNO
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 08:04:04 GMT
content-encoding: gzip
last-modified: Tue, 09 May 2023 06:34:10 GMT
server: fbs
etag: W/"6459e962-40688"
x-hw: 1684829044.cds273.fr8.hn,1684829044.cds275.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 94951

GET
H2 200 cmp2.js Show response
quantcast.mgr.consensu.org/tcfv2/23/ 266 KB
67 KB 486ms
200ms Script
text/javascript 18.66.192.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/tcfv2/23/cmp2.js
Requested by: Host: note1s.com
URL: https://note1s.com/notes/4RPMBNO
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.192.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-192-91.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b3d7664a9bc1602bae1581a2bb4181109516fb2ae83e439e272954399a8adb12

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://note1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 May 2023 14:10:47 GMT
content-encoding: br
via: 1.1 878a01abbb158ab50d28bd4e882dc33a.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P1
age: 150798
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
cross-origin-resource-policy: cross-origin
last-modified: Fri, 18 Dec 2020 15:09:38 GMT
server: AmazonS3
etag: W/"c6ce2ec2de0e055e2cd4aa8901f10de9"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=172800
vary: Accept-Encoding
x-amz-cf-id: dZ3yYjjUL6c3hLaqfZfWyBz5u3Hlej1N3SeJVhJDjEiVj54lmADGtw==

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 135 KB
47 KB 446ms
183ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: note1s.com
URL: https://note1s.com/notes/4RPMBNO

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

1188b9bcae8633f6136b749482f5abd5532a07f14b6f761e9beb93e11c42ace0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://note1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 08:04:04 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47313
x-xss-protection: 0
server: cafe
etag: 10104097163673690951
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 23 May 2023 08:04:04 GMT

GET
H2 200 / Show response
note1s.com/sbbi/ Frame 921D 25 KB
11 KB 224ms
223ms Document
text/html 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://note1s.com/sbbi/?sbbpg=sbbShell&gprid=nJ&sbbgs=h49f82f4e264b04ca6fa536176055380ce53&ddl=1
Requested by: Host: note1s.com
URL: https://note1s.com/notes/4RPMBNO
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: fbs /
Resource Hash: 24ecd6070d1cc9f36f635b33bb346a5dfd2813390a4295383b2351bea0d38bb6

Request headers

Referer: https://note1s.com/notes/4RPMBNO
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-store, no-cache, max-age=0, must-revalidate, private, max-stale=0, post-check=0, pre-check=0
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 23 May 2023 08:04:04 GMT
server: fbs
x-accel-expires: 0
x-hw: 1684829044.cds273.fr8.hn,1684829044.cds057.fr8.sc,1684829044.waf1-node01-fra02.stackpath.systems.-.i,1684829044.cds057.fr8.p

GET
H2 200 /
note1s.com/sbbi/ 43 B
177 B 234ms
233ms Image
image/gif 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://note1s.com/sbbi/?sbbpg=utMedia&vii=dh04b98f28b24f846e723694fb10d4ec3a161ffa4553869107d63015553338a0ncwes5p3
Requested by: Host: note1s.com
URL: https://note1s.com/notes/4RPMBNO
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: fbs /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://note1s.com/notes/4RPMBNO
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
x-accel-expires: 0
date: Tue, 23 May 2023 08:04:04 GMT
cache-control: no-store, no-cache, max-age=0, must-revalidate, private, max-stale=0, post-check=0, pre-check=0
server: fbs
x-hw: 1684829044.cds273.fr8.hn,1684829044.cds057.fr8.sc,1684829044.waf1-node03-fra02.stackpath.systems.-.i,1684829044.cds057.fr8.p
content-type: image/gif

GET
H3 200 fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/webfonts/ 76 KB
77 KB 260ms
132ms Font
application/octet-stream 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/webfonts/fa-solid-900.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8f52ae059ebd18fcb45ca5d2f81ab410ade2b54e096aa1284fd4b2b97bf3ddc9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css
Origin: https://note1s.com
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 08:04:04 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 983717
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 78268
last-modified: Mon, 13 Sep 2021 19:10:03 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "613fa20b-131bc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oKLO83z8PZfkREhqyEs6YapafNPL5XQPf6nUSxO8dA1C2FqlJHKhuk3KPhtE4JLNfVVuxX0xXPUK0wTfkRK%2BrVI4Dv2ry7DyujJVTEYy87F1Uwrgl7b%2BbhkHPCmh1m1680l4nYr%2B"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7cbbc93898b06987-FRA
expires: Sun, 12 May 2024 08:04:04 GMT

GET
H2 200 XRXI3I6Li01BKofiOc5wtlZ2di8HDLshdTQ3jw.woff2
fonts.gstatic.com/s/nunito/v25/ 14 KB
14 KB 405ms
139ms Font
font/woff2 142.250.186.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunito/v25/XRXI3I6Li01BKofiOc5wtlZ2di8HDLshdTQ3jw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f3.1e100.net

Software

sffe /

Resource Hash

5e2f97ea0fb92d5e3ae31eeef403b9c34363c8fb2a387e13cf381fa97f3e8cf7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://note1s.com
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 May 2023 06:14:33 GMT
x-content-type-options: nosniff
age: 265771
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14060
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:44:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 May 2024 06:14:33 GMT

POST
H2 200 / Show response
note1s.com/sbbi/ Frame 921D 532 B
471 B 143ms
143ms Document
text/html 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://note1s.com/sbbi/?sbbpg=sbbShell&gprid=nJ&sbbgs=h49f82f4e264b04ca6fa536176055380ce53&ddl=1
Requested by: Host: note1s.com
URL: https://note1s.com/notes/4RPMBNO
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: fbs /
Resource Hash: eebc1e16930f8c02d8df7b36daf1d89122876c974d5599cc37d6f6c4b6c7519d

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://note1s.com
Referer: https://note1s.com/sbbi/?sbbpg=sbbShell&gprid=nJ&sbbgs=h49f82f4e264b04ca6fa536176055380ce53&ddl=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-store, no-cache, max-age=0, must-revalidate, private, max-stale=0, post-check=0, pre-check=0
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 23 May 2023 08:04:04 GMT
server: fbs
x-accel-expires: 0
x-hw: 1684829044.cds273.fr8.hn,1684829044.cds336.fr8.sc,1684829044.cdn2-redis01-fra1.stackpath.systems.-.i,1684829044.cds336.fr8.p

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.6.0/ 87 KB
31 KB 414ms
145ms Script
text/javascript 142.250.186.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js

Requested by

Host: traffic1s.com
URL: https://traffic1s.com/js/site.js?v=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f10.1e100.net

Software

sffe /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://note1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 May 2023 11:51:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 72735
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31017
x-xss-protection: 0
last-modified: Wed, 10 Mar 2021 14:28:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 21 May 2024 11:51:50 GMT

GET
H2 200 XRXI3I6Li01BKofiOc5wtlZ2di8HDLshdTs3j77e.woff2
fonts.gstatic.com/s/nunito/v25/ 4 KB
4 KB 163ms
161ms Font
font/woff2 142.250.186.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunito/v25/XRXI3I6Li01BKofiOc5wtlZ2di8HDLshdTs3j77e.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f3.1e100.net

Software

sffe /

Resource Hash

7ed3b3e7cc5d46c24c6e02c7bd33100fbdd09822b0fb230956369b4881da6953

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://note1s.com
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 May 2023 22:16:58 GMT
x-content-type-options: nosniff
age: 208026
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4252
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:27:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 May 2024 22:16:58 GMT

GET
H2 200 XRXI3I6Li01BKofiOc5wtlZ2di8HDLshdTo3j77e.woff2
fonts.gstatic.com/s/nunito/v25/ 12 KB
13 KB 159ms
158ms Font
font/woff2 142.250.186.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunito/v25/XRXI3I6Li01BKofiOc5wtlZ2di8HDLshdTo3j77e.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f3.1e100.net

Software

sffe /

Resource Hash

a8aed46dba06a6b68d94a3204205fc78f1e9fc5c90e69ca49fad346e3b7e47b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://note1s.com
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 May 2023 18:24:30 GMT
x-content-type-options: nosniff
age: 221974
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12736
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:32:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 May 2024 18:24:30 GMT

GET
H2 200 / Show response
note1s.com/sbbi/ Frame 921D 7 KB
3 KB 146ms
145ms Document
text/html 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://note1s.com/sbbi/?sbbpg=sbbShell&gprid=nJ
Requested by: Host: note1s.com
URL: https://note1s.com/notes/4RPMBNO
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: fbs /
Resource Hash: 9084081dd3b388cf26885b6c47441f62400c28582a1e19e80628e0037e986f92

Request headers

Referer: https://note1s.com/sbbi/?sbbpg=sbbShell&gprid=nJ&sbbgs=h49f82f4e264b04ca6fa536176055380ce53&ddl=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-store, no-cache, max-age=0, must-revalidate, private, max-stale=0, post-check=0, pre-check=0
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 23 May 2023 08:04:05 GMT
server: fbs
x-accel-expires: 0
x-hw: 1684829045.cds273.fr8.hn,1684829045.cds057.fr8.sc,1684829045.waf1-node03-fra02.stackpath.systems.-.i,1684829045.cds057.fr8.p

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 398ms
128ms Script
text/javascript 172.217.16.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-129758818-11

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://note1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 23 May 2023 06:35:38 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 5307
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Tue, 23 May 2023 08:35:38 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/ 407 KB
126 KB 133ms
128ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

c909c28a92bf7b48807218b7eb333d2e6700bd123064a9625b63e36764ae3d91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://note1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 07:46:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1051
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128419
x-xss-protection: 0
server: cafe
etag: 9945815184239927542
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Wed, 22 May 2024 07:46:34 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 839 B
413 B 430ms
164ms XHR
application/json 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=note1s.com

Requested by

Host: note1s.com
URL: https://note1s.com/notes/4RPMBNO

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

32a7b9d9bf98f3969f628f02f2f0a72b1123e80c28f4683f1b0c787ca2220ad2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://note1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 08:04:05 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 388
x-xss-protection: 0
expires: Tue, 23 May 2023 08:04:05 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230518/r20190131/ Frame 32B0 10 KB
5 KB 427ms
136ms Document
text/html 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230518/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://note1s.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

age: 49519
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 22 May 2023 18:18:46 GMT
etag: 15057649708203361565
expires: Mon, 05 Jun 2023 18:18:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 google-atp-list.json Show response
quantcast.mgr.consensu.org/tcfv2/ 151 KB
35 KB 433ms
157ms XHR
application/json 18.66.192.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/tcfv2/google-atp-list.json
Requested by: Host: note1s.com
URL: https://note1s.com/notes/4RPMBNO
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.192.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-192-91.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 31d1a8b234ef7e3fcd967fe38bb63298be8faf869e0dcd5352c330ed5c18964b

Request headers

Accept: application/json, text/plain, */*
Referer: https://note1s.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 03:00:28 GMT
content-encoding: br
via: 1.1 47755cdb8b36419a04f12ee3c24f7fae.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P1
age: 18218
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 23 May 2023 03:00:26 GMT
server: AmazonS3
etag: W/"1dbfd79d4ea7f69c0c42a2f6065532e7"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=172800
access-control-allow-credentials: true
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: C5vfIeigeEbdf_sWnpuErw5SfavhNyySRkRuzspH640Y562DK8k1tA==

GET
H/1.1 200
OK pm.js Show response
cdn.exmarketplace.com/bidder/ 10 KB
3 KB 156ms
156ms Script
application/javascript 95.110.204.9
ARUBA-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.exmarketplace.com/bidder/pm.js
Requested by: Host: cdn.exmarketplace.com
URL: https://cdn.exmarketplace.com/bidder/note1s/note1s.dfp.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.110.204.9 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS: host9-204-110-95.serverdedicati.aruba.it
Software: nginx/1.20.1 /
Resource Hash: cddba030c45b4ea556c7ee07bb723bbffa04f0698d402b6a3274b0fde7e685e5

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://note1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 May 2023 08:06:59 GMT
Content-Encoding: gzip
Via: 1.1 varnish (Varnish/5.2)
X-Cacheable: YES
age: 0
X-Cache: HIT
X-UnsetCookies: TRUE
Connection: keep-alive
Content-Length: 2857
Last-Modified: Mon, 19 Jul 2021 16:09:25 GMT
Server: nginx/1.20.1
ETag: "26d6-5c77c29471045-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
X-Varnish: 927574384 196611
Access-Control-Allow-Origin: *
cache-control: max-age=900
Accept-Ranges: bytes

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 845 B
419 B 309ms
201ms XHR
application/json 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=note1s.com

Requested by

Host: note1s.com
URL: https://note1s.com/notes/4RPMBNO

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

f245830476ff9812bbf15171fdfbb751b6280bdb3cf30067418bc50b6895ddc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://note1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 08:04:05 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 394
x-xss-protection: 0
expires: Tue, 23 May 2023 08:04:05 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
202 B 135ms
135ms XHR
text/plain 172.217.16.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=292769700&t=pageview&_s=1&dl=https%3A%2F%2Fnote1s.com%2Fnotes%2F4RPMBNO&ul=en-us&de=UTF-8&dt=Note%3A%20What%20Is%20the%20goal%20of%20Tin%20Foil%20Hats&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=829897477&gjid=1176161996&cid=1720071096.1684829046&tid=UA-129758818-11&_gid=638555028.1684829046&_r=1&gtm=457e35h0&jsscut=1&z=530109223

Requested by

Host: note1s.com
URL: https://note1s.com/notes/4RPMBNO

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://note1s.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 23 May 2023 08:04:05 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://note1s.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cmp-list.json Show response
test.quantcast.mgr.consensu.org/GVL-v2/ 10 KB
3 KB 424ms
139ms XHR
application/json 18.66.192.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://test.quantcast.mgr.consensu.org/GVL-v2/cmp-list.json
Requested by: Host: note1s.com
URL: https://note1s.com/notes/4RPMBNO
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.192.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-192-12.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7174a8bff46f7c25aa0167fbf071096b488058459bf9d555ddd592ceea171804

Request headers

Accept: application/json, text/plain, */*
Referer: https://note1s.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 03:00:35 GMT
x-amz-version-id: EA_SjBSkshypkIlfN0HhjKy2zyQuHOeN
content-encoding: br
via: 1.1 f8d34d99bd5a267bad6857ae101ea8e2.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P1
age: 18210
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Sun, 14 May 2023 19:52:29 GMT
server: AmazonS3
etag: W/"1b98afd5dc64e23911ff6ddbdf668803"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=172800
vary: Accept-Encoding
x-amz-cf-id: jCGdp2SjA4g_5iQ_eLAf-uh0CMEyWrXk1t4iQZqBUKmAMlHVC6lWBQ==

GET
H2 200 vendor-list.json Show response
quantcast.mgr.consensu.org/GVL-v2/ 412 KB
51 KB 149ms
149ms XHR
application/json 18.66.192.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/GVL-v2/vendor-list.json
Requested by: Host: note1s.com
URL: https://note1s.com/notes/4RPMBNO
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.192.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-192-91.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2c8fe5bc6a32607070351c84541e64d2e4178357e6f80e0e02c3d135c3f9752c

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://note1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 03:00:37 GMT
content-encoding: br
via: 1.1 47755cdb8b36419a04f12ee3c24f7fae.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P1
age: 18210
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
last-modified: Fri, 19 May 2023 14:31:23 GMT
server: AmazonS3
etag: W/"d55beec764506f2a764ded1e0643a12a"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=172800
access-control-allow-credentials: true
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: tyb30BzjESXfGeoySqwm6lUFnecWYQQHdQQpYwmixm0pQMO8N4H7hw==

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 403ms
135ms Script
application/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=note1s.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://note1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 08:04:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 38 KB
12 KB 451ms
154ms Script
text/javascript 18.66.192.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.192.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-192-30.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9cf4fc9350f69e442ebfdf130d4e601377e9273b642282a1ebb4f79d6116e8c5

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://note1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 06:20:03 GMT
content-encoding: gzip
via: 1.1 32700c539a5f821aadd3624288c4aeb6.cloudfront.net (CloudFront)
last-modified: Thu, 27 Apr 2023 00:14:05 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P1
age: 7715
x-amz-server-side-encryption: AES256
etag: W/"37e703da55f96b973658b8e7aeed0e93"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: 1BIt9AzHb2vxBS9NLC4G7nIvAggG4LBoDqo0BsCB8UjBrkZS5o0Bwg==

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 2 KB
2 KB 409ms
133ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 3b89401fea631023de67ae75bf8f246b1af109a9a4247c3862016949eacc462b

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://note1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 07:13:04 GMT
via: 1.1 google
age: 3062
x-guploader-uploadid: ADPycdtyOh7XqpVIwPdrI2R58blQTWdDHuBM2_tHBVU2hgjD3Q6l5nNhNrk31-f64nssUXceggwgPUNS1yBWNQPhm3vkdQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1938
last-modified: Thu, 27 Apr 2023 19:53:17 GMT
server: UploadServer
etag: "0a4a90264145ed4c5c647dae5dfb0429"
x-goog-generation: 1682625197861193
x-goog-hash: crc32c=jhvysQ==, md5=CkqQJkFF7UxcZH2uXfsEKQ==
content-type: text/javascript
cache-control: public, max-age=3600
x-goog-stored-content-length: 1938
accept-ranges: bytes
expires: Tue, 23 May 2023 08:13:04 GMT

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
897 B 364ms
118ms Script
application/javascript 151.101.193.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.229 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://note1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 23 May 2023 08:04:06 GMT
x-content-type-options: nosniff
content-encoding: br
age: 31481
x-jsd-version: master
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 439
x-served-by: cache-fra-eddf8230042-FRA, cache-mxp6930-MXP
x-jsd-version-type: branch
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 2 KB
2 KB 692ms
134ms Script
text/javascript 18.66.190.226
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.190.226 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-190-226.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://note1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 May 2023 02:36:56 GMT
Via: 1.1 aedc37d054398c84a361f8542a82efea.cloudfront.net (CloudFront)
Last-Modified: Thu, 04 May 2023 00:14:06 GMT
Server: AmazonS3
X-Amz-Cf-Pop: MUC50-P1
Age: 19631
x-amz-server-side-encryption: AES256
ETag: "4d5acbf33f4a0592ac0515db92fe88e6"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1858
X-Amz-Cf-Id: _xFlIYpf6lPSy-ksDUUUndn_SaChryg8ILb_n958YUQMky8j-fO0jg==

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 59 KB
17 KB 410ms
139ms Script
text/javascript 104.22.53.86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.53.86 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d961a31d3d2fdb93a35a4024f9878b2ed896cd86a084ceb8df6af3bc53e29125

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://note1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 08:04:06 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 06 Apr 2023 12:00:04 GMT
server: cloudflare
x-amz-request-id: RJG8P9KGT25NARJA
age: 43
etag: W/"110f0c3c343ee36404c8a2300f4755c3"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7cbbc9454d6e194d-FRA
x-amz-id-2: p9caGrESjWYwkHsxUB/95tSAMOAWdfigQO7CUyIVO+HkWK6LxeSkGY+AhjJC0xfpQ02CliLtx7w=

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 39 KB
13 KB 471ms
197ms Script
text/javascript 178.250.1.3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

c7fc8dae04703101d705fac5268f8900d96149d6b2d3fdd6c1fac249ed16cf1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://note1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 08:04:06 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 24 Feb 2023 07:57:32 GMT
server: nginx
etag: W/"63f86dec-9c21"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 24 May 2023 08:04:06 GMT

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 392ms
130ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://note1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 May 2023 23:12:18 GMT
content-encoding: gzip
age: 204708
x-guploader-uploadid: ADPycdvJ9f2JAcW_u33Wuncj8S73-G6Q6wRUusXGmU1oTYHkwdtBIiLp1LRa7LAdcbtsWxYQGd2x5956XBCXTVQq42M4_Q
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Sun, 19 May 2024 23:12:18 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 194 KB
56 KB 572ms
571ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3064980139131816&correlator=727412018003972&eid=31073866%2C31074172%2C44777901&output=ldjh&gdfp_req=1&vrg=202305160101&ptt=17&impl=fifs&gdpr=0&us_privacy=1---&iu_parts=42150330%3A22558101590%2Cnote1s%2Cnote1s_Incontent_1%2Cnote1s_Interstitial&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3&prev_iu_szs=728x90%7C300x250%7C336x280%7C580x400%7C360x300%2C1x1&ifi=1&adks=4158959527%2C743653958&didk=2054258831~2102096968&sfv=1-0-40&ists=1&fas=0%2C8&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1684829046302&lmt=1684829046&dlt=1684829043944&idt=1415&adxs=436%2C-9&adys=2636%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1%7C-1&ucis=1%7C2&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fnote1s.com%2Fnotes%2F4RPMBNO&frm=20&vis=1&psz=1330x0%7C0x-1&msz=1330x0%7C0x-1&fws=0%2C2&ohw=0%2C0&ga_vid=1720071096.1684829046&ga_sid=1684829046&ga_hid=292769700&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYg4yMvYQxSABSAghkEhkKCnB1YmNpZC5vcmcYhIyMvYQxSABSAghkEhcKCHJ0YmhvdXNlGISMjL2EMUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRiEjIy9hDFIAFICCGQSGQoKdWlkYXBpLmNvbRiEjIy9hDFIAFICCGQSFAoFb3BlbngYhIyMvYQxSABSAghkEhsKDGlkNS1zeW5jLmNvbRiEjIy9hDFIAFICCGQ.

Requested by

Host: note1s.com
URL: https://note1s.com/notes/4RPMBNO

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

996c93b54c7ec6736fb3b689d8cabdbb72f1b9b0cf2c76a4044f11e5129f09d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://note1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 08:04:06 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56983
x-xss-protection: 0
google-lineitem-id: -1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://note1s.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
432933d36f8bfe0508263c2d6765cb88.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9B9F 6 KB
3 KB 436ms
140ms Document
text/html 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://432933d36f8bfe0508263c2d6765cb88.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://note1s.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 23 May 2023 08:04:06 GMT
expires: Wed, 22 May 2024 08:04:06 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/ 36 KB
13 KB 127ms
126ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl_page_level_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

8029665c0154234ddf67e798de4c9a5cad358071f988aa1c1f84bbae930ed8cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://note1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 03:56:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14866
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12848
x-xss-protection: 0
server: cafe
etag: 13833340073225968366
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Wed, 22 May 2024 03:56:20 GMT

GET esp
oajs.openx.net/ 0
0

OPTIONS
H2 200 encrypt
esp.rtbhouse.com/ Frame 0
0 450ms
150ms Preflight
text/plain 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://note1s.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST, GET
access-control-allow-origin: https://note1s.com
access-control-max-age: 600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
content-type: text/plain; charset=utf-8
date: Tue, 23 May 2023 08:04:07 GMT
server: Google Frontend
vary: Origin
via: 1.1 google
x-cloud-trace-context: 29ee0c125d821bdedc2aeb020362d9a9

POST
H2 200 encrypt Show response
esp.rtbhouse.com/ 221 B
315 B 163ms
162ms Fetch
application/json 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Requested by: Host: note1s.com
URL: https://note1s.com/notes/4RPMBNO
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: a1ef847ce9c6963e18c0aafa4b63cfaaf5eb54ed7c3e1e3fdf977d9594498d96

Request headers

Referer: https://note1s.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 23 May 2023 08:04:07 GMT
via: 1.1 google
server: Google Frontend
content-type: application/json
access-control-allow-origin: *
x-cloud-trace-context: 5a30ae5e99febcf044ba6971fb7bb9a4
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 221

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 156 B
529 B 504ms
179ms XHR
application/json 54.154.153.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: note1s.com
URL: https://note1s.com/notes/4RPMBNO
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.154.153.235 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-154-153-235.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: fff4c136e7279ccc0b65eb8a46058367ebe49fccaf951961ae7cd76a13ca7c50

Request headers

Referer: https://note1s.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 23 May 2023 08:04:07 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://note1s.com
cache-control: no-cache
x-server: 10.45.26.55
access-control-allow-credentials: true
content-length: 156
expires: 0

GET
H/1.1 204 increment Show response
id5-sync.com/api/esp/ 0
319 B 411ms
137ms XHR
text/plain 162.19.138.118
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: note1s.com
URL: https://note1s.com/notes/4RPMBNO

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.118 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533569.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://note1s.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://note1s.com
date: Tue, 23 May 2023 08:04:06 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame E036 15 KB
6 KB 418ms
141ms Document
text/html 178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=note1s.com&gdpr=0&gdpr_consent=

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

3014acc16bf3744b41bb869785bf686290d9834a5e6f69d4583c4e39fca26bff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://note1s.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 23 May 2023 08:04:06 GMT
server: Kestrel
server-processing-duration-in-ticks: 636209
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 container.html Show response
432933d36f8bfe0508263c2d6765cb88.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 81E2 6 KB
3 KB 133ms
131ms Document
text/html 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://432933d36f8bfe0508263c2d6765cb88.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://note1s.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 23 May 2023 08:04:06 GMT
expires: Wed, 22 May 2024 08:04:06 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 4CFE 645 B
526 B 271ms
265ms Document
text/html 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CM6TkZIDEMGZ6MsDGLelnukBMAE&v=APEucNXnT7umSuWS6lcHRDximBcjlnrTSonLrbYF3giWefzw15sj_AsCN1GYAhMPCT0O_An4awcia-ybT1ig3LoUMqmPIx73NO9M5SVzF-T_ic6R6j0sEog

Requested by

Host: 432933d36f8bfe0508263c2d6765cb88.safeframe.googlesyndication.com
URL: https://432933d36f8bfe0508263c2d6765cb88.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

cafe /

Resource Hash

a08acd55bb001aa85ced7f4f93a4a1446ca18a17689e872b59a9da81ebe0cd45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://432933d36f8bfe0508263c2d6765cb88.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 234
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 23 May 2023 08:04:07 GMT
expires: Tue, 23 May 2023 08:04:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 81E2 78 KB
28 KB 284ms
279ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 432933d36f8bfe0508263c2d6765cb88.safeframe.googlesyndication.com
URL: https://432933d36f8bfe0508263c2d6765cb88.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://432933d36f8bfe0508263c2d6765cb88.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 08:04:07 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28042
x-xss-protection: 0
server: cafe
etag: 3261498652431352696
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Tue, 23 May 2023 08:04:07 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 81E2 42 B
173 B 172ms
167ms Image
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ChswvS5MpfsRvn0aXTiHxXoEA0-Jc8dxNA3zRAFMxajtSJABx8Lgw8yve9FAiHt5P6lV-feUfvdniOgJ31ScTZu503_QirHGRyriC3tZ9X6ACwGQk

Requested by

Host: 432933d36f8bfe0508263c2d6765cb88.safeframe.googlesyndication.com
URL: https://432933d36f8bfe0508263c2d6765cb88.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://432933d36f8bfe0508263c2d6765cb88.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 08:04:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 81E2 0
58 B 172ms
168ms Image
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=10696670262518457986&x=1&ct=119

Requested by

Host: 432933d36f8bfe0508263c2d6765cb88.safeframe.googlesyndication.com
URL: https://432933d36f8bfe0508263c2d6765cb88.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://432933d36f8bfe0508263c2d6765cb88.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 08:04:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/ Frame 81E2 3 KB
1 KB 430ms
142ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/window_focus_fy2021.js

Requested by

Host: 432933d36f8bfe0508263c2d6765cb88.safeframe.googlesyndication.com
URL: https://432933d36f8bfe0508263c2d6765cb88.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://432933d36f8bfe0508263c2d6765cb88.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 07:46:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1035
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Jun 2023 07:46:52 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/ Frame 81E2 19 KB
8 KB 421ms
132ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 432933d36f8bfe0508263c2d6765cb88.safeframe.googlesyndication.com
URL: https://432933d36f8bfe0508263c2d6765cb88.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

cafe /

Resource Hash

9df1ad09e8ee902ee6a76cf88df57306868ca4ee532d74830fbcfe4db8bdf39d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://432933d36f8bfe0508263c2d6765cb88.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 May 2023 22:18:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35123
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7953
x-xss-protection: 0
server: cafe
etag: 16153819885643670827
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Jun 2023 22:18:44 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 81E2 171 KB
53 KB 145ms
142ms Script
text/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 432933d36f8bfe0508263c2d6765cb88.safeframe.googlesyndication.com
URL: https://432933d36f8bfe0508263c2d6765cb88.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

sffe /

Resource Hash

452f096c720b3e3f9bef10090f461ce08ab38e64159263e9939a7c60067aa32f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://432933d36f8bfe0508263c2d6765cb88.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 08:04:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54262
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684757038394838"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 23 May 2023 08:04:07 GMT

GET
H2 200 container.html Show response
432933d36f8bfe0508263c2d6765cb88.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4FBF 6 KB
3 KB 130ms
129ms Document
text/html 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://432933d36f8bfe0508263c2d6765cb88.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://note1s.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 23 May 2023 08:04:06 GMT
expires: Wed, 22 May 2024 08:04:06 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

pd Show response
google-bidout-d.openx.net/w/1.0/ Frame 7EED
Redirect Chain

https://google-bidout-d.openx.net/w/1.0/pd?plm=5
https://google-bidout-d.openx.net/w/1.0/pd?cc=1&plm=5

520 B
662 B

145ms
144ms

Document
text/html

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?cc=1&plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 72855a9842199d9f3f5c25040d437234a5fdbc7e68bf2e54ba82a1b5adbdfe5c

Request headers

Referer: https://note1s.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 330
content-type: text/html
date: Tue, 23 May 2023 08:04:07 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Tue, 23 May 2023 08:04:07 GMT
location: https://google-bidout-d.openx.net/w/1.0/pd?cc=1&plm=5
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
via: 1.1 google

GET
H2 200 json Show response
gum.criteo.com/sid/ Frame E036 422 B
552 B 134ms
134ms Fetch
application/json 178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=publishertagids&domain=note1s.com&sn=ChromeSyncframe&so=0&topUrl=note1s.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0

Requested by

Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=note1s.com&gdpr=0&gdpr_consent=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

80ae08a21538f93c7accfb13a73a56ef098295b2a0b18e54badc3bc6bbe52760

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=note1s.com&gdpr=0&gdpr_consent=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 08:04:07 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1637845
expires: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 4FBF 4 KB
767 B 145ms
143ms Stylesheet
text/css 216.58.212.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: 432933d36f8bfe0508263c2d6765cb88.safeframe.googlesyndication.com
URL: https://432933d36f8bfe0508263c2d6765cb88.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f10.1e100.net

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://432933d36f8bfe0508263c2d6765cb88.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 23 May 2023 08:04:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 23 May 2023 06:11:50 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 23 May 2023 08:04:07 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 968C 9 KB
1006 B 139ms
137ms Stylesheet
text/css 216.58.212.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: note1s.com
URL: https://note1s.com/notes/4RPMBNO

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f10.1e100.net

Software

ESF /

Resource Hash

b1289ccca476df0a33259965671579525261926bf8ea0a9f4fb3ba67535c4f69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://432933d36f8bfe0508263c2d6765cb88.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 23 May 2023 08:04:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 23 May 2023 07:45:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 23 May 2023 08:04:07 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/ Frame 968C 2 KB
846 B 141ms
140ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: note1s.com
URL: https://note1s.com/notes/4RPMBNO

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://432933d36f8bfe0508263c2d6765cb88.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 May 2023 22:21:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34955
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Jun 2023 22:21:32 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/ Frame 968C 22 KB
9 KB 140ms
139ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/abg_lite_fy2021.js

Requested by

Host: note1s.com
URL: https://note1s.com/notes/4RPMBNO

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

cafe /

Resource Hash

756997924e97f09793e32520f153591ff455188cf2fd5e2f8d95b6d427b9e87b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://432933d36f8bfe0508263c2d6765cb88.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 May 2023 22:18:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35123
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8780
x-xss-protection: 0
server: cafe
etag: 16540081610679671253
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Jun 2023 22:18:44 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/ Frame 968C 3 KB
1 KB 197ms
196ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/window_focus_fy2021.js

Requested by

Host: note1s.com
URL: https://note1s.com/notes/4RPMBNO

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://432933d36f8bfe0508263c2d6765cb88.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 07:46:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1035
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Jun 2023 07:46:52 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/ Frame 968C 19 KB
8 KB 197ms
196ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: note1s.com
URL: https://note1s.com/notes/4RPMBNO

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

cafe /

Resource Hash

9df1ad09e8ee902ee6a76cf88df57306868ca4ee532d74830fbcfe4db8bdf39d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://432933d36f8bfe0508263c2d6765cb88.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 May 2023 22:18:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35123
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7953
x-xss-protection: 0
server: cafe
etag: 16153819885643670827
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Jun 2023 22:18:44 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 968C 171 KB
53 KB 155ms
154ms Script
text/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: note1s.com
URL: https://note1s.com/notes/4RPMBNO

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

sffe /

Resource Hash

452f096c720b3e3f9bef10090f461ce08ab38e64159263e9939a7c60067aa32f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://432933d36f8bfe0508263c2d6765cb88.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 08:04:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54262
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684757038394838"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 23 May 2023 08:04:07 GMT

GET
H2 200 32da0f4bcd46006ef465cafdfe68b840.js Show response
www.gstatic.com/mysidia/ Frame 968C 32 KB
14 KB 389ms
127ms Script
text/javascript 142.250.184.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/32da0f4bcd46006ef465cafdfe68b840.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: note1s.com
URL: https://note1s.com/notes/4RPMBNO

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f3.1e100.net

Software

sffe /

Resource Hash

8b53bbcf5bade5c6d3715a1df364ce5df527a85a7d2e0a6e2529e93d6cfe98de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://432933d36f8bfe0508263c2d6765cb88.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 May 2023 20:30:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 560008
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13640
x-xss-protection: 0
last-modified: Tue, 16 May 2023 20:07:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 14 Aug 2023 20:30:39 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/elements/html/ Frame 4FBF 20 KB
8 KB 207ms
207ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: 432933d36f8bfe0508263c2d6765cb88.safeframe.googlesyndication.com
URL: https://432933d36f8bfe0508263c2d6765cb88.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

cafe /

Resource Hash

fd4f1c9d69a243c7240669fd0fedbe8a66953243d409f75ae02dc4824b17cf68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://432933d36f8bfe0508263c2d6765cb88.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 00:00:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28992
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8271
x-xss-protection: 0
server: cafe
etag: 10419244916965318868
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Jun 2023 00:00:55 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 4FBF 205 B
518 B 447ms
190ms Image
image/png 142.250.184.227
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: 432933d36f8bfe0508263c2d6765cb88.safeframe.googlesyndication.com
URL: https://432933d36f8bfe0508263c2d6765cb88.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f3.1e100.net

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://432933d36f8bfe0508263c2d6765cb88.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 06:10:43 GMT
x-content-type-options: nosniff
age: 6804
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 22 May 2024 06:10:43 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 4FBF 604 B
695 B 447ms
190ms Image
image/png 142.250.184.227
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: 432933d36f8bfe0508263c2d6765cb88.safeframe.googlesyndication.com
URL: https://432933d36f8bfe0508263c2d6765cb88.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f3.1e100.net

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://432933d36f8bfe0508263c2d6765cb88.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 May 2023 21:54:01 GMT
x-content-type-options: nosniff
age: 36606
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 21 May 2024 21:54:01 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 4CFE
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECc9r0sVB7OZkzIhMr3CF00&google_cver=1&gdpr=0

43 B
766 B

259ms
131ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECc9r0sVB7OZkzIhMr3CF00&google_cver=1&gdpr=0
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM6TkZIDEMGZ6MsDGLelnukBMAE&v=APEucNXnT7umSuWS6lcHRDximBcjlnrTSonLrbYF3giWefzw15sj_AsCN1GYAhMPCT0O_An4awcia-ybT1ig3LoUMqmPIx73NO9M5SVzF-T_ic6R6j0sEog
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 May 2023 08:04:07 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Tue, 23 May 2023 08:04:07 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECc9r0sVB7OZkzIhMr3CF00&google_cver=1&gdpr=0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 324
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 4CFE
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&gdpr=0&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZGxzd-EMtSqei-hh2Jg7nAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECc9r0sVB7OZkzIhMr3CF00&google_cver=1

43 B
766 B

130ms
130ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECc9r0sVB7OZkzIhMr3CF00&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM6TkZIDEMGZ6MsDGLelnukBMAE&v=APEucNXnT7umSuWS6lcHRDximBcjlnrTSonLrbYF3giWefzw15sj_AsCN1GYAhMPCT0O_An4awcia-ybT1ig3LoUMqmPIx73NO9M5SVzF-T_ic6R6j0sEog
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 May 2023 08:04:08 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Tue, 23 May 2023 08:04:07 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECc9r0sVB7OZkzIhMr3CF00&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 4CFE
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0
https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEMEw0Ob0tQqVszexWYxMIBY&google_cver=1

43 B
1 KB

149ms
146ms

Image
image/gif

185.89.210.141
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEMEw0Ob0tQqVszexWYxMIBY&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM6TkZIDEMGZ6MsDGLelnukBMAE&v=APEucNXnT7umSuWS6lcHRDximBcjlnrTSonLrbYF3giWefzw15sj_AsCN1GYAhMPCT0O_An4awcia-ybT1ig3LoUMqmPIx73NO9M5SVzF-T_ic6R6j0sEog

Protocol

HTTP/1.1

Server

185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 May 2023 08:04:07 GMT
AN-X-Request-Uuid: 81365f3b-1b62-44bd-8a7e-9cdc8f78a308
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 91.239.206.129; 91.239.206.129; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 23 May 2023 08:04:07 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEMEw0Ob0tQqVszexWYxMIBY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4CFE
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTgwMjIxNDIzODU5NDY3Mjk0Nw%3D%3D

170 B
188 B

138ms
138ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTgwMjIxNDIzODU5NDY3Mjk0Nw%3D%3D

Requested by

Protocol

Server

142.250.74.194 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 08:04:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Tue, 23 May 2023 08:04:08 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 91.239.206.129; 91.239.206.129; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 8b074918-0e60-464b-8b84-5490607b4e20
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTgwMjIxNDIzODU5NDY3Mjk0Nw%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 81E2 0
20 B 163ms
163ms Ping
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8703505526850&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://432933d36f8bfe0508263c2d6765cb88.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 08:04:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 81E2 0
20 B 166ms
165ms Ping
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8703505526850&version=m202301230201&ct=119&x=1&cor=10696670262518458000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://432933d36f8bfe0508263c2d6765cb88.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 08:04:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 81E2 83 KB
35 KB 178ms
178ms Script
text/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DxEMDdj8KTqmLj8BkItLS2iPiboSNvWjd8AZ_8dSavvcNm67pWycEy4AhSTMGCJJ41O2D_GvmEaEBe6TP3bVFIuWWpsfie9o4FS-Uk8xKaaLgtRy4NECqlur9GbSetSgPZC70aNtH6H7zsIxU7JSDy5TpFOliYjgL9tr7LSx7WUbDOxzwfVc1dIjmiwx25UQB6hoeD&cry=1&dbm_d=AKAmf-BCqiyoOsPPw14YhAaN_mqJ_2PopE-sTvc3Cxa91OWcACogI7c2rehUAq3qgpBPRFMtyvBuMwqPsKGjDWiZYWflgtjcgAIzVslz9SjyvhhxXHq9Oz5AFCMhsrW4zQA-qSkuHYRXnqympugs0866Fzsb5pgPBzSbNX4d1gw4fFE8grECT8mcwuzq4bdyslhPOD2a7W2mDK96-uTlHNifn5MpsFcVdR6AlN5wELf2sPUi1mggv0XivfPWVrQgr33gyy5suEEusaC8WttFRsmqdh5-OK7WCudnqn3Cwt91zgkdOPKuoWfpSH4mfWZspXns3IoQrWiUKB0G70TU2sO9xii7jCmQRp-EU2xLNUNY5O1T3aFK3I-hl_34qdX5NmXYWUf90eEaWnm8HbehV_1JuHVEK5gjhxThY3old3Oa4Zub13nAR4nnhzkiHCEDyB4W-SOGVWrGUOPHU9Hf8b3OjggCiZouHExfMwjjJTBSqRcIVsJS78gHSbN2f9DUeyTkULeHm59ac6tCIqKZ4tzYLAbvI0nqSTHgU-_77JxLANJocC-7zM3YfkD0-4_R6xluvydVLMRxP-o2qlXVIwWaEdHmcC4mpiUlBWY1G68PXM4_RfaylFEJGns3PpOGcg5Dh5ntYgawNAuFa2Yst4rc4fW0yGlebQFSeCLPCvBt2SvPUVdvhO_slm8IbEgOhdyQO6r2tWHoYVa8Y4d4Jc1QJzgs3Sb_wI3jOfA-uoJXRcZD85elRfVvK4xi2JZucdr0RsjuMgpEG1v_VK2K9qkPfoy-AC-vw8Uy-T1kZwOzoAcK-QEFZ_WdTt8jm1NOLKkI-KlBdLTn0Q59AiZRJaDQtDWYuy-0QJs6ymQP2exlLOuB-lJRkyQau9o52gvoobcPr5WdNAwXF6yu1oT1UsNPQy5btkVDHCXXIVTBAqHNGI8xv_tPWCOM-k71Vrs9bTN5VT5XIj28MV9nVwxjXfEA1DegwvfT99irCsYbYl3sfrHjTnq03WTfjlySHPeUcAUfJZho1Z0YYK4Y4LKYQhiO-IjnRhSFMscbq1OUVsC_lMKpVugLXnX7jIh1XJnT5MHPxH5s8lZLuypJmFEsF207vAsM0bkfPaRpWi2dnkGokwHUgbN1W2-SpIGTpVAOMYO66faVscztmEETcf7OGJV_fUlZHoOvvlNzQw_HT0Tikv4DmzBLYgAm6KBlRZuwjrU68wsELHQj2tcpzuzhyvsAUJ-0-PPb6z_rwydDJNV4KjQEJuRySzCv7xFwYr4uNZZxGEUoskR1eUjKQFfG3w-Bh7kjIIKVUlx9SWhPo4LkajOk1YVQafCWkd-VR9ylA0wx4czcDxLdl4tIGPIbiSkKeTpXsUqkCYqr2TC3RxmqW8RN1HylJYEcMOBYwmIviYCqAZlkq28ZdRO2ZmXTEDxyIyOGPUEBo6sH7dF8n8HdU1DZ18jqa-n1s8o5zncoAbK7s1G8Q4Kw9tDpIOdeZo3LiDaY4jT8xeCnuuhaAsZiRI9yuZds85jaFUGxGYVnFSlM_qIDpQuDLwYd5yUlEzJOGbMQJA0G-M_mu-wROzvBxBDkia1RIYVxTO6vXbugr2hl7yBVALgVSc3SnRXDbQQilTU5U6mePTZHDm52tVp6HCVVxR397gy8sqBCNqPDhs8zx_iU6Fq_fDCZMrKNSppNNOw-QQzLAaf37Nyo29KqvubWAVarDEhwfrMbSO-tcCS6qLbN9EC0ev_rYV91TzZw5fwDV4h-pO-dGrusyINVTyjgrfNXn7d3s_yTT2uqBI-rG24FKDZmAZ3qZ2_A2uuKTZjlb_nv6H2nb_81ESsZr1PBtxNFPkpWU3kPfWAO2zXfr7lQm_2N1KB9chnRk3_CV8INnlQsZdsyqL98Y1A08pDAaUibYedl0f5Z-YV0oqYrb2lJhAr9fILKNq9J6LtUou8NRtxFndEz5c2p1bd8hYb4mlHIzcctcrqjb0uJaJgyToxCDu9Skq-ExWdKrrNFr-CgWxo6XzGRRubNA31SEomuckqqRo0I7FV_pDNEmXD06s20toaP2BodyCctRq489N8yROUJMSuBn7xYRXQdJPKrBjHkQiaxBZZ600QN-N_LfDEFJa8UNefhDSBUWj5FlkwVOIrrX_xYyezCDL5bFgBNKHFznA1cNkiPDYfr_ayDuzRj2TR7V3I6en5sYdnLAEMkZTnhirwYu_cYWJpEtiWDblPYR7LN_cqxYetS0oeJRzkA4Q2vvu6mlrF0ZqxW9AycC57zWeKpQ3r_nplbyaPQZFczF82RF36Obu1qgaAZKAttDA60lHrOdsWzjY3r_TDsz4_fve3ZCWS8k0IV-0woB44OYwB10IvlJfzL6-7a71lmNPhfG073IuzFn6latNVhqrBSnSNoP9b-IVhjb1azr1uxWJPawDDspUULOKSDM5KAF2MId92p307l90IdW3FcxkRS-VgRtQr9pWS6EN1jMYQTo0HY8CCHf9D5bIHSfF-Vw9Oz3x2yPMT96hBBrCVXhbUi7_LcA8cJpavi-yn6Or-nkVUBPxJ48JwFc1Rhx6hgVAnL0bX28BVp-G0T48Ym3JWF1hq8ZXZSvV969i78rMtw6l_5lkicjA94CXT8U_TI-tWXQdd0qEHxYD6PCXRHnPZ95kuOZqd8ZyOLNIipJ3yk5k3TMR_l2iIMirty1LOUTVG299jYpLG8vGxZAg3FSAyICGGCy31GorRumZVGOkBmxbKEuhriyWTcsCODfioCjyKp9qKb6gmnXQDdupklISskxy7SqyvHvPdr8wsOtq4rvSbvSlqaxaPeJvjg8cCYTT9gKXs8DmKtqfMTYWn-bFAIdWvqvg6ZIJM8qZsgeEjno0Jm_cc1KeK249SeWJFAD_B63-hIHOUFRNTfpkcdRomGPnXonqeU_mLeExJ8_G6YnLAGaivIb9AFxwO7KB1c4FFsTWHoskhxZmhNslrpEM_yuEoO7GQC77qn_lFev36AtKSWH-gdlDZLHqvh1AgTUFuW455wtVWUjy-p1bAYzSLNiGcTriUjrpy_2NEGov0Cr2GJ2pDg_Po4r0hZNTm5Pk-8ATqwEQR2AcG3g9G_tZvEzBr48I_1RmRSnxpZ6Qtw2-OGCbEj1gLxJxoxU2ShxwR_TJveZV_rfxGVqFKAARCgC8PR04646zy2xFWgdqUj4PPrOwjpJlYCusVCrjtdhZ7KRt2mjh0rmqcmqKWE-2pKbb4sC_S14orSccpTTqqGPEOe5-rPGDIRQDWEXKMqSwmKxnr79J2SgXMcbIfzYM3ECIhGqifh-DkL2fxp6RL7mYzAVZP-08ZVjlg3g7C5galROHfTIegEqq56XRg03adyur5grjuda796dbLGA6rdr0wCHt0Wi3yHHMON7xR6jhesALNOxlT8WcKLnZZW7VM2SI9PWOjuIziGTXcgeRvYF-dzfRCij99QMtO5Uc0eFf1YCPpxAlpTJ-muRGYa21Wk2yq5GA3Xw8jOaz944sE8Cf92SXwIi2FuwtgG9GDuPmc1ZE69imaI1h9kh32JuNZkc2TIFFetIIPQyPrlvrRVZM52gbKPF9XMM2jDxqlgS5dabLk6_FnC4Y39zOTwE0Ak5IaJ-8xeBKIzCW05Rq7IW6AY2ivmIIl3WkTZKWpXvvsA9gaiQkFdh9dUy87RfTzZVeipW8wy09VuOgZA0B97NJk&cid=CAQSTABygQiDYhIA03eebKkdMGU3dqqCma9yU9fBH6nFTAIDf9aByE5RS3BlcAmRqwhjyICMaqzDRHEo4cCqjkAmztvpi6Tp8wzLSHeIlDwYAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2Fnote1s.com%2F&ds=l&xdt=1&iif=1&cor=10696670262518458000&adk=2228999115&idt=308&cac=0&dtd=14

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

cafe /

Resource Hash

3cbc669199e9c6f99959792cce15a854a5836c9ff6c755a90812453a82622a1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://432933d36f8bfe0508263c2d6765cb88.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 08:04:07 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35890
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 2174 143 B
166 B 136ms
135ms Document
text/html 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: 432933d36f8bfe0508263c2d6765cb88.safeframe.googlesyndication.com
URL: https://432933d36f8bfe0508263c2d6765cb88.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://432933d36f8bfe0508263c2d6765cb88.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

age: 733
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 23 May 2023 07:51:54 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 2174
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

142ms
142ms

Document
text/html

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: 432933d36f8bfe0508263c2d6765cb88.safeframe.googlesyndication.com
URL: https://432933d36f8bfe0508263c2d6765cb88.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 23 May 2023 08:04:08 GMT
expires: Tue, 23 May 2023 08:04:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 23 May 2023 08:04:08 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 81E2 106 KB
37 KB 396ms
128ms Script
text/javascript 142.250.185.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: note1s.com
URL: https://note1s.com/notes/4RPMBNO

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f6.1e100.net

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://432933d36f8bfe0508263c2d6765cb88.safeframe.googlesyndication.com/
Origin: https://432933d36f8bfe0508263c2d6765cb88.safeframe.googlesyndication.com
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 May 2023 10:49:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 76504
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 23 May 2023 10:49:04 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230518/r20110914/elements/html/ Frame 81E2 11 KB
4 KB 128ms
127ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230518/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DxEMDdj8KTqmLj8BkItLS2iPiboSNvWjd8AZ_8dSavvcNm67pWycEy4AhSTMGCJJ41O2D_GvmEaEBe6TP3bVFIuWWpsfie9o4FS-Uk8xKaaLgtRy4NECqlur9GbSetSgPZC70aNtH6H7zsIxU7JSDy5TpFOliYjgL9tr7LSx7WUbDOxzwfVc1dIjmiwx25UQB6hoeD&cry=1&dbm_d=AKAmf-BCqiyoOsPPw14YhAaN_mqJ_2PopE-sTvc3Cxa91OWcACogI7c2rehUAq3qgpBPRFMtyvBuMwqPsKGjDWiZYWflgtjcgAIzVslz9SjyvhhxXHq9Oz5AFCMhsrW4zQA-qSkuHYRXnqympugs0866Fzsb5pgPBzSbNX4d1gw4fFE8grECT8mcwuzq4bdyslhPOD2a7W2mDK96-uTlHNifn5MpsFcVdR6AlN5wELf2sPUi1mggv0XivfPWVrQgr33gyy5suEEusaC8WttFRsmqdh5-OK7WCudnqn3Cwt91zgkdOPKuoWfpSH4mfWZspXns3IoQrWiUKB0G70TU2sO9xii7jCmQRp-EU2xLNUNY5O1T3aFK3I-hl_34qdX5NmXYWUf90eEaWnm8HbehV_1JuHVEK5gjhxThY3old3Oa4Zub13nAR4nnhzkiHCEDyB4W-SOGVWrGUOPHU9Hf8b3OjggCiZouHExfMwjjJTBSqRcIVsJS78gHSbN2f9DUeyTkULeHm59ac6tCIqKZ4tzYLAbvI0nqSTHgU-_77JxLANJocC-7zM3YfkD0-4_R6xluvydVLMRxP-o2qlXVIwWaEdHmcC4mpiUlBWY1G68PXM4_RfaylFEJGns3PpOGcg5Dh5ntYgawNAuFa2Yst4rc4fW0yGlebQFSeCLPCvBt2SvPUVdvhO_slm8IbEgOhdyQO6r2tWHoYVa8Y4d4Jc1QJzgs3Sb_wI3jOfA-uoJXRcZD85elRfVvK4xi2JZucdr0RsjuMgpEG1v_VK2K9qkPfoy-AC-vw8Uy-T1kZwOzoAcK-QEFZ_WdTt8jm1NOLKkI-KlBdLTn0Q59AiZRJaDQtDWYuy-0QJs6ymQP2exlLOuB-lJRkyQau9o52gvoobcPr5WdNAwXF6yu1oT1UsNPQy5btkVDHCXXIVTBAqHNGI8xv_tPWCOM-k71Vrs9bTN5VT5XIj28MV9nVwxjXfEA1DegwvfT99irCsYbYl3sfrHjTnq03WTfjlySHPeUcAUfJZho1Z0YYK4Y4LKYQhiO-IjnRhSFMscbq1OUVsC_lMKpVugLXnX7jIh1XJnT5MHPxH5s8lZLuypJmFEsF207vAsM0bkfPaRpWi2dnkGokwHUgbN1W2-SpIGTpVAOMYO66faVscztmEETcf7OGJV_fUlZHoOvvlNzQw_HT0Tikv4DmzBLYgAm6KBlRZuwjrU68wsELHQj2tcpzuzhyvsAUJ-0-PPb6z_rwydDJNV4KjQEJuRySzCv7xFwYr4uNZZxGEUoskR1eUjKQFfG3w-Bh7kjIIKVUlx9SWhPo4LkajOk1YVQafCWkd-VR9ylA0wx4czcDxLdl4tIGPIbiSkKeTpXsUqkCYqr2TC3RxmqW8RN1HylJYEcMOBYwmIviYCqAZlkq28ZdRO2ZmXTEDxyIyOGPUEBo6sH7dF8n8HdU1DZ18jqa-n1s8o5zncoAbK7s1G8Q4Kw9tDpIOdeZo3LiDaY4jT8xeCnuuhaAsZiRI9yuZds85jaFUGxGYVnFSlM_qIDpQuDLwYd5yUlEzJOGbMQJA0G-M_mu-wROzvBxBDkia1RIYVxTO6vXbugr2hl7yBVALgVSc3SnRXDbQQilTU5U6mePTZHDm52tVp6HCVVxR397gy8sqBCNqPDhs8zx_iU6Fq_fDCZMrKNSppNNOw-QQzLAaf37Nyo29KqvubWAVarDEhwfrMbSO-tcCS6qLbN9EC0ev_rYV91TzZw5fwDV4h-pO-dGrusyINVTyjgrfNXn7d3s_yTT2uqBI-rG24FKDZmAZ3qZ2_A2uuKTZjlb_nv6H2nb_81ESsZr1PBtxNFPkpWU3kPfWAO2zXfr7lQm_2N1KB9chnRk3_CV8INnlQsZdsyqL98Y1A08pDAaUibYedl0f5Z-YV0oqYrb2lJhAr9fILKNq9J6LtUou8NRtxFndEz5c2p1bd8hYb4mlHIzcctcrqjb0uJaJgyToxCDu9Skq-ExWdKrrNFr-CgWxo6XzGRRubNA31SEomuckqqRo0I7FV_pDNEmXD06s20toaP2BodyCctRq489N8yROUJMSuBn7xYRXQdJPKrBjHkQiaxBZZ600QN-N_LfDEFJa8UNefhDSBUWj5FlkwVOIrrX_xYyezCDL5bFgBNKHFznA1cNkiPDYfr_ayDuzRj2TR7V3I6en5sYdnLAEMkZTnhirwYu_cYWJpEtiWDblPYR7LN_cqxYetS0oeJRzkA4Q2vvu6mlrF0ZqxW9AycC57zWeKpQ3r_nplbyaPQZFczF82RF36Obu1qgaAZKAttDA60lHrOdsWzjY3r_TDsz4_fve3ZCWS8k0IV-0woB44OYwB10IvlJfzL6-7a71lmNPhfG073IuzFn6latNVhqrBSnSNoP9b-IVhjb1azr1uxWJPawDDspUULOKSDM5KAF2MId92p307l90IdW3FcxkRS-VgRtQr9pWS6EN1jMYQTo0HY8CCHf9D5bIHSfF-Vw9Oz3x2yPMT96hBBrCVXhbUi7_LcA8cJpavi-yn6Or-nkVUBPxJ48JwFc1Rhx6hgVAnL0bX28BVp-G0T48Ym3JWF1hq8ZXZSvV969i78rMtw6l_5lkicjA94CXT8U_TI-tWXQdd0qEHxYD6PCXRHnPZ95kuOZqd8ZyOLNIipJ3yk5k3TMR_l2iIMirty1LOUTVG299jYpLG8vGxZAg3FSAyICGGCy31GorRumZVGOkBmxbKEuhriyWTcsCODfioCjyKp9qKb6gmnXQDdupklISskxy7SqyvHvPdr8wsOtq4rvSbvSlqaxaPeJvjg8cCYTT9gKXs8DmKtqfMTYWn-bFAIdWvqvg6ZIJM8qZsgeEjno0Jm_cc1KeK249SeWJFAD_B63-hIHOUFRNTfpkcdRomGPnXonqeU_mLeExJ8_G6YnLAGaivIb9AFxwO7KB1c4FFsTWHoskhxZmhNslrpEM_yuEoO7GQC77qn_lFev36AtKSWH-gdlDZLHqvh1AgTUFuW455wtVWUjy-p1bAYzSLNiGcTriUjrpy_2NEGov0Cr2GJ2pDg_Po4r0hZNTm5Pk-8ATqwEQR2AcG3g9G_tZvEzBr48I_1RmRSnxpZ6Qtw2-OGCbEj1gLxJxoxU2ShxwR_TJveZV_rfxGVqFKAARCgC8PR04646zy2xFWgdqUj4PPrOwjpJlYCusVCrjtdhZ7KRt2mjh0rmqcmqKWE-2pKbb4sC_S14orSccpTTqqGPEOe5-rPGDIRQDWEXKMqSwmKxnr79J2SgXMcbIfzYM3ECIhGqifh-DkL2fxp6RL7mYzAVZP-08ZVjlg3g7C5galROHfTIegEqq56XRg03adyur5grjuda796dbLGA6rdr0wCHt0Wi3yHHMON7xR6jhesALNOxlT8WcKLnZZW7VM2SI9PWOjuIziGTXcgeRvYF-dzfRCij99QMtO5Uc0eFf1YCPpxAlpTJ-muRGYa21Wk2yq5GA3Xw8jOaz944sE8Cf92SXwIi2FuwtgG9GDuPmc1ZE69imaI1h9kh32JuNZkc2TIFFetIIPQyPrlvrRVZM52gbKPF9XMM2jDxqlgS5dabLk6_FnC4Y39zOTwE0Ak5IaJ-8xeBKIzCW05Rq7IW6AY2ivmIIl3WkTZKWpXvvsA9gaiQkFdh9dUy87RfTzZVeipW8wy09VuOgZA0B97NJk&cid=CAQSTABygQiDYhIA03eebKkdMGU3dqqCma9yU9fBH6nFTAIDf9aByE5RS3BlcAmRqwhjyICMaqzDRHEo4cCqjkAmztvpi6Tp8wzLSHeIlDwYAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2Fnote1s.com%2F&ds=l&xdt=1&iif=1&cor=10696670262518458000&adk=2228999115&idt=308&cac=0&dtd=14

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

a9b847c681a24b03ba8acc0b4dcd8aab9acf8c4d3131be784d488e2402d57427

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://432933d36f8bfe0508263c2d6765cb88.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 May 2023 21:53:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36665
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4122
x-xss-protection: 0
server: cafe
etag: 11429739870029468282
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Jun 2023 21:53:02 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230518/r20110914/ Frame 81E2 28 KB
11 KB 127ms
127ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230518/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

21bf4b49938284aaececf999f198f621de0aa792bb5315fc21255d0ab439e145

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://432933d36f8bfe0508263c2d6765cb88.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 May 2023 22:03:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36043
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11001
x-xss-protection: 0
server: cafe
etag: 16383942900985251592
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Jun 2023 22:03:24 GMT

GET
H2 200 p-25CIknq_eSg16.gif
cms.quantserve.com/pixel/ Frame 7EED 35 B
372 B 389ms
129ms Image
image/gif 91.228.74.208
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0

Requested by

Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?cc=1&plm=5

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.228.74.208 , United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 08:04:08 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 7EED
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=22
https://c1.adform.net/serving/cookie/match?CC=1&party=22
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8502093648898732359

43 B
106 B

146ms
140ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8502093648898732359
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?cc=1&plm=5
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 08:04:08 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 23 May 2023 08:04:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8502093648898732359
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame 7EED
Redirect Chain

https://match.adsrvr.org/track/cmf/openx?oxid=73a4dead-9e16-3859-41ec-634809776459&gdpr=0
https://match.adsrvr.org/track/cmb/openx?oxid=73a4dead-9e16-3859-41ec-634809776459&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537072971&val=1725630d-474d-47f2-8617-7228aec5d20e&ttd_puid=73a4dead-9e16-3859-41ec-634809776459&gdpr=0&gdpr_consent=

43 B
62 B

136ms
136ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072971&val=1725630d-474d-47f2-8617-7228aec5d20e&ttd_puid=73a4dead-9e16-3859-41ec-634809776459&gdpr=0&gdpr_consent=
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?cc=1&plm=5
Protocol: H3
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 08:04:08 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 23 May 2023 08:04:08 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072971&val=1725630d-474d-47f2-8617-7228aec5d20e&ttd_puid=73a4dead-9e16-3859-41ec-634809776459&gdpr=0&gdpr_consent=
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 335

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame 7EED 170 B
243 B 141ms
139ms Image
image/png 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NWZjYjBkNjctNTc2MS02NmZkLTU0MGMtMzlmMWMzOTVhYTM5

Requested by

Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?cc=1&plm=5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 08:04:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 7EED
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELDGC43CMbHdmZnEHsnl7tA&google_cver=1

43 B
180 B

142ms
141ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELDGC43CMbHdmZnEHsnl7tA&google_cver=1
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?cc=1&plm=5
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 08:04:08 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 23 May 2023 08:04:07 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELDGC43CMbHdmZnEHsnl7tA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 81E2 41 KB
15 KB 131ms
130ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 432933d36f8bfe0508263c2d6765cb88.safeframe.googlesyndication.com
URL: https://432933d36f8bfe0508263c2d6765cb88.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://432933d36f8bfe0508263c2d6765cb88.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 May 2023 19:05:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 133133
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 20 May 2024 19:05:15 GMT

GET
DATA 200
OK truncated
/ Frame 81E2 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 02bfcf0e143cda6197150a8820c6b435b1899a771f79c30a44797cc9db8bbedc

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 59E8 22 KB
8 KB 130ms
129ms Document
text/html 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://432933d36f8bfe0508263c2d6765cb88.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

accept-ranges: bytes
age: 132760
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 21 May 2023 19:11:28 GMT
expires: Mon, 20 May 2024 19:11:28 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 b4kQu0tD4hSA-hVARc1fzzODE0daF2Vy-bPLW9uau78.js Show response
pagead2.googlesyndication.com/bg/ Frame 59E8 37 KB
14 KB 129ms
128ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/b4kQu0tD4hSA-hVARc1fzzODE0daF2Vy-bPLW9uau78.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

sffe /

Resource Hash

6f8910bb4b43e21480fa154045cd5fcf338313475a176572f9b3cb5bdb9abbbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 07:51:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 764
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14738
x-xss-protection: 0
last-modified: Mon, 15 May 2023 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 22 May 2024 07:51:24 GMT

GET
H3 200 b4kQu0tD4hSA-hVARc1fzzODE0daF2Vy-bPLW9uau78.js Show response
pagead2.googlesyndication.com/bg/ Frame DE23 37 KB
14 KB 128ms
128ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/b4kQu0tD4hSA-hVARc1fzzODE0daF2Vy-bPLW9uau78.js

Requested by

Host: note1s.com
URL: https://note1s.com/notes/4RPMBNO

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

sffe /

Resource Hash

6f8910bb4b43e21480fa154045cd5fcf338313475a176572f9b3cb5bdb9abbbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://432933d36f8bfe0508263c2d6765cb88.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 07:51:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 764
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14738
x-xss-protection: 0
last-modified: Mon, 15 May 2023 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 22 May 2024 07:51:24 GMT

GET
H3 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame 968C 62 KB
23 KB 129ms
129ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Host: 432933d36f8bfe0508263c2d6765cb88.safeframe.googlesyndication.com
URL: https://432933d36f8bfe0508263c2d6765cb88.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

394684214f756ae9ed1c58c1c829b217440ec8ce39873a83d2b21e718928634c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://432933d36f8bfe0508263c2d6765cb88.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 07:22:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2506
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23476
x-xss-protection: 0
server: cafe
etag: 8052424120171035517
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Tue, 23 May 2023 08:22:22 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/4320456394404654201/ Frame A7E4 70 KB
20 KB 390ms
130ms Document
text/html 142.250.185.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/4320456394404654201/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f6.1e100.net

Software

sffe /

Resource Hash

93e9e97f12d19062b6e74e333efc1b63ae51e3432bfd610e0db3eb22c4761b0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://432933d36f8bfe0508263c2d6765cb88.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 29493
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 19952
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Mon, 22 May 2023 23:52:35 GMT
expires: Tue, 21 May 2024 23:52:35 GMT
last-modified: Mon, 08 May 2023 13:04:26 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 81E2 0
0 450ms
173ms Fetch
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst_qhKr-Au7lfr0XrOj8szSDvvymFHRWSkDvESLSMlGEVgyW__mo8Qjzinl4JyPJRk9UbUg4k-2wF9vVGdrBls-JvpWa-clR95vv8j5cmylQwDEMl0p8p3cRp4gK6w95gbbbJpYG7oEdV5P96uWXCCA2PLh44jQkvU8U9ffP-smyg7HlP5U14vixSF6KKuMzyShvFAji4b5He_VwgENZfp_pJSLLZJkEMJDez8GU1hOEbe_6wpy8x-XOznTB-TcEwy80kohJFEKnUKoDFJcgSDpR78a82SQzHNCQQPTavUjXPjDR99q38yJKHE5akAwCar6jgvKMl6WbCQZvewEyAI5ItKPeZVerYagsh3TiHcpg8ZNvby5UTbLU1w_IlKyaZgttJHgfXfjVJlt3Dsej3Uk61J1dwe3u12F4UDlQOU18_Z3FmW0Q0OCILSrZYVoxf3Un93OB4x1EyC9lKxv6zYv6u7_KWMiUSuNeMBySBR8cn8vLrIcCk_FxDHboxhHCjM9tFxPL2RiJDGEtiAIljUNy2GCmo1a-PtyFoxP9QF41aX_nPOHSC3vbBeD7li_I4dYRfwRc-2YcZfn7zvU21d7A-voXMvekDGFa5dwZ0DEFjc9SweygKZhdTlKOKbOyWMj1Vin4I-tZ5Ku1OpmcWc7gTznGUdTUMAvmZWVexcm9H6EhWef1dQe7g1KSmWv9q3q-VP-4huIwmE9O0LfZZt9OIXOJwk34-3sIRff5X7LR_fLhclytCDN_xJ2aUVuWusPIdFXqXlW-T_zoPPKMTyiC07RuzZNrGdNsEAn1y8-37FMJA7CJTlPl7g71jVxmumntfk5kBmEv0bkcyvZxUjGtG43VnFEyQYy-Nukq2MwvYGYFdKxzRQUjudAw-me8MwEngds0p3MyN5zlKVfC8pePOP5YDsHJgpJuUpI0ZlEvzZVG1KetO3OD1N_BWgA01Q0oph-vU_oLpIsrVs5NkFMOUoZmZlOBWCgxD66UOsEOxZjR-QESdKURHbgUYJrafawtX2iB-c8mCufV3pjRdNboJxavW2kMPgHUaRRU3iEeH7wStFciNMiqfpjNo5GVCvU_b_BqNCV8NV043AhjjKDGCLACrMqRBygAvUfO8VvnDeTHHWmKR_JFDj4lxsDmoZOSdjcY6eXpdmBhZvDCZqMER_97GKsI5RdLEgBZFc&sai=AMfl-YRXqsR4DyV44Df1iq0cFStU_76wrapqbKpR1iyyGMQ8tsnZRlmVMVpyyvUTG_FmYbvB3XcOnIPgH8nO4SSEdHqKNvUw9-6j4KzExk67jb2dkyYZqDJo2-nwcJGu39MJY8qgDQqL20usu0JFywfKClJez48rAP4MM9LneBRhSHgdcexIBkN9IuMkU0C7bV4ywkJScl1TSj8LfQlCMaCyWCEhU3G4GDi8fCFbNrhxCsupKG0SRlWBWiOut5lCVamYPbCSSvzUWz4PIw9vFROe8tAxw-6MalDdCLHc0sRAA8iW7U-wju4z6L61uCqSTxg&sig=Cg0ArKJSzDaSQISp23O0EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=511&cbvp=1&cstd=507&cisv=r20230518.45335&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: note1s.com
URL: https://note1s.com/notes/4RPMBNO

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://432933d36f8bfe0508263c2d6765cb88.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 23 May 2023 08:04:08 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Tue, 23 May 2023 08:04:08 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 968C 0
20 B 162ms
161ms Ping
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=urind

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://432933d36f8bfe0508263c2d6765cb88.safeframe.googlesyndication.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 23 May 2023 08:04:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 968C 0
20 B 163ms
163ms Ping
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=urind

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://432933d36f8bfe0508263c2d6765cb88.safeframe.googlesyndication.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 23 May 2023 08:04:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 968C 0
234 B 825ms
285ms Ping
image/gif 172.217.0.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~lhzzppx5&e=21068133&ctx=2&qqid=CN7fxqb9iv8CFYvVdwodPdUH6Q&met.4=fb.e~lb.6n~ol.qf~idt.aj~dt.-ss&met.3=492.m_1~733.bu~748.cg~742.bt_p~739.ck~555.dc~556.dc_2~738.qe~749.qe_1~113.up_6~113.uv_1~112.un_8&met.1=1.lhzzpp2i~14.1~15.0~16.1~17.1~18.1~19.1~20.1~21.1~1.lhzzpoxd~6.1~7.1~8.1~9.1~10.1~12.3~13.3n~14.4m~15.4q~16.c6~17.c6~18.c6~19.vj~20.vj~21.vk&met.7=CBIQBxgBIBAoEDCcATiMAWgRcJsBeLQJgAGIB4gB5USqARUKE0dvb2dsZSBTYW5zOjQwMCw1MDCwAQG4AQM~CBwQChgBIBYoFjCkATiOAWgXcKMBeI4IgAHiBYgBkQywAQG4AQM~CAkQChgBIBgoGDDdATjFAWgYcKQBePhGgAHMRIgBvq8BsAEBuAED~CB4QChgBIBgoGDDeATjGAWgZcN0BeIAMgAHUCYgBgRWwAQG4AQM~CBwQChgBIBkoGTDrATjSAWgacN4BeL1AgAGRPogBtpcBsAEBuAED~CE0QChgBIBkoGTChAziIA2gacLQBeKKqA4AB9qcDiAHb1gqwAQG4AQM~CBsQChgBIBkoGTDeAzjFAw~CCgQBRgBIOMBKOMBMOwCOIoBaOUBcOwCeL0DgAGRAYgBjwGwAQG4AQM~CCgQChgBILgHKLgHMM0IOJUBaLkHcLoIeOC5AYABtLcBiAGt7wOwAQG4AQM~CBsQCBgBKAEwpgE48AhoA3CEAXiJF4AB3RSIAZIwoAHH_v________8BsAEBuAED~CBIQBxgBILgBKLgBMMwCOJMBaLsBcMoCeK8HgAGDBYgBvCOgAcf-_________wGqARUKE1JvYm90bzp3Z2h0QDQwMDs3MDCwAQG4AQM~CEsQChgBINYBKNYBMLQDON4BaNYBcKUDePtCgAHPQIgBy5wBoAHH_v________8BsAEBuAED~CBsQBhgBINgBKNgBMJcFOL8D~CBsQBhgBINgBKNgBMJgFOMAD
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.0.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: nuq04s19-in-f3.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://432933d36f8bfe0508263c2d6765cb88.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 08:04:09 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 59E8 0
20 B 166ms
165ms Image
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B4Zgqd3NsZKP_HMKugAfJiJywCwAAAAA4AeAEAg&bg=!_f6l_qrNAAZ8_aWmXP07ADkAdvg8WlgoNUCCT_QqhsjWCRmKtyRSoDFS7Ks-es0317Q61S7daI0bAdwSH-RUDwVS3py4YZqcakgCAAAAUlIAAAADaAEHCgA4mkKf-4NuWu6pwqgbahLkPDLGbWVHunwulCqw9KwjgeX0HCPV6bMKHln7LqyZwSCCbUeykzxw-26ZAuQXRWxx5PrHZpWoBXfMuJ7dN6IQ-WkG8C4KXrPh2TNmeBLNfjo5nYF5l0sW47XmZx8a_TEnkpyebSI3LPYSFYUbTP7XmnB0JWsVziGljZUmwjAL8eQ-hI8pykb6CKPVexSSzxHZp1YPm8565nnxN3aH4j2L26lVP-WQkQpqTppSoTFwQtRv3A-KBb0EGj7u4hTwfuzQtUPSIWy9agqSw6S07Y1sc8APV2jsYE17-bYgjY57iD93YF4gtRZLYjVhkD1N2TAxt8Fkdp0i11YevLEF-zwaRQtBrufQWuu9f_7YSFd-n2hXIFPNGCK8V4U0jgJQVZwtQXnUlqHZVmLtq2uNk8qIuGmIMSY1BlTU69n9AEyXOrQkMbB8sZoQ570rJB3TIMHCvCzEDxWDtTIKCGXOlyLj270aUCi57LDbASyRnX9xFiQmaeyYYLy6t7EsdJzzJMh-bx8U7oXl8hkeDwtDcpui-DByrR1md2JYigZAdeP20nxQulhpvfsR1ReBKrdfMbef8eAioc_A3yE1lHEe3L507E9JM5YWpnyoNnAP2JhZbdp6juyuBLgoTkWRWwXbMvdyJJJGCsLQoTJUdZUusr6bkE__mlEYZ6KdrjaNHpe-60t7JTFWOe_3pf-I8vhn2UuJxmxP83IVUZoGs5A9__RmNPDttK5QcUZ1Syxy8dEMfvVzANKSWBDejdJwPSkDMEqkKJJFUZRbHiQBha7_mfy4GwGjJXd_2-S4ZDTeoSEfFqUz4G3Tc1e4M7uyLHYnNJH_WU0JkNZn12nmS0xAD12BYes9pW1qwbAWXpjuRJpPQ4Iw-He2gqtvDmgdn0c8xG8JDGbypIuerk90o-CQT3Pa7cv37U5mA025hpWaO5POwA4eezbH4Cb2rLKuROtLIa0_kCIwf8fJoacCaFh5ixS_KswS4wSR9m_9ROrNBSrAs6-oHpqXB3bPngjEz1ydDGTvj2S6ZFmXPOYjI25pToxWUg

Requested by

Host: 432933d36f8bfe0508263c2d6765cb88.safeframe.googlesyndication.com
URL: https://432933d36f8bfe0508263c2d6765cb88.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 08:04:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 DcmEnabler_01_250.js Show response
s0.2mdn.net/879366/ Frame A7E4 32 KB
11 KB 130ms
130ms Script
text/javascript 142.250.185.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4320456394404654201/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f6.1e100.net

Software

sffe /

Resource Hash

fc9fe8ec0612072dc6d3b4acd268e09d28c253807f47846a5f70dd8360d1a0d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4320456394404654201/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 07:59:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 306
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11558
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 21:28:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 24 May 2023 07:59:02 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 81E2 0
0 165ms
164ms Fetch
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst_qhKr-Au7lfr0XrOj8szSDvvymFHRWSkDvESLSMlGEVgyW__mo8Qjzinl4JyPJRk9UbUg4k-2wF9vVGdrBls-JvpWa-clR95vv8j5cmylQwDEMl0p8p3cRp4gK6w95gbbbJpYG7oEdV5P96uWXCCA2PLh44jQkvU8U9ffP-smyg7HlP5U14vixSF6KKuMzyShvFAji4b5He_VwgENZfp_pJSLLZJkEMJDez8GU1hOEbe_6wpy8x-XOznTB-TcEwy80kohJFEKnUKoDFJcgSDpR78a82SQzHNCQQPTavUjXPjDR99q38yJKHE5akAwCar6jgvKMl6WbCQZvewEyAI5ItKPeZVerYagsh3TiHcpg8ZNvby5UTbLU1w_IlKyaZgttJHgfXfjVJlt3Dsej3Uk61J1dwe3u12F4UDlQOU18_Z3FmW0Q0OCILSrZYVoxf3Un93OB4x1EyC9lKxv6zYv6u7_KWMiUSuNeMBySBR8cn8vLrIcCk_FxDHboxhHCjM9tFxPL2RiJDGEtiAIljUNy2GCmo1a-PtyFoxP9QF41aX_nPOHSC3vbBeD7li_I4dYRfwRc-2YcZfn7zvU21d7A-voXMvekDGFa5dwZ0DEFjc9SweygKZhdTlKOKbOyWMj1Vin4I-tZ5Ku1OpmcWc7gTznGUdTUMAvmZWVexcm9H6EhWef1dQe7g1KSmWv9q3q-VP-4huIwmE9O0LfZZt9OIXOJwk34-3sIRff5X7LR_fLhclytCDN_xJ2aUVuWusPIdFXqXlW-T_zoPPKMTyiC07RuzZNrGdNsEAn1y8-37FMJA7CJTlPl7g71jVxmumntfk5kBmEv0bkcyvZxUjGtG43VnFEyQYy-Nukq2MwvYGYFdKxzRQUjudAw-me8MwEngds0p3MyN5zlKVfC8pePOP5YDsHJgpJuUpI0ZlEvzZVG1KetO3OD1N_BWgA01Q0oph-vU_oLpIsrVs5NkFMOUoZmZlOBWCgxD66UOsEOxZjR-QESdKURHbgUYJrafawtX2iB-c8mCufV3pjRdNboJxavW2kMPgHUaRRU3iEeH7wStFciNMiqfpjNo5GVCvU_b_BqNCV8NV043AhjjKDGCLACrMqRBygAvUfO8VvnDeTHHWmKR_JFDj4lxsDmoZOSdjcY6eXpdmBhZvDCZqMER_97GKsI5RdLEgBZFc&sai=AMfl-YRXqsR4DyV44Df1iq0cFStU_76wrapqbKpR1iyyGMQ8tsnZRlmVMVpyyvUTG_FmYbvB3XcOnIPgH8nO4SSEdHqKNvUw9-6j4KzExk67jb2dkyYZqDJo2-nwcJGu39MJY8qgDQqL20usu0JFywfKClJez48rAP4MM9LneBRhSHgdcexIBkN9IuMkU0C7bV4ywkJScl1TSj8LfQlCMaCyWCEhU3G4GDi8fCFbNrhxCsupKG0SRlWBWiOut5lCVamYPbCSSvzUWz4PIw9vFROe8tAxw-6MalDdCLHc0sRAA8iW7U-wju4z6L61uCqSTxg&sig=Cg0ArKJSzDaSQISp23O0EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1106&vt=11&dtpt=595&dett=3&cstd=507&cisv=r20230518.45335&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: note1s.com
URL: https://note1s.com/notes/4RPMBNO

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://432933d36f8bfe0508263c2d6765cb88.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 08:04:08 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 23 May 2023 08:04:08 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 454ms
194ms XHR
application/json 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202305160101&st=env

Requested by

Host: note1s.com
URL: https://note1s.com/notes/4RPMBNO

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

8dea632b5a76b1de70beaf14de6175e60d76635363261fcc58cba942da1bd853

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://note1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 08:04:09 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11190
x-xss-protection: 0

GET
H3 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame 81E2 62 KB
23 KB 126ms
126ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Host: 432933d36f8bfe0508263c2d6765cb88.safeframe.googlesyndication.com
URL: https://432933d36f8bfe0508263c2d6765cb88.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

394684214f756ae9ed1c58c1c829b217440ec8ce39873a83d2b21e718928634c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://432933d36f8bfe0508263c2d6765cb88.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 07:22:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2506
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23476
x-xss-protection: 0
server: cafe
etag: 8052424120171035517
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Tue, 23 May 2023 08:22:22 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 81E2 0
20 B 163ms
163ms Ping
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=urind

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://432933d36f8bfe0508263c2d6765cb88.safeframe.googlesyndication.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 23 May 2023 08:04:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 81E2 0
54 B 286ms
286ms Ping
image/gif 172.217.0.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~lhzzpqeh&e=21068133&ctx=2&qqid=CN3fxqb9iv8CFYvVdwodPdUH6Q&met.4=fb.4f~lb.t2~ol.1js~idt.mm~dt.-gp&met.3=733.t5~748.tq~749.tr~742.t5_v~735.u4_2~740.u6_1~739.u7~374.xe~738.1jq_1~113.1o2_3~112.1o2_3&met.1=1.lhzzpoqf~6.3~7.3~8.3~9.3~10.3~12.d~13.40~14.42~15.44~16.u7~17.u7~18.u7~19.1jp~20.1jr~21.1js&met.7=CBsQCBgBKAMwkQE42A9oDXCPAXiJF4AB3RSIAZIwsAEBuAED~CCgQBRgBIKEBKKEBMLEDOJACaKUBcLEDeJYEgAHqAYgBhQWwAQG4AQM~CBwQChgBIKIBKKIBMNYDOLQCaKcBcL8DeLbdAYABitsBiAGp7gSwAQG4AQM~CBwQBhgBIKIBKKIBMNACOK4BaKcBcM8CeNYCgAEqiAEqsAEBuAED~CBwQBhgBIKMBKKMBMNECOK4BaKcBcM8CeKwCsAEBuAED~CB4QChgBIKMBKKMBMNQEOLEDaMUDcNMEeIAMgAHUCYgBgRWwAQG4AQM~CBwQChgBIKMBKKMBMM8EOKwDQKcBSKgBUKgBWMQDYPABaMUDcMoEeL1AgAGRPogBtpcBsAEBuAED~CE0QChgBIKMBKKMBMLMDOJACaKgBcLYCeKKqA4AB9qcDiAHb1gqwAQG4AQM~CBwQARgBIOEDKOEDMIUFOKQBaOEDcIQFeKwCsAEBuAED~CBwQARgBIOUDKOUDMI4FOKkBaOgDcI4FeKwCsAEBuAED~CCgQChgBIPADKPADMNcGOOcCaPEDcKMFeN6aAoABspgCiAH5mgWwAQG4AQM~CCkQChgBIPsGKPsGMPAKOPUDQPsGSP8GUP8GWIcJYMAHaIcJcIcKeJyqAoAB8KcCiAGrzgawAQG4AQM~CBwQChgBIPwGKPwGMP0HOIEBaP0GcPwHeMYigAGaIIgBsFawAQG4AQM~CAkQChgBIIAHKIAHMI4IOI4BaIAHcP8HeKVYgAH5VYgB8-MBsAEBuAED~CCcQChgBIJQIKJQIMKcJOJMBaJYIcJgJeJN5gAHndogBisUCsAEBuAED~CCcQBRgBILAJKLAJMLwKOIwBaLEJcLMKePdDgAHLQYgB6rIBsAEBuAED~CB8QBRgBIPwKKPwKMLkOOL0DUP4KWIENYP4KaIINcIQOeJyeAYAB8JsBiAGBswSwAQG4AQM~CCIQBBgBIP4KKP4KMMEOOMMDQP4KSI0LUI0LWJMNYM0LaJMNcMAOeKwCsAEBuAED~CCgQChgBINwPKNwPMO8QOJQBaNwPcNoQeOC5AYABtLcBiAGt7wOwAQG4AQM
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.0.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: nuq04s19-in-f3.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://432933d36f8bfe0508263c2d6765cb88.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 08:04:09 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 145ms
140ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://note1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 08:04:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 23 May 2023 08:04:09 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F7ED 13 KB
5 KB 129ms
127ms Document
text/html 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://note1s.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

accept-ranges: bytes
age: 829
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 23 May 2023 07:50:20 GMT
expires: Wed, 22 May 2024 07:50:20 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 0BB6 783 B
966 B 439ms
438ms Document
text/html 142.250.181.228
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.228 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f4.1e100.net

Software

GSE /

Resource Hash

8f6c7682844645ddc913d414a34ae3f2ca1ce010066cfefea5e8c6fdfbb4b036

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-0lEO1Hmvshoj78lIS-isRg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://note1s.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-0lEO1Hmvshoj78lIS-isRg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 23 May 2023 08:04:09 GMT
expires: Tue, 23 May 2023 08:04:09 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 b4kQu0tD4hSA-hVARc1fzzODE0daF2Vy-bPLW9uau78.js Show response
pagead2.googlesyndication.com/bg/ Frame F7ED 37 KB
14 KB 128ms
127ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/b4kQu0tD4hSA-hVARc1fzzODE0daF2Vy-bPLW9uau78.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

sffe /

Resource Hash

6f8910bb4b43e21480fa154045cd5fcf338313475a176572f9b3cb5bdb9abbbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 07:51:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 765
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14738
x-xss-protection: 0
last-modified: Mon, 15 May 2023 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 22 May 2024 07:51:24 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 81E2 0
20 B 163ms
162ms Ping
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=8703505526850&version=m202301230201&ct=119&x=1&cor=10696670262518458000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://432933d36f8bfe0508263c2d6765cb88.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 08:04:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame F7ED 0
10 B 127ms
127ms Image
text/plain 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?ETxXLg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s50-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 May 2023 08:04:10 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 0BB6 0
0 161ms
160ms Image
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202305160101&jk=3064980139131816&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s07-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 165ms
164ms Image
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202305160101&jk=3064980139131816&bg=!xcalxpLNAAZ8_aWmXP07ADkAdvg8WsfCDwzDnLekftZ6FC53eU5jeIm8xGhTMjLuVqwP_zTjsFuI34Q0gOztc87jyQY0cKnWW3sCAAAAtFIAAAADaAEHCgAGKHaJHQIrmQKWaaOnk69U8-gX6xAz33VZrLHczIv_3SkwTL9ix-CuH7SsqS0pi_o-PHsHNT11CbUpZ8Sqw_2VSZPhY_cvi4Phz1pbgbCKAXMF7m2y1ewGx3J4KWxPa3Ghn7QwpkLnoUHKp0SmXrzbhRlukGXJGl47x-HoMjHaNCklftvGeyLah_UCZ_6NfInRproqGeWU7-OFfB6IHDgNt3oQoXpi_Q3BJgjcFBapq32afk0QC_cNMtZ0kzmBhuFe6DDXBUc8hFAkRrRcDU5QvxnD_CumGlxlYNAgPcnlsMeZGAM8zi2m6_jEDZ1TDEYvhG30NG6zc0v3xI3GjxCui-faZ90qRepOXNvCRKknQtvUj8Xg0b5LBs0l49JyWGRmfOdZ5ITSs7wfVqNhBwCbqKILluyDj-KTdGgs_VMvWppYVv0Ar7XCkAcj8Zk8WGX-bx-SOCfrT3r7i9eCI0VRbtf-oki4660Gxkg5c24vw0Cua73VoICuMJyxKMBi1lknTxnclhD22EaV3nJLSid0Y417wY_MsGaRSIHfXxkmmdia1-uM6Zaimf7wBWf6zYZff8vxbScYwIin2OzX1EdGuF2mx9ck273VWUpDrKefQu_lR6EZTOqr6746uKn1tG4cVLJXQB8fTf6HsY4_qLbAJkIPFZnB-rOaXXSiWHzIgt99C7dSk2dO4vZd7rCna9snhOZXNavjHhXWYhu_xV-mUTk5a4aN8013daMt-G0376VfaFzZAU9e_Q-djgUTuyePzsQMg4v4MPzAGR5bWPfxDSFw6YILIHfzl8sV47yLrbcA_DAK9zc8H9s9K3vyo7xHKWvMgceDtXZVORh7ZN0OWfmkB2mTMyW-E1qokKlxfLhYTzFOr1ffv5lGac56LrI
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s07-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://note1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: oajs.openx.net
URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fnote1s.com%2Fnotes%2F4RPMBNO&rid=esp

Verdicts & Comments Add Verdict or Comment

210 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

34 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
note1s.com/	1969-12-31 23:59:59	Name: SPSI Value: d0b82b486739f1de311f45890d31533a
note1s.com/	1969-12-31 23:59:59	Name: SPSE Value: pG1JSaBTMj5RTvAZED3mlXLm7wEhw7wdSFaZQdofg9+m+pG2lV1Lvc9oY7skyH2sESXWFMpKY4NDEMXgwFlwzQ==
note1s.com/	1970-01-20 12:00:36	Name: spcsrf Value: 3682def08087c99737a34892b090f3f3
note1s.com/	1970-01-20 12:00:36	Name: XSRF-TOKEN Value: eyJpdiI6IkJ2bkgxckpneGpCUHloVDlpRWRQdUE9PSIsInZhbHVlIjoiQzNhVTNRSG00dEIwR25JRDJpUmNIQ2YrZDhTOUlWZTBBbjVqd1c2dWFVTmVDMHVkdEVwTWROUE5hOGtEbHFnVkcxUEZKRzRxdGlHMVplc0JEUUpwakdLWFphKzVhSWQ1bDM2djJPdDlENmI1S0RBQU44clkwRWY4SlpBR3FyYmEiLCJtYWMiOiJmNTdjODNkZTQxYTAzZTVhOGVlZjk5ODE3N2FmNDJmMDhjOWNlNTAxMDg0MzI3ZDBiNjljOTRjZTRkYzJhMmQ1In0%3D
note1s.com/	1970-01-20 12:00:36	Name: online_notepad_take_notes_and_earn_money_at_note1scom_session Value: eyJpdiI6InNYQVdoZ3JOOG5pN3RNNUp6K2VRb0E9PSIsInZhbHVlIjoib0h5c0g1SjFDZnoxWUdrb21peGtEU1FvQm5XcTdKY0JCSDh5d1NGUkVjQ0F6VDJWcytwNGwvUDNPUGsxaExoQ3g0M1FHZHR2ZTI1aDNrYTRCc2VNRnFObmVYbkM0QXptZDRLTjJxUXZSRXp6NHdGWFJJcmFRZ2hURmR5bGo1TGEiLCJtYWMiOiI0YTg4ZWY3NzI0YjAzY2Y0MTJhZTg2MGViY2VhNGQxNWZhMWVmMmVlNzFlZjhkZjlmOWM4OGFmMjk2NDRhZDdlIn0%3D
note1s.com/	1970-01-20 12:00:29	Name: sp_lit Value: WuqWbx4eKxKUcxI9Jd78gA==
note1s.com/	1969-12-31 23:59:59	Name: PRLST Value: nJ
note1s.com/	1970-01-20 16:19:41	Name: UTGv2 Value: h49f82f4e264b04ca6fa536176055380ce53
note1s.com/	1969-12-31 23:59:59	Name: adOtr Value: 280bd8b6437
.note1s.com/	1970-01-20 21:36:29	Name: _ga Value: GA1.2.1720071096.1684829046
.note1s.com/	1970-01-20 12:01:55	Name: _gid Value: GA1.2.638555028.1684829046
.note1s.com/	1970-01-20 12:00:29	Name: _gat_gtag_UA_129758818_11 Value: 1
.note1s.com/	1970-01-20 21:22:05	Name: __gads Value: ID=c7b134c00869a7bf:T=1684829046:S=ALNI_MYrj_cTSAKADnYw1XWWufiVicl0aA
.note1s.com/	1970-01-20 21:22:05	Name: __gpi Value: UID=00000c1a1d9d5dd9:T=1684829046:RT=1684829046:S=ALNI_MYDn2TMooKS_X6BySB0ILSI3jM1WQ
.criteo.com/	1970-01-20 21:22:05	Name: uid Value: e65f5deb-7efc-4479-b63c-cb826abd637e
.crwdcntrl.net/	1970-01-20 18:29:16	Name: _cc_id Value: f0238e967783ffc3783113001807d115
.note1s.com/	1970-01-20 18:29:17	Name: _cc_id Value: f0238e967783ffc3783113001807d115
.note1s.com/	1970-01-20 12:01:55	Name: panoramaId_expiry Value: 1684915447153
.doubleclick.net/	1970-01-20 21:36:29	Name: IDE Value: AHWqTUktgXBUTRVj0QLDe2tu9yn7egL13d1LwkAK_jeT995APFsVieHubEldRGgm
.note1s.com/	1970-01-20 21:22:05	Name: cto_bundle Value: s1JvxV9rWmhGQW8xZHYlMkZIYXU0dFNYZ05pQjhzb05lUjJFRG5USXljeDJWcjBmRDN0YnhmaXVjRmQxeDRER3RVYVJPUzg1V0ZuVXpuQWwlMkJyVlpLTVdjd2VMWWFQYUZLaW5iTmkyNWVUN0pwTzJPUFZ3c051N2kyc2pXUGFlVTlxd0ZyOUVteEY1NGt1SXRiT1c4dHBKeDNzNENBJTNEJTNE
.openx.net/	1970-01-20 20:46:05	Name: i Value: a008e1f4-3791-07ae-1b3a-aba06d5057a4\|1684829047
.casalemedia.com/	1970-01-20 20:46:05	Name: CMID Value: ZGxzd-EMtSqei-hh2Jg7nAAA
.casalemedia.com/	1970-01-20 14:10:05	Name: CMPS Value: 3184
.casalemedia.com/	1970-01-20 14:10:05	Name: CMPRO Value: 3184
.adnxs.com/	1970-01-20 14:10:05	Name: uuid2 Value: 1802214238594672947
.openx.net/	1970-01-20 12:22:05	Name: pd Value: v2\|1684829047\|gen0vNiygu
.adnxs.com/	1970-01-20 14:10:05	Name: anj Value: dTM7k!M41.D>6NRF']wIg2In@r/QW@!]tbPl1M>e)ZlrFUfJ+tGXxpGGYt#KT!Q_MD=DQPG16E]Ox1GUYvqd?+b/mT3If)y3KL9D3I?--tKCIh
.quantserve.com/	1970-01-20 21:30:43	Name: mc Value: 646c7378-20c4f-afa97-05026
.adform.net/	1970-01-20 12:45:07	Name: C Value: 1
.doubleclick.net/	1970-01-20 12:00:32	Name: DSID Value: NO_DATA
.adsrvr.org/	1970-01-20 20:47:31	Name: TDID Value: 1725630d-474d-47f2-8617-7228aec5d20e
.adform.net/	1970-01-20 13:26:53	Name: uid Value: 8502093648898732359
.adsrvr.org/	1970-01-20 20:47:31	Name: TDCPM Value: CAEYBSABKAIyCwiQx-jA4NvtOxAFOAE.
.openx.net/	1970-01-20 12:22:05	Name: univ_id Value: 537072971\|1725630d-474d-47f2-8617-7228aec5d20e\|1684829048666843

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://note1s.com/notes/4RPMBNO Message: Mixed Content: The page at 'https://note1s.com/notes/4RPMBNO' was loaded over HTTPS, but requested an insecure element 'http://www.davidmcelroy.org/wp-content/uploads/2012/01/Tinfoil-hat.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://note1s.com/notes/4RPMBNO(Line 209) Message: Mixed Content: The page at 'https://note1s.com/notes/4RPMBNO' was loaded over HTTPS, but requested an insecure element 'http://www.davidmcelroy.org/wp-content/uploads/2012/01/Tinfoil-hat.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
javascript	error	URL: https://note1s.com/notes/4RPMBNO Message: Access to fetch at 'https://oajs.openx.net/esp?url=https%3A%2F%2Fnote1s.com%2Fnotes%2F4RPMBNO&rid=esp' from origin 'https://note1s.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fnote1s.com%2Fnotes%2F4RPMBNO&rid=esp Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

432933d36f8bfe0508263c2d6765cb88.safeframe.googlesyndication.com
activerain-store.s3.amazonaws.com
activerain.com
adservice.google.com
ajax.googleapis.com
bcp.crwdcntrl.net
c1.adform.net
cdn.exmarketplace.com
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
cms.quantserve.com
csi.gstatic.com
dsum-sec.casalemedia.com
esp.rtbhouse.com
eu-u.openx.net
fonts.googleapis.com
fonts.gstatic.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
id5-sync.com
invstatic101.creativecdn.com
match.adsrvr.org
note1s.com
oa.openxcdn.net
oajs.openx.net
pagead2.googlesyndication.com
quantcast.mgr.consensu.org
s0.2mdn.net
securepubads.g.doubleclick.net
static.criteo.net
tags.crwdcntrl.net
test.quantcast.mgr.consensu.org
tpc.googlesyndication.com
traffic1s.com
us-u.openx.net
www.davidmcelroy.org
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
oajs.openx.net
104.17.25.14
104.22.53.86
142.250.181.228
142.250.184.226
142.250.184.227
142.250.185.129
142.250.185.198
142.250.186.104
142.250.186.130
142.250.186.163
142.250.186.74
142.250.74.194
151.101.193.229
151.139.128.10
162.19.138.118
172.217.0.67
172.217.16.194
172.217.16.206
172.217.18.1
178.250.1.11
178.250.1.3
18.66.190.226
18.66.192.12
18.66.192.30
18.66.192.91
185.80.39.216
185.89.210.141
216.58.212.138
34.102.146.192
34.96.70.87
35.190.39.111
35.244.159.8
37.157.6.233
52.223.40.198
52.92.177.161
54.154.153.235
54.69.228.114
70.32.23.110
91.228.74.208
95.110.204.9
02bfcf0e143cda6197150a8820c6b435b1899a771f79c30a44797cc9db8bbedc
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
1188b9bcae8633f6136b749482f5abd5532a07f14b6f761e9beb93e11c42ace0
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
21bf4b49938284aaececf999f198f621de0aa792bb5315fc21255d0ab439e145
24ecd6070d1cc9f36f635b33bb346a5dfd2813390a4295383b2351bea0d38bb6
271f3b24a9e7bfe207729f336ba2b31de3863ca7bd35ec9de2916478eed8771d
2c8fe5bc6a32607070351c84541e64d2e4178357e6f80e0e02c3d135c3f9752c
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
3014acc16bf3744b41bb869785bf686290d9834a5e6f69d4583c4e39fca26bff
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31d1a8b234ef7e3fcd967fe38bb63298be8faf869e0dcd5352c330ed5c18964b
32a7b9d9bf98f3969f628f02f2f0a72b1123e80c28f4683f1b0c787ca2220ad2
332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a
394684214f756ae9ed1c58c1c829b217440ec8ce39873a83d2b21e718928634c
3b89401fea631023de67ae75bf8f246b1af109a9a4247c3862016949eacc462b
3cbc669199e9c6f99959792cce15a854a5836c9ff6c755a90812453a82622a1a
452f096c720b3e3f9bef10090f461ce08ab38e64159263e9939a7c60067aa32f
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5b13e5520749c82f2ca91fc49455b44aba44f668074dc5c3a0be8c139bce9f9c
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5e2f97ea0fb92d5e3ae31eeef403b9c34363c8fb2a387e13cf381fa97f3e8cf7
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6b96a873c471652f2497fb867d90e2cd0c457d1f5e3ae2304f253711dfe2ae44
6f8910bb4b43e21480fa154045cd5fcf338313475a176572f9b3cb5bdb9abbbf
7174a8bff46f7c25aa0167fbf071096b488058459bf9d555ddd592ceea171804
72855a9842199d9f3f5c25040d437234a5fdbc7e68bf2e54ba82a1b5adbdfe5c
756997924e97f09793e32520f153591ff455188cf2fd5e2f8d95b6d427b9e87b
7be94252e155b8be9993b666eec4d0e53ea2da388b213d6fdd9ec27093884939
7ed3b3e7cc5d46c24c6e02c7bd33100fbdd09822b0fb230956369b4881da6953
8029665c0154234ddf67e798de4c9a5cad358071f988aa1c1f84bbae930ed8cb
80ae08a21538f93c7accfb13a73a56ef098295b2a0b18e54badc3bc6bbe52760
8b53bbcf5bade5c6d3715a1df364ce5df527a85a7d2e0a6e2529e93d6cfe98de
8b5da51cc7922a21ec9681c479cb6709d39d388235a4570c7f626ddd6174485d
8dea632b5a76b1de70beaf14de6175e60d76635363261fcc58cba942da1bd853
8f52ae059ebd18fcb45ca5d2f81ab410ade2b54e096aa1284fd4b2b97bf3ddc9
8f6c7682844645ddc913d414a34ae3f2ca1ce010066cfefea5e8c6fdfbb4b036
9084081dd3b388cf26885b6c47441f62400c28582a1e19e80628e0037e986f92
93e9e97f12d19062b6e74e333efc1b63ae51e3432bfd610e0db3eb22c4761b0c
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e
996c93b54c7ec6736fb3b689d8cabdbb72f1b9b0cf2c76a4044f11e5129f09d7
9cf4fc9350f69e442ebfdf130d4e601377e9273b642282a1ebb4f79d6116e8c5
9df1ad09e8ee902ee6a76cf88df57306868ca4ee532d74830fbcfe4db8bdf39d
9f726a0127ce218459cccfbec762795e5897b91c4c3ed3aa653b982c2f35fbfc
a08acd55bb001aa85ced7f4f93a4a1446ca18a17689e872b59a9da81ebe0cd45
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1ef847ce9c6963e18c0aafa4b63cfaaf5eb54ed7c3e1e3fdf977d9594498d96
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032
a8aed46dba06a6b68d94a3204205fc78f1e9fc5c90e69ca49fad346e3b7e47b2
a9b847c681a24b03ba8acc0b4dcd8aab9acf8c4d3131be784d488e2402d57427
acb56c6f7cb5d7535893ca8f3ede167db52e709927be848f4285ab3d92973bb8
b1289ccca476df0a33259965671579525261926bf8ea0a9f4fb3ba67535c4f69
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3d7664a9bc1602bae1581a2bb4181109516fb2ae83e439e272954399a8adb12
bb4e5956f130d6375ce85ca1225536f8852c4ca5b16ee74cb882ee40a4cbedd2
c75d7ae9e1e3e2237f11239ea4b9821504e59b57d49dd06a45c9e9995712d28b
c7fc8dae04703101d705fac5268f8900d96149d6b2d3fdd6c1fac249ed16cf1b
c8009b78a37edd82e2291b29e8e0872bef9b0684b31f97f4f2596d1f7ee6c96f
c909c28a92bf7b48807218b7eb333d2e6700bd123064a9625b63e36764ae3d91
cddba030c45b4ea556c7ee07bb723bbffa04f0698d402b6a3274b0fde7e685e5
d961a31d3d2fdb93a35a4024f9878b2ed896cd86a084ceb8df6af3bc53e29125
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
eebc1e16930f8c02d8df7b36daf1d89122876c974d5599cc37d6f6c4b6c7519d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f245830476ff9812bbf15171fdfbb751b6280bdb3cf30067418bc50b6895ddc4
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
faedfeefc726ed56cbd58f17290f2ea5833f455f12098ebb287fca796a21eac2
fc9fe8ec0612072dc6d3b4acd268e09d28c253807f47846a5f70dd8360d1a0d1
fd4f1c9d69a243c7240669fd0fedbe8a66953243d409f75ae02dc4824b17cf68
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
fff4c136e7279ccc0b65eb8a46058367ebe49fccaf951961ae7cd76a13ca7c50

note1s.com Open in urlscan Pro 151.139.128.10 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

114 Requests

92 %HTTPS

0 %IPv6

32 Domains

47 Subdomains

38 IPs

9 Countries

1848 kBTransfer

4607 kBSize

34 Cookies

6 Outgoing links

Redirected requests

114 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

note1s.com Open in urlscan Pro
151.139.128.10 Public Scan

Screenshot
Live screenshot

Full Image

114
Requests

92 %
HTTPS

0 %
IPv6

32
Domains

47
Subdomains

38
IPs

9
Countries

1848 kB
Transfer

4607 kB
Size

34
Cookies

114 HTTP transactions
1 data transactions