urlscan.io logo urlscan.io
SecurityTrails logo

anotepad.com Open in urlscan Pro
207.244.104.157  Public Scan

Go To Rescan Add Verdict Report
URL: https://anotepad.com/note/read/5irg33y
Submission: On November 12 via manual from IN
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 5 countries across 12 domains to perform 27 HTTP transactions. The main IP is 207.244.104.157, located in Washington, United States and belongs to LEASEWEB-USA-WDC-01 - Leaseweb USA, Inc., US. The main domain is anotepad.com.
TLS certificate: Issued by COMODO RSA Domain Validation Secure S... on December 24th 2018. Valid for: 2 years.
This is the only time anotepad.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 207.244.104.157 30633 (LEASEWEB-...)
3 2001:4de0:ac1... 20446 (HIGHWINDS3)
3 143.204.101.124 16509 (AMAZON-02)
3 188.72.202.173 35415 (WEBZILLA)
6 188.72.202.2 35415 (WEBZILLA)
2 2a00:1450:400... 15169 (GOOGLE)
4 23.210.248.44 16625 (AKAMAI-AS)
1 2 2a00:1450:400... 15169 (GOOGLE)
1 2.18.235.40 16625 (AKAMAI-AS)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
27 11
3    207.244.104.157 (Washington, United States)

ASN30633 (LEASEWEB-USA-WDC-01 - Leaseweb USA, Inc., US)
PTR: anotepad.com
anotepad.com
3    2001:4de0:ac19::1:b:2b (Netherlands)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
maxcdn.bootstrapcdn.com
3    143.204.101.124 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-101-124.fra50.r.cloudfront.net
cdn.anotepad.com
3    188.72.202.173 (Netherlands)

ASN35415 (WEBZILLA, NL)
tharbadir.com
6    188.72.202.2 (Netherlands)

ASN35415 (WEBZILLA, NL)
nativepu.sh
2    2a00:1450:4001:816::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
ajax.googleapis.com
4    23.210.248.44 (Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a23-210-248-44.deploy.static.akamaitechnologies.com
s7.addthis.com
v1.addthisedge.com
api-public.addthis.com
2    2a00:1450:4001:81b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
1    2.18.235.40 (Ascension Island)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com
z.moatads.com
1    2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE - Google LLC, US)
stats.g.doubleclick.net
1    2a00:1450:4001:817::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google.com
1    2a00:1450:4001:825::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google.de
Domain Requested by
6 nativepu.sh anotepad.com
nativepu.sh
3 tharbadir.com anotepad.com
tharbadir.com
3 cdn.anotepad.com anotepad.com
3 maxcdn.bootstrapcdn.com anotepad.com
3 anotepad.com ajax.googleapis.com
anotepad.com
2 www.google-analytics.com 1 redirects anotepad.com
2 s7.addthis.com anotepad.com
s7.addthis.com
2 ajax.googleapis.com anotepad.com
1 api-public.addthis.com s7.addthis.com
1 v1.addthisedge.com s7.addthis.com
1 www.google.de anotepad.com
1 www.google.com 1 redirects
1 stats.g.doubleclick.net 1 redirects
1 z.moatads.com s7.addthis.com
27 14

This site contains links to these domains. Also see Links.

Domain
www.onlinechat.support
Subject Issuer Validity Valid
anotepad.com
COMODO RSA Domain Validation Secure Server CA		 2018-12-24 -
2021-01-17		 2 years crt.sh
*.bootstrapcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2019-09-14 -
2020-10-13		 a year crt.sh
*.anotepad.com
Amazon		 2019-03-31 -
2020-04-30		 a year crt.sh
tharbadir.com
Let's Encrypt Authority X3		 2019-09-11 -
2019-12-10		 3 months crt.sh
*.nativepu.sh
Let's Encrypt Authority X3		 2019-10-13 -
2020-01-11		 3 months crt.sh
*.googleapis.com
GTS CA 1O1		 2019-10-16 -
2020-01-08		 3 months crt.sh
odc-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2019-10-10 -
2020-09-04		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2019-10-16 -
2020-01-08		 3 months crt.sh
moatads.com
DigiCert ECC Secure Server CA		 2018-11-10 -
2020-02-09		 a year crt.sh
www.google.de
GTS CA 1O1		 2019-10-16 -
2020-01-08		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://anotepad.com/note/read/5irg33y
Frame ID: B67C0C8C073238BDE3CA923FF9B41DB2
Requests: 29 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Page Statistics

27
Requests

100 %
HTTPS

50 %
IPv6

12
Domains

14
Subdomains

11
IPs

5
Countries

430 kB
Transfer

1370 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&a=81185636&t=pageview&_s=1&dl=https%3A%2F%2Fanotepad.com%2Fnote%2Fread%2F5irg33y&ul=en-us&de=UTF-8&dt=Online%20Notepad%20-%20Sage%20Peachtree%20Accounting&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAEAB~&jid=1584597095&gjid=658234619&cid=1373786618.1573534461&tid=UA-8870545-1&_gid=1730825652.1573534461&_r=1&z=866402317 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-8870545-1&cid=1373786618.1573534461&jid=1584597095&_gid=1730825652.1573534461&gjid=658234619&_v=j79&z=866402317 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-8870545-1&cid=1373786618.1573534461&jid=1584597095&_v=j79&z=866402317 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-8870545-1&cid=1373786618.1573534461&jid=1584597095&_v=j79&z=866402317&slf_rd=1&random=1137554129

27 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 5irg33y
anotepad.com/note/read/ 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://anotepad.com/note/read/5irg33y
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
207.244.104.157 Washington, United States, ASN30633 (LEASEWEB-USA-WDC-01 - Leaseweb USA, Inc., US),
Reverse DNS
anotepad.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
ca09207a8c71152466068e0b42a37556b8cc2a667e956685aafda751a937d1c3

Request headers

Host
anotepad.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
none
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1

Response headers

Cache-Control
private
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Vary
Accept-Encoding
Server
Microsoft-IIS/8.5
X-AspNetMvc-Version
5.2
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Date
Tue, 12 Nov 2019 04:54:20 GMT
Content-Length
3680
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ 		118 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
Requested by
Host: anotepad.com
URL: https://anotepad.com/note/read/5irg33y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
/
Resource Hash
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Request headers

Sec-Fetch-Mode
cors
Referer
https://anotepad.com/note/read/5irg33y
Origin
https://anotepad.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 12 Nov 2019 04:54:20 GMT
content-encoding
gzip
last-modified
Wed, 12 Dec 2018 18:34:07 GMT
status
200
etag
"1544639647"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-hello-human
Say hello back! @getBootstrapCDN on Twitter
accept-ranges
bytes
timing-allow-origin
*
content-length
19740
bootstrap-theme.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ 		23 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap-theme.min.css
Requested by
Host: anotepad.com
URL: https://anotepad.com/note/read/5irg33y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
/
Resource Hash
653e073e97423adda5bc3917a241ee8497dd38a48f14bcde0098a4e54fd0fa5e

Request headers

Sec-Fetch-Mode
cors
Referer
https://anotepad.com/note/read/5irg33y
Origin
https://anotepad.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 12 Nov 2019 04:54:20 GMT
content-encoding
gzip
last-modified
Wed, 12 Dec 2018 18:34:07 GMT
status
200
etag
"1544639647"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-hello-human
Say hello back! @getBootstrapCDN on Twitter
accept-ranges
bytes
timing-allow-origin
*
content-length
2776
site-css
cdn.anotepad.com/bundles/ 		10 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.anotepad.com/bundles/site-css?v=AIVj9wmKxIywoY-neyK9aJb6ZmrzAV-16QI7OM6zx-s1
Requested by
Host: anotepad.com
URL: https://anotepad.com/note/read/5irg33y
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.101.124 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-101-124.fra50.r.cloudfront.net
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
441dfbf2d6e7e8ce0dd1fc034012a2da2a814b9d1423382de5a2c703afe66ebd

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://anotepad.com/note/read/5irg33y
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 09 Sep 2019 00:35:29 GMT
content-encoding
gzip
x-aspnet-version
4.0.30319
age
5545130
x-powered-by
ASP.NET
x-cache
Hit from cloudfront
status
200
last-modified
Mon, 09 Sep 2019 00:35:30 GMT
server
Microsoft-IIS/8.5
vary
Accept-Encoding
content-type
text/css; charset=utf-8
via
1.1 436c247027acc191b22ece964efbaeca.cloudfront.net (CloudFront)
cache-control
public
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
wRzkeFumMWRCUiZlqTNFbpoiYJeif7e_Y5w_lcn6NS9pKDwH_Hs1Ng==
expires
Tue, 08 Sep 2020 00:35:30 GMT
2
tharbadir.com/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tharbadir.com/2?z=2314470
Requested by
Host: anotepad.com
URL: https://anotepad.com/note/read/5irg33y
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
188.72.202.173 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
nginx /
Resource Hash
18f26c6d9205445478366296bd9ebdef5d3eeff449ade7834a43ba91e2323b0b

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://anotepad.com/note/read/5irg33y
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Nov 2019 04:54:20 GMT
Content-Encoding
gzip
X-Sc
kMziy1r7ubj8m0nIx_YVamyhx0TTDRk6kBP8XO6iagEuYSArKs8Xr7eqk5MOk5bgJen1NE9CAjRFGm4ukTBAQHydPO4=
Server
nginx
Transfer-Encoding
chunked
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
text/javascript
Access-Control-Allow-Origin
Access-Control-Expose-Headers
X-Sc
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
Expires
Mon, 26 Jul 1997 05:00:00 GMT
ntfc.php
nativepu.sh/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nativepu.sh/ntfc.php?p=2321914
Requested by
Host: anotepad.com
URL: https://anotepad.com/note/read/5irg33y
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
188.72.202.2 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
nginx /
Resource Hash
c727e3ded7f2833de2e1dc20e266ed56c0664cda2b7bf3ecdf400cf5b9e88f8f

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://anotepad.com/note/read/5irg33y
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Nov 2019 04:54:20 GMT
Content-Encoding
gzip
Last-Modified
Tue, 05 Nov 2019 18:17:36 GMT
Server
nginx
ETag
W/"5dc1bcc0-220b"
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.3/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js
Requested by
Host: anotepad.com
URL: https://anotepad.com/note/read/5irg33y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://anotepad.com/note/read/5irg33y
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 31 Oct 2019 18:13:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
988863
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
33507
x-xss-protection
0
last-modified
Tue, 20 Dec 2016 18:17:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 30 Oct 2020 18:13:17 GMT
jquery-ui.min.js
ajax.googleapis.com/ajax/libs/jqueryui/1.11.4/ 		235 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jqueryui/1.11.4/jquery-ui.min.js
Requested by
Host: anotepad.com
URL: https://anotepad.com/note/read/5irg33y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
c4d8dbe77feb63e5a61bee0bead4e5f66e8fa6a927599bd1b74aced52467273c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://anotepad.com/note/read/5irg33y
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 01 Nov 2019 02:51:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
957775
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
64481
x-xss-protection
0
last-modified
Tue, 20 Dec 2016 18:17:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 31 Oct 2020 02:51:25 GMT
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ 		36 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js
Requested by
Host: anotepad.com
URL: https://anotepad.com/note/read/5irg33y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
/
Resource Hash
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Request headers

Sec-Fetch-Mode
cors
Referer
https://anotepad.com/note/read/5irg33y
Origin
https://anotepad.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 12 Nov 2019 04:54:20 GMT
content-encoding
gzip
last-modified
Wed, 12 Dec 2018 18:33:51 GMT
status
200
etag
"1544639631"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-hello-human
Say hello back! @getBootstrapCDN on Twitter
accept-ranges
bytes
timing-allow-origin
*
content-length
9832
site-js
cdn.anotepad.com/bundles/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.anotepad.com/bundles/site-js?v=TFamgpKrDWX3ItkYJ9CufOczqxq-sh9yvf8D6PUiVsM1
Requested by
Host: anotepad.com
URL: https://anotepad.com/note/read/5irg33y
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.101.124 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-101-124.fra50.r.cloudfront.net
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
ed5e0b418228eba3d85fceabde461c8435ed420eb277061e3dd242bd13828609

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://anotepad.com/note/read/5irg33y
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 05 Sep 2019 13:13:24 GMT
content-encoding
gzip
x-aspnet-version
4.0.30319
age
5845255
x-powered-by
ASP.NET
x-cache
Hit from cloudfront
status
200
last-modified
Thu, 05 Sep 2019 13:13:25 GMT
server
Microsoft-IIS/8.5
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
via
1.1 436c247027acc191b22ece964efbaeca.cloudfront.net (CloudFront)
cache-control
public
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
9fTbd_tJISJLzEchFz3pVyFaRmD4yjR1XJhxavFyMAydVW3AyeGRLg==
expires
Fri, 04 Sep 2020 13:13:25 GMT
addthis_widget.js
s7.addthis.com/js/300/ 		349 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/js/300/addthis_widget.js
Requested by
Host: anotepad.com
URL: https://anotepad.com/note/read/5irg33y
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a23-210-248-44.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
7c20e3e201e3d7c6821e907def1257deb544eb08578c7129b96d53bbf62d34e4
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://anotepad.com/note/read/5irg33y
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Wed, 30 Oct 2019 19:35:04 GMT
server
nginx/1.15.8
etag
W/"5db9e5e8-57446"
vary
Accept-Encoding
x-distribution
99
content-type
application/javascript
status
200
date
Tue, 12 Nov 2019 04:54:20 GMT
x-host
s7.addthis.com
content-length
114924
anotepad.png
cdn.anotepad.com/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.anotepad.com/images/anotepad.png
Requested by
Host: anotepad.com
URL: https://anotepad.com/note/read/5irg33y
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.101.124 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-101-124.fra50.r.cloudfront.net
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
320234eed5074007e104cd07605ae4407f3397a2a2377aa02123612e2e72fd4e

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cdn.anotepad.com/bundles/site-css?v=AIVj9wmKxIywoY-neyK9aJb6ZmrzAV-16QI7OM6zx-s1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 11 Nov 2019 00:57:48 GMT
via
1.1 436c247027acc191b22ece964efbaeca.cloudfront.net (CloudFront)
last-modified
Tue, 22 Dec 2015 23:59:09 GMT
server
Microsoft-IIS/8.5
age
100592
x-powered-by
ASP.NET
etag
"fd686fbf143dd11:0"
x-cache
Hit from cloudfront
content-type
image/png
status
200
cache-control
max-age=604800
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
2653
x-amz-cf-id
i0oXGKgHws4DUCV0Fu7oeGjzu-25dtKPqPU_U6OI6vsJ_3U2u3T0vA==
b3ed0eae3597de30faf078fd308ec018
tharbadir.com/27/ 		270 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tharbadir.com/27/b3ed0eae3597de30faf078fd308ec018
Requested by
Host: tharbadir.com
URL: https://tharbadir.com/2?z=2314470
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
188.72.202.173 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
nginx /
Resource Hash
d8b6a91d5e407a4763ea757911a6efe4223f24042a95cfdddd2b953f2b8ae812
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://anotepad.com/note/read/5irg33y
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 04:54:20 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Fri, 08 Nov 2019 07:29:57 GMT
Server
nginx
Strict-Transport-Security
max-age=1
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
application/javascript
Access-Control-Allow-Origin
Access-Control-Expose-Headers
X-Sc
Cache-Control
max-age:290304000, public
Access-Control-Allow-Credentials
true
Timing-Allow-Origin
*
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
Expires
Fri, 08 Dec 2079 07:29:57 GMT
zone
nativepu.sh/ 		672 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://nativepu.sh/zone?pub=0&zone_id=2321914&is_mobile=false&domain=anotepad.com&var=&ymid=
Requested by
Host: nativepu.sh
URL: https://nativepu.sh/ntfc.php?p=2321914
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
188.72.202.2 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
nginx /
Resource Hash
8a4f6f8c636723524068b10bb6a5c2c5bfec92f70f2f922705b63e81dd5129d2
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
cors
Referer
https://anotepad.com/note/read/5irg33y
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Trace-Id
2a5d7c2c72bea9d2a372568615c41bf1
Date
Tue, 12 Nov 2019 04:54:20 GMT
X-Content-Type-Options
nosniff
Server
nginx
Strict-Transport-Security
max-age=1
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://anotepad.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
672
universal.min.js
nativepu.sh/pfe/current/ 		119 KB
37 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://nativepu.sh/pfe/current/universal.min.js?v=3.1.138
Requested by
Host: nativepu.sh
URL: https://nativepu.sh/ntfc.php?p=2321914
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
188.72.202.2 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
nginx /
Resource Hash
0ba4c64d786cf091aaba3677f98931806d85460f1dff504cadb5157944227f4e

Request headers

Sec-Fetch-Mode
cors
Referer
https://anotepad.com/note/read/5irg33y
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Nov 2019 04:54:21 GMT
Content-Encoding
gzip
Last-Modified
Tue, 05 Nov 2019 18:17:36 GMT
Server
nginx
ETag
W/"5dc1bcc0-1dad8"
Transfer-Encoding
chunked
Content-Type
application/javascript
Access-Control-Allow-Origin
https://anotepad.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
analytics.js
www.google-analytics.com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: anotepad.com
URL: https://anotepad.com/note/read/5irg33y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://anotepad.com/note/read/5irg33y
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Aug 2019 17:22:41 GMT
server
Golfe2
age
1244
date
Tue, 12 Nov 2019 04:33:37 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
17803
expires
Tue, 12 Nov 2019 06:33:37 GMT
loadcomment
anotepad.com/note/ 		523 B
653 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://anotepad.com/note/loadcomment
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
207.244.104.157 Washington, United States, ASN30633 (LEASEWEB-USA-WDC-01 - Leaseweb USA, Inc., US),
Reverse DNS
anotepad.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
c4cbcc68d7a949e09034b1bdf19f4da6d9727b7f0d91bfaa146579d84d027f25

Request headers

Accept
*/*
Referer
https://anotepad.com/note/read/5irg33y
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
cors
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Tue, 12 Nov 2019 04:54:20 GMT
Content-Encoding
gzip
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/html; charset=utf-8
Cache-Control
private
Content-Length
360
moatframe.js
z.moatads.com/addthismoatframe568911941483/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://anotepad.com/note/read/5irg33y
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 04:54:21 GMT
Content-Encoding
gzip
Last-Modified
Fri, 08 Nov 2019 20:13:52 GMT
Server
AmazonS3
x-amz-request-id
D5503D14AA2F06AA
ETag
"f14b4e1f799b14f798a195f43cf58376"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=7556
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
948
x-amz-id-2
JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&a=81185636&t=pageview&_s=1&dl=https%3A%2F%2Fanotepad.com%2Fnote%2Fread%2F5irg33y&ul=en-us&de=UTF-8&dt=Online%20Notepad%20-%20Sage%20Peachtree%2...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-8870545-1&cid=1373786618.1573534461&jid=1584597095&_gid=1730825652.1573534461&gjid=658234619&_v=j79&z=866402317
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-8870545-1&cid=1373786618.1573534461&jid=1584597095&_v=j79&z=866402317
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-8870545-1&cid=1373786618.1573534461&jid=1584597095&_v=j79&z=866402317&slf_rd=1&random=1137554129
42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-8870545-1&cid=1373786618.1573534461&jid=1584597095&_v=j79&z=866402317&slf_rd=1&random=1137554129
Requested by
Host: anotepad.com
URL: https://anotepad.com/note/read/5irg33y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://anotepad.com/note/read/5irg33y
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Nov 2019 04:54:21 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 12 Nov 2019 04:54:21 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-8870545-1&cid=1373786618.1573534461&jid=1584597095&_v=j79&z=866402317&slf_rd=1&random=1137554129
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
9
tharbadir.com/ 		0
723 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tharbadir.com/9?z=2890895&eid=&rb=ATY2jdS3uR53eB4NZ_5HNjsvSdJxDWdXSmZgbClv2y7cQDWd1ovnC_21h9DU7Qr3IDmyuRnoKskFr3SKr7LFe0EX439unbV6QdLP1nBcpqk5eTFubEc88LwdqdzqLQuZNACVhmsSBPk8VSQkFB75F-d_-hG_IPMnTJGXRZK0HanRfJoypuXRstJaNL_cm3jOdpn_-R06dl65B4Ej-W5wpNIfbEJwfM0nyNPP0MqntZTUGbPD40zym9Px4SY=&ir=3x2&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1600&sh=1200&pl=https%3A%2F%2Fanotepad.com%2Fnote%2Fread%2F5irg33y&wy=0&wx=0&ww=1600&wh=1200&cw=1585&wiw=1600&wih=1200&wfc=1&sah=1200&drf=&hil=2&ist=0
Requested by
Host: tharbadir.com
URL: https://tharbadir.com/27/b3ed0eae3597de30faf078fd308ec018
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
188.72.202.173 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
cors
Referer
https://anotepad.com/note/read/5irg33y
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Nov 2019 04:54:21 GMT
Server
nginx
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
application/javascript
Access-Control-Allow-Origin
https://anotepad.com
Access-Control-Expose-Headers
X-Sc
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
Expires
Mon, 26 Jul 1997 05:00:00 GMT
custom
nativepu.sh/ 		39 B
487 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://nativepu.sh/custom
Requested by
Host: anotepad.com
URL: https://anotepad.com/note/read/5irg33y
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
188.72.202.2 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
nginx /
Resource Hash
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
cors
Referer
https://anotepad.com/note/read/5irg33y
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json

Response headers

X-Trace-Id
865242a2a6a5603d2633504f67384e2f
Date
Tue, 12 Nov 2019 04:54:21 GMT
X-Content-Type-Options
nosniff
Server
nginx
Strict-Transport-Security
max-age=1
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://anotepad.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
39
sw.js
anotepad.com/ 		5 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://anotepad.com/sw.js
Requested by
Host: anotepad.com
URL: https://anotepad.com/note/read/5irg33y
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
207.244.104.157 Washington, United States, ASN30633 (LEASEWEB-USA-WDC-01 - Leaseweb USA, Inc., US),
Reverse DNS
anotepad.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
2cb970011adde0b671d8f65036eed91e5e1655da21fbb93b1de313a3df636538

Request headers

Sec-Fetch-Mode
cors
Referer
https://anotepad.com/note/read/5irg33y
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 04:54:20 GMT
Content-Encoding
gzip
Last-Modified
Sun, 20 Jan 2019 00:41:25 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"806844df58b0d41:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
2148
_ate.track.config_resp
v1.addthisedge.com/live/boost/ra-56846750fb16a611/ 		166 B
387 B 		Script
General
Check archive.org
Download Go to
Full URL
https://v1.addthisedge.com/live/boost/ra-56846750fb16a611/_ate.track.config_resp
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a23-210-248-44.deploy.static.akamaitechnologies.com
Software
Jetty(9.4.8.v20180619) /
Resource Hash
4cf8b4da854cac70fb514c2d255e93904353bda1fcc7229de2f59d5971d83028

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://anotepad.com/note/read/5irg33y
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 12 Nov 2019 04:54:21 GMT
surrogate-key
ra-56846750fb16a611
server
Jetty(9.4.8.v20180619)
etag
659743217
cache-tag
ra-56846750fb16a611
status
200
cache-control
public, max-age=21, s-maxage=86400
content-disposition
attachment; filename=1.txt
content-type
application/javascript;charset=utf-8
content-length
166
custom
nativepu.sh/ 		39 B
487 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://nativepu.sh/custom
Requested by
Host: anotepad.com
URL: https://anotepad.com/note/read/5irg33y
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
188.72.202.2 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
nginx /
Resource Hash
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
cors
Referer
https://anotepad.com/note/read/5irg33y
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json

Response headers

X-Trace-Id
38e6750a9f1da7854a9b195e8793a927
Date
Tue, 12 Nov 2019 04:54:21 GMT
X-Content-Type-Options
nosniff
Server
nginx
Strict-Transport-Security
max-age=1
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://anotepad.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
39
custom
nativepu.sh/ 		39 B
487 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://nativepu.sh/custom
Requested by
Host: anotepad.com
URL: https://anotepad.com/note/read/5irg33y
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
188.72.202.2 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
nginx /
Resource Hash
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
cors
Referer
https://anotepad.com/note/read/5irg33y
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json

Response headers

X-Trace-Id
1143555df6c00c4966346458511b959c
Date
Tue, 12 Nov 2019 04:54:21 GMT
X-Content-Type-Options
nosniff
Server
nginx
Strict-Transport-Security
max-age=1
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://anotepad.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
39
counter.1e8689847c822d3197cd.js
s7.addthis.com/static/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/static/counter.1e8689847c822d3197cd.js
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a23-210-248-44.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
d987acf66cc16c2c708728aa4de214c7e3eedaef30fedacbaa8552eb757b0924
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://anotepad.com/note/read/5irg33y
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Wed, 18 Sep 2019 14:16:17 GMT
server
nginx/1.15.8
etag
W/"5d823c31-5e7c"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=86313600
date
Tue, 12 Nov 2019 04:54:21 GMT
x-host
s7.addthis.com
timing-allow-origin
*
content-length
8119
shares.json
api-public.addthis.com/url/ 		59 B
297 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api-public.addthis.com/url/shares.json?url=https%3A%2F%2Fanotepad.com%2Fnote%2Fread%2F5irg33y&callback=_ate.cbs.sc_httpsanotepadcomnoteread5irg33y0
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a23-210-248-44.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
710cca8f2c9700b0ad0488c3b51f5ffd4d0333c88a2adbd104c6661d33b90442

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://anotepad.com/note/read/5irg33y
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 12 Nov 2019 04:54:21 GMT
content-encoding
gzip
surrogate-key
anotepad.com/note/read/5irg33y
last-modified
Tue, 12 Nov 2019 04:54:21 GMT
vary
Accept-Encoding
x-varnish
2479516060
status
200
cache-control
no-transform, must-revalidate, max-age=0, s-maxage=3600
accept-ranges
bytes
content-type
application/json
content-length
76
truncated
/ 		171 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0d2fd5a42a1849ad0d820611e243fd81fe81ee767716b639ff7e88c1e9f78bb6

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		937 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c69e528427c8218cb4bc5fe647db3366146403d53593a3f96482479a14eca234

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png

Verdicts & Comments Add Verdict or Comment

79 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| Notepad function| $ function| jQuery object| zfgformats boolean| zfgloadednative boolean| _retranberw object| jQuery111307094050190913217 function| fnEmailNote function| fnMobileMenu function| fnEnableRichTextEditor function| fnDisableRichTextEditor function| fnSortByTitle function| fnSortByUpdated function| fnManageFolders function| fnLoadManageFolderContent function| fnCreateFolder function| fnDeleteFolder function| fnRenameFolder function| fnRenameFolderSave function| fnRenameFolderCancel function| fnOpenFolder function| fnLoadFolderList function| fnMoveNoteToFolder function| fnEnableNoteDragDrop function| fnSaveNote function| fnSaveNoteNew function| fnSaveNoteEdit function| fnSaveNoteQuickEdit function| fnAutoSaveInit function| fnAutoSaveNote function| fnAutoSaveNoteNew function| fnAutoSaveNoteEdit function| fnAutoSaveNoteQuickEdit function| fnManageNoteAccess function| fnUpdateNoteAccessText function| fnCommentLoad function| fnCommentAdd function| fnCommentDelete function| fnCommentReply function| fnShowAlert object| addthis_config string| GoogleAnalyticsObject function| ga function| atwpjp string| _atd function| _euc function| _duc object| _atc string| _atr object| addthis string| addthis_pub function| emdot object| _ate object| _adr object| addthis_conf function| addthis_open function| addthis_close function| addthis_sendto object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| regeneratorRuntime object| __core-js_shared__ object| core function| setImmediate function| clearImmediate boolean| _babelPolyfill function| _retranber object| _nps boolean| __@@##MUH object| _0x550c function| _0x56ae object| sdk boolean| installOnFly object| addthis_share object| oattr

5 Cookies

Domain/Path Name / Value
anotepad.com/ Name: __atuvs
Value: 5dca3afd7d97140c000
.anotepad.com/ Name: _gat
Value: 1
.anotepad.com/ Name: _gid
Value: GA1.2.1730825652.1573534461
anotepad.com/ Name: __atuvc
Value: 1%7C46
.anotepad.com/ Name: _ga
Value: GA1.2.1373786618.1573534461

2 Console Messages

Source Level URL
Text
console-api warning (Line 1)
Message:
undefined
console-api log (Line 1)
Message:
service worker path (u): /sw.js event domain: https://nativepu.sh

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
anotepad.com
api-public.addthis.com
cdn.anotepad.com
maxcdn.bootstrapcdn.com
nativepu.sh
s7.addthis.com
stats.g.doubleclick.net
tharbadir.com
v1.addthisedge.com
www.google-analytics.com
www.google.com
www.google.de
z.moatads.com
143.204.101.124
188.72.202.173
188.72.202.2
2.18.235.40
2001:4de0:ac19::1:b:2b
207.244.104.157
23.210.248.44
2a00:1450:4001:816::200a
2a00:1450:4001:817::2004
2a00:1450:4001:81b::200e
2a00:1450:4001:825::2003
2a00:1450:400c:c00::9a
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
0ba4c64d786cf091aaba3677f98931806d85460f1dff504cadb5157944227f4e
0d2fd5a42a1849ad0d820611e243fd81fe81ee767716b639ff7e88c1e9f78bb6
18f26c6d9205445478366296bd9ebdef5d3eeff449ade7834a43ba91e2323b0b
2cb970011adde0b671d8f65036eed91e5e1655da21fbb93b1de313a3df636538
320234eed5074007e104cd07605ae4407f3397a2a2377aa02123612e2e72fd4e
441dfbf2d6e7e8ce0dd1fc034012a2da2a814b9d1423382de5a2c703afe66ebd
4cf8b4da854cac70fb514c2d255e93904353bda1fcc7229de2f59d5971d83028
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
653e073e97423adda5bc3917a241ee8497dd38a48f14bcde0098a4e54fd0fa5e
710cca8f2c9700b0ad0488c3b51f5ffd4d0333c88a2adbd104c6661d33b90442
7c20e3e201e3d7c6821e907def1257deb544eb08578c7129b96d53bbf62d34e4
8a4f6f8c636723524068b10bb6a5c2c5bfec92f70f2f922705b63e81dd5129d2
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
c4cbcc68d7a949e09034b1bdf19f4da6d9727b7f0d91bfaa146579d84d027f25
c4d8dbe77feb63e5a61bee0bead4e5f66e8fa6a927599bd1b74aced52467273c
c69e528427c8218cb4bc5fe647db3366146403d53593a3f96482479a14eca234
c727e3ded7f2833de2e1dc20e266ed56c0664cda2b7bf3ecdf400cf5b9e88f8f
ca09207a8c71152466068e0b42a37556b8cc2a667e956685aafda751a937d1c3
d8b6a91d5e407a4763ea757911a6efe4223f24042a95cfdddd2b953f2b8ae812
d987acf66cc16c2c708728aa4de214c7e3eedaef30fedacbaa8552eb757b0924
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed5e0b418228eba3d85fceabde461c8435ed420eb277061e3dd242bd13828609
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881