note1s.com Open in urlscan Pro
151.139.128.10 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://note1s.com/notes/R37A2K
Submission: On May 20 via manual (May 20th 2023, 3:23:11 pm UTC) from US — Scanned from GE

Summary HTTP 66 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 32 IPs in 6 countries across 28 domains to perform 66 HTTP transactions. The main IP is 151.139.128.10, located in United States and belongs to STACKPATH-CDN, US. The main domain is note1s.com. The Cisco Umbrella rank of the primary domain is 665163.
TLS certificate: Issued by R3 on May 1st 2023. Valid for: 3 months.

This is the only time note1s.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
9	151.139.128.10 151.139.128.10	20446 (STACKPATH...) (STACKPATH-CDN)
1	142.250.186.74 142.250.186.74	15169 (GOOGLE) (GOOGLE)
2	104.17.24.14 104.17.24.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.186.104 142.250.186.104	15169 (GOOGLE) (GOOGLE)
6	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
2	95.110.206.108 95.110.206.108	31034 (ARUBA-ASN) (ARUBA-ASN)
1	3.122.152.250 3.122.152.250	16509 (AMAZON-02) (AMAZON-02)
1	192.0.72.26 192.0.72.26	2635 (AUTOMATTIC) (AUTOMATTIC)
3	13.227.219.52 13.227.219.52	16509 (AMAZON-02) (AMAZON-02)
4	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
3	172.217.16.195 172.217.16.195	15169 (GOOGLE) (GOOGLE)
1	142.250.186.138 142.250.186.138	15169 (GOOGLE) (GOOGLE)
2	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
2	216.239.32.178 216.239.32.178	15169 (GOOGLE) (GOOGLE)
1	18.66.15.11 18.66.15.11	16509 (AMAZON-02) (AMAZON-02)
1	108.138.36.27 108.138.36.27	16509 (AMAZON-02) (AMAZON-02)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	151.101.65.229 151.101.65.229	54113 (FASTLY) (FASTLY)
1	18.66.123.194 18.66.123.194	16509 (AMAZON-02) (AMAZON-02)
1	104.22.53.86 104.22.53.86	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	178.250.1.3 178.250.1.3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
1	142.250.186.129 142.250.186.129	15169 (GOOGLE) (GOOGLE)
2	35.190.39.111 35.190.39.111	15169 (GOOGLE) (GOOGLE)
1	99.80.210.150 99.80.210.150	16509 (AMAZON-02) (AMAZON-02)
1	162.19.138.82 162.19.138.82	16276 (OVH) (OVH)
2	178.250.7.13 178.250.7.13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	216.58.212.129 216.58.212.129	15169 (GOOGLE) (GOOGLE)
1	142.250.186.68 142.250.186.68	() ()
1 2	34.98.64.218 34.98.64.218	() ()
66	32

9 151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net

note1s.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
traffic1s.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.74 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.104 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.110.206.108 (Arezzo, Italy)

ASN31034 (ARUBA-ASN, IT)
PTR: host108-206-110-95.serverdedicati.aruba.it

cdn.exmarketplace.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.122.152.250 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-152-250.eu-central-1.compute.amazonaws.com

themindunleashed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.72.26 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

crberryauthor.files.wordpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.227.219.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-219-52.ams54.r.cloudfront.net

quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.16.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.138 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f10.1e100.net

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.239.32.178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.15.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-15-11.vie50.r.cloudfront.net

test.quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.36.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-36-27.muc50.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.229 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.123.194 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-123-194.fra60.r.cloudfront.net

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.22.53.86 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

adservice.google.ge	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.129 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f1.1e100.net

0f5597e589f10cf53d17c6df0c05ac5e.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.39.111 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 111.39.190.35.bc.googleusercontent.com

esp.rtbhouse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.80.210.150 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-210-150.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.82 (France)

ASN16276 (OVH, FR)
PTR: ns31532337.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.7.13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.58.212.129 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f129.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.68 (None, )

ASN- ()

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (None, ) 1 redirects

ASN- ()

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 93 0f5597e589f10cf53d17c6df0c05ac5e.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 132	87 KB
8	note1s.com note1s.com — Cisco Umbrella Rank: 665163	169 KB
7	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184 googleads.g.doubleclick.net — Cisco Umbrella Rank: 34 cm.g.doubleclick.net Failed	170 KB
4	consensu.org quantcast.mgr.consensu.org — Cisco Umbrella Rank: 3592 test.quantcast.mgr.consensu.org — Cisco Umbrella Rank: 22909	162 KB
3	gstatic.com fonts.gstatic.com	31 KB
2	openx.net oajs.openx.net Failed google-bidout-d.openx.net	970 B
2	criteo.com gum.criteo.com — Cisco Umbrella Rank: 413	7 KB
2	rtbhouse.com esp.rtbhouse.com — Cisco Umbrella Rank: 3109	315 B
2	google.com adservice.google.com — Cisco Umbrella Rank: 68 www.google.com	2 KB
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 862 id5-sync.com — Cisco Umbrella Rank: 421	18 KB
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1025 bcp.crwdcntrl.net — Cisco Umbrella Rank: 863	12 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 30	21 KB
2	exmarketplace.com cdn.exmarketplace.com — Cisco Umbrella Rank: 76597	21 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 199	88 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35 ajax.googleapis.com — Cisco Umbrella Rank: 320	32 KB
1	google.ge adservice.google.ge — Cisco Umbrella Rank: 73522	531 B
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 2334	8 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 639	13 KB
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 2631	2 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 344	1 KB
1	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 2758	2 KB
1	traffic1s.com traffic1s.com — Cisco Umbrella Rank: 523063	6 KB
1	wordpress.com crberryauthor.files.wordpress.com	82 KB
1	themindunleashed.com themindunleashed.com	62 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	46 KB
0	adsrvr.org Failed match.adsrvr.org Failed
0	adform.net Failed c1.adform.net Failed
0	quantserve.com Failed cms.quantserve.com Failed
66	28

	Domain	Requested by
8	note1s.com	note1s.com
6	securepubads.g.doubleclick.net	note1s.com securepubads.g.doubleclick.net
4	pagead2.googlesyndication.com	note1s.com tpc.googlesyndication.com
3	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
3	fonts.gstatic.com	fonts.googleapis.com
3	quantcast.mgr.consensu.org	note1s.com
2	google-bidout-d.openx.net	1 redirects oa.openxcdn.net
2	gum.criteo.com	static.criteo.net gum.criteo.com
2	esp.rtbhouse.com	note1s.com
2	www.google-analytics.com	www.googletagmanager.com note1s.com
2	cdn.exmarketplace.com	note1s.com cdn.exmarketplace.com
2	cdnjs.cloudflare.com	note1s.com cdnjs.cloudflare.com
1	www.google.com	tpc.googlesyndication.com
1	id5-sync.com	note1s.com
1	bcp.crwdcntrl.net	note1s.com
1	0f5597e589f10cf53d17c6df0c05ac5e.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.ge	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	static.criteo.net	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	cdn.jsdelivr.net	securepubads.g.doubleclick.net
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	test.quantcast.mgr.consensu.org	note1s.com
1	googleads.g.doubleclick.net	pagead2.googlesyndication.com
1	ajax.googleapis.com	traffic1s.com
1	traffic1s.com	note1s.com
1	crberryauthor.files.wordpress.com	note1s.com
1	themindunleashed.com	note1s.com
1	www.googletagmanager.com	note1s.com
1	fonts.googleapis.com	note1s.com
0	cm.g.doubleclick.net Failed	google-bidout-d.openx.net
0	match.adsrvr.org Failed	google-bidout-d.openx.net
0	c1.adform.net Failed	google-bidout-d.openx.net
0	cms.quantserve.com Failed	google-bidout-d.openx.net
0	oajs.openx.net Failed	note1s.com
66	38

This site contains links to these domains. Also see Links.

Domain
anotepad.com
writeablog.net
www.openlearning.com
www.pearltrees.com
link1s.com
1shorten.com
kiemlua.com

Subject Issuer	Validity	Valid
note1s.com R3	`2023-05-01` - `2023-07-30`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.exmarketplace.com Sectigo RSA Domain Validation Secure Server CA	`2023-04-20` - `2024-05-05`	a year	crt.sh
themindunleashed.com R3	`2023-05-08` - `2023-08-06`	3 months	crt.sh
*.files.wordpress.com Sectigo ECC Domain Validation Secure Server CA	`2022-11-23` - `2023-12-24`	a year	crt.sh
traffic1s.com R3	`2023-04-25` - `2023-07-24`	3 months	crt.sh
cmp.quantcast.com R3	`2023-04-14` - `2023-07-13`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2022-11-07` - `2023-12-06`	a year	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2023-04-28` - `2023-07-28`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
cdn.prod.uidapi.com R3	`2023-05-18` - `2023-08-16`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-24` - `2023-06-18`	3 months	crt.sh
oa.openxcdn.net GTS CA 1D4	`2023-03-30` - `2023-06-28`	3 months	crt.sh
*.google.com.ge GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
esp.rtbhouse.com GTS CA 1D4	`2023-05-17` - `2023-08-15`	3 months	crt.sh
*.id5-sync.com R3	`2023-04-18` - `2023-07-17`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-12` - `2023-08-10`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh

This page contains 8 frames:

Primary Page: https://note1s.com/notes/R37A2K
Frame ID: 74EB5EC43ABB5937D815E8476C59DD0D
Requests: 47 HTTP requests in this frame

Frame: https://note1s.com/sbbi/?sbbpg=sbbShell&gprid=uL
Frame ID: FF408E7779C77434073F3EB84CC96165
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230517/r20190131/zrt_lookup.html
Frame ID: D2E2D375B018C6EE2ADDCE3344C69384
Requests: 1 HTTP requests in this frame

Frame: https://0f5597e589f10cf53d17c6df0c05ac5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A5672FDCA43216D69558CF7A01D1F3EC
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=note1s.com&gdpr=0&gdpr_consent=
Frame ID: 208F2822313F6AC1C4071F65EE0F4346
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 68A04D837B6CDA87451310A8362284D5
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: AF3CA630F876546D44E7DB846E8A6199
Requests: 2 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?cc=1&plm=5
Frame ID: 38B320C5FB2F295DA5C3E018145FBE5A
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Note: What is the explanation behind individuals wearing tin foil hats

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Quantcast Choice (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

quantcast\.mgr\.consensu\.org

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

66
Requests

89 %
HTTPS

0 %
IPv6

28
Domains

38
Subdomains

32
IPs

6
Countries

1044 kB
Transfer

2917 kB
Size

21
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://anotepad.com/notes/e78gx3c6
Title: tinfoil hat origin

Search URL Search Domain Scan URL

URL: https://writeablog.net/yogurtbrand2/what-is-the-rationale-behind-individuals-wearing-tin-foil-hats-km5m
Title: https://writeablog.net/yogurtbrand2/what-is-the-rationale-behind-individuals-wearing-tin-foil-hats-km5m

Search URL Search Domain Scan URL

URL: https://www.openlearning.com/u/vincentaagesen-rtvgjv/blog/WhatSortOfTinFoilHatsAreWornByPeople012
Title: More help

Search URL Search Domain Scan URL

URL: https://www.pearltrees.com/airbusbeer2/item519471458
Title: Click here!

Search URL Search Domain Scan URL

URL: https://link1s.com/
Title: Rút gọn link kiếm tiền

Search URL Search Domain Scan URL

URL: https://1shorten.com/
Title: All shorteners in One

Search URL Search Domain Scan URL

URL: https://kiemlua.com/
Title: Kiếm tiền Online

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 55

https://google-bidout-d.openx.net/w/1.0/pd?plm=5 HTTP 302
https://google-bidout-d.openx.net/w/1.0/pd?cc=1&plm=5

66 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request R37A2K Show response
note1s.com/notes/ 33 KB
15 KB 573ms
277ms Document
text/html 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://note1s.com/notes/R37A2K

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map3.hwcdn.net

Software

fbs / LarVPS

Resource Hash

55f58aab9962486171a0847c430f3bfc3f3b33958bed93882d01e6bbc9e08593

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-cache, private
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 20 May 2023 15:23:04 GMT
server: fbs
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-hw: 1684596184.cds262.fr8.hn,1684596184.cds325.fr8.sc,1684596184.waf1-node02-fra02.stackpath.systems.-.wx,1684596184.cds325.fr8.p
x-powered-by: LarVPS
x-xss-protection: 1; mode=block

GET
H2 200 css
fonts.googleapis.com/ 2 KB
959 B 463ms
153ms Stylesheet
text/css 142.250.186.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Nunito

Requested by

Host: note1s.com
URL: https://note1s.com/notes/R37A2K

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f10.1e100.net

Software

ESF /

Resource Hash

acb56c6f7cb5d7535893ca8f3ede167db52e709927be848f4285ab3d92973bb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://note1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 20 May 2023 15:23:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 20 May 2023 15:10:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 20 May 2023 15:23:05 GMT

GET
H2 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/ 58 KB
11 KB 712ms
144ms Stylesheet
text/css 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css

Requested by

Host: note1s.com
URL: https://note1s.com/notes/R37A2K

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://note1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 May 2023 15:23:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 753969
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10462
last-modified: Mon, 13 Sep 2021 19:10:03 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "613fa20b-28de"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IDap7XwS0dH102%2FZi9Q%2Fq3Q8vKRUNYRza2FB%2BbPEvPHk7JZeddxxpCUm2bQui6o9M7Ft0emmcUddfV%2B0IkwQA3jKNFbBzBW63gYHuLiY9QrfF7Qw0Ng2lHlylCcR3pHFOnRTzjZ2"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7ca5942ddcbf37f8-FRA
expires: Thu, 09 May 2024 15:23:05 GMT

GET
H2 200 app.css
note1s.com/css/ 143 KB
28 KB 227ms
227ms Stylesheet
text/css 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://note1s.com/css/app.css?id=ebe28cb9d875b19bed6b
Requested by: Host: note1s.com
URL: https://note1s.com/notes/R37A2K
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: fbs /
Resource Hash: bb4e5956f130d6375ce85ca1225536f8852c4ca5b16ee74cb882ee40a4cbedd2

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://note1s.com/notes/R37A2K
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 May 2023 15:23:04 GMT
content-encoding: gzip
last-modified: Tue, 09 May 2023 06:34:10 GMT
server: fbs
etag: W/"6459e962-23c92"
x-hw: 1684596184.cds262.fr8.hn,1684596184.cds323.fr8.c
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 27999

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 117 KB
46 KB 426ms
146ms Script
application/javascript 142.250.186.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-129758818-11

Requested by

Host: note1s.com
URL: https://note1s.com/notes/R37A2K

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

8b5f15dca66c16b78603183689c81de78840b932c874af986c3ff299c753260e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://note1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 May 2023 15:23:05 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46497
x-xss-protection: 0
last-modified: Sat, 20 May 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 20 May 2023 15:23:05 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 76 KB
25 KB 509ms
218ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: note1s.com
URL: https://note1s.com/notes/R37A2K

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

e95f105528cec6c3b1ccf8376261f5c1f2dd12cc1ee61225bcd4d373ce4f514c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://note1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 May 2023 15:23:05 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25324
x-xss-protection: 0
server: cafe
etag: 953 / 19497 / m202305150101 / config-hash: 12351717780372853951
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 20 May 2023 15:23:05 GMT

GET
H/1.1 200
OK note1s.dfp.min.js Show response
cdn.exmarketplace.com/bidder/note1s/ 56 KB
18 KB 928ms
498ms Script
application/javascript 95.110.206.108
ARUBA-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.exmarketplace.com/bidder/note1s/note1s.dfp.min.js
Requested by: Host: note1s.com
URL: https://note1s.com/notes/R37A2K
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.110.206.108 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS: host108-206-110-95.serverdedicati.aruba.it
Software: nginx/1.20.1 /
Resource Hash: faedfeefc726ed56cbd58f17290f2ea5833f455f12098ebb287fca796a21eac2

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://note1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 20 May 2023 18:19:41 GMT
Content-Encoding: gzip
Via: 1.1 varnish (Varnish/5.2)
X-Cacheable: YES
age: 0
X-Cache: HIT
X-UnsetCookies: TRUE
Connection: keep-alive
Content-Length: 17810
Last-Modified: Fri, 19 May 2023 07:15:46 GMT
Server: nginx/1.20.1
ETag: "e1e7-5fc06b0a13ea5-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
X-Varnish: 231128007 202098485
Access-Control-Allow-Origin: *
cache-control: max-age=900
Accept-Ranges: bytes

GET
H2 200 logo.png
note1s.com/images/ 19 KB
19 KB 304ms
301ms Image
image/png 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://note1s.com/images/logo.png
Requested by: Host: note1s.com
URL: https://note1s.com/notes/R37A2K
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: fbs /
Resource Hash: 9f726a0127ce218459cccfbec762795e5897b91c4c3ed3aa653b982c2f35fbfc

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://note1s.com/notes/R37A2K
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 May 2023 15:23:05 GMT
last-modified: Tue, 09 May 2023 14:22:05 GMT
server: fbs
etag: "645a570d-4d27"
x-hw: 1684596185.cds262.fr8.hn,1684596185.cds160.fr8.c
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 19751

GET
H2 200 tin-foillll.jpg
themindunleashed.com/wp-content/uploads/2014/05/ 62 KB
62 KB 2184ms
1608ms Image
image/webp 3.122.152.250
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://themindunleashed.com/wp-content/uploads/2014/05/tin-foillll.jpg
Requested by: Host: note1s.com
URL: https://note1s.com/notes/R37A2K
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.122.152.250 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-122-152-250.eu-central-1.compute.amazonaws.com
Software: nginx/1.23.4 /
Resource Hash: b078d0e36319047ba298c71fdfbbf7c52699587d6863138dfb5021b7ec49ef9b

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://note1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 May 2023 15:23:07 UTC
content-encoding: br
display: staticcontent_sol
x-ezoic-cdn: Miss
x-middleton-display: staticcontent_sol
x-middleton-response: 200
x-ezoic-excludewebp: false
response: 200
last-modified: Sat, 09 Sep 2017 04:53:46 GMT
server: nginx/1.23.4
etag: "59b373da-24506-gzip"
x-origin-cache-control: max-age=604800
vary: Accept-Encoding,X-Ezoic-Excludewebp,User-Agent,Origin
content-type: image/webp
cache-control: public, max-age=86400
x-proxy-cache: STATIC/TYPE

GET
H2 200 tin_foil_hat_3.png
crberryauthor.files.wordpress.com/2020/03/ 82 KB
82 KB 426ms
132ms Image
image/webp 192.0.72.26
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://crberryauthor.files.wordpress.com/2020/03/tin_foil_hat_3.png?w=880&h=312&crop=1

Requested by

Host: note1s.com
URL: https://note1s.com/notes/R37A2K

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.72.26 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

57cd10686ae71459fe6c817253ebe772adcb88e83516bc7024168a873a9fcc1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://note1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT hhn 26 np
date: Sat, 20 May 2023 15:23:05 GMT
x-content-type-options: nosniff, nosniff
last-modified: Wed, 11 Mar 2020 17:29:49 GMT
server: nginx
x-orig-src: 0_imageresize
vary: Accept, Origin
content-type: image/webp
access-control-allow-origin: https://crberryauthor.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 84082
expires: Thu, 22 Jun 2023 17:45:36 GMT

GET
H2 200 site.js Show response
traffic1s.com/js/ 22 KB
6 KB 427ms
138ms Script
application/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://traffic1s.com/js/site.js?v=7

Requested by

Host: note1s.com
URL: https://note1s.com/notes/R37A2K

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map3.hwcdn.net

Software

nginx /

Resource Hash

271f3b24a9e7bfe207729f336ba2b31de3863ca7bd35ec9de2916478eed8771d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval';
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://note1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 May 2023 15:23:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval';
last-modified: Wed, 19 Apr 2023 02:38:34 GMT
server: nginx
etag: W/"643f542a-5650"
x-frame-options: SAMEORIGIN
x-hw: 1684596185.cds333.fr8.hn,1684596185.cds203.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 5494
x-xss-protection: 1; mode=block

GET
H2 200 app.js Show response
note1s.com/js/ 258 KB
93 KB 140ms
140ms Script
application/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://note1s.com/js/app.js?id=0e83dba9e8630f1a1f92
Requested by: Host: note1s.com
URL: https://note1s.com/notes/R37A2K
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: fbs /
Resource Hash: 8b5da51cc7922a21ec9681c479cb6709d39d388235a4570c7f626ddd6174485d

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://note1s.com/notes/R37A2K
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 May 2023 15:23:05 GMT
content-encoding: gzip
last-modified: Tue, 09 May 2023 06:34:10 GMT
server: fbs
etag: W/"6459e962-40688"
x-hw: 1684596185.cds262.fr8.hn,1684596185.cds275.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 94951

GET
H2 200 cmp2.js Show response
quantcast.mgr.consensu.org/tcfv2/23/ 266 KB
67 KB 1484ms
166ms Script
text/javascript 13.227.219.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/tcfv2/23/cmp2.js
Requested by: Host: note1s.com
URL: https://note1s.com/notes/R37A2K
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.227.219.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-219-52.ams54.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b3d7664a9bc1602bae1581a2bb4181109516fb2ae83e439e272954399a8adb12

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://note1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 May 2023 14:10:02 GMT
content-encoding: br
via: 1.1 3af85c3075e12aff72b9e148b99d6622.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 90785
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
cross-origin-resource-policy: cross-origin
last-modified: Fri, 18 Dec 2020 15:09:38 GMT
server: AmazonS3
etag: W/"c6ce2ec2de0e055e2cd4aa8901f10de9"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=172800
vary: Accept-Encoding
x-amz-cf-id: AsYcHcLAqmK9QbpTPs2mxAM8gP8jrx4tGmYyjwkJMaW68J7XUwYf3w==

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 136 KB
47 KB 486ms
199ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: note1s.com
URL: https://note1s.com/notes/R37A2K

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

beefff72be74e76b7e27d9e9a857e357e6b77d65d43e6252146181076ecb6a02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://note1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 May 2023 15:23:05 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47360
x-xss-protection: 0
server: cafe
etag: 1486256109715235268
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 20 May 2023 15:23:05 GMT

GET
H2 200 / Show response
note1s.com/sbbi/ Frame FF40 25 KB
11 KB 297ms
297ms Document
text/html 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://note1s.com/sbbi/?sbbpg=sbbShell&gprid=uL&sbbgs=h41fa314f676fa5d56a5286de56cd4b80340&ddl=1
Requested by: Host: note1s.com
URL: https://note1s.com/notes/R37A2K
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: fbs /
Resource Hash: 44e9f7f6b20c1de26576d9613ab37d6f598fbe9178b8ab5e3e169709c08b10ad

Request headers

Referer: https://note1s.com/notes/R37A2K
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-store, no-cache, max-age=0, must-revalidate, private, max-stale=0, post-check=0, pre-check=0
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 20 May 2023 15:23:05 GMT
server: fbs
x-accel-expires: 0
x-hw: 1684596185.cds262.fr8.hn,1684596185.cds057.fr8.sc,1684596185.waf1-node02-fra02.stackpath.systems.-.i,1684596185.cds057.fr8.p

GET
H2 200 /
note1s.com/sbbi/ 43 B
261 B 296ms
296ms Image
image/gif 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://note1s.com/sbbi/?sbbpg=utMedia&vii=1h14912f5a03e1c48fa6c7a62fca051dc5c6aa757238a60dee5546dc6da4db48s0t3m4u0
Requested by: Host: note1s.com
URL: https://note1s.com/notes/R37A2K
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: fbs /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://note1s.com/notes/R37A2K
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
x-accel-expires: 0
date: Sat, 20 May 2023 15:23:05 GMT
cache-control: no-store, no-cache, max-age=0, must-revalidate, private, max-stale=0, post-check=0, pre-check=0
server: fbs
x-hw: 1684596185.cds262.fr8.hn,1684596185.cds057.fr8.sc,1684596185.waf1-node02-fra02.stackpath.systems.-.i,1684596185.cds057.fr8.p
content-type: image/gif

GET
H2 200 XRXI3I6Li01BKofiOc5wtlZ2di8HDLshdTQ3jw.woff2
fonts.gstatic.com/s/nunito/v25/ 14 KB
14 KB 419ms
134ms Font
font/woff2 172.217.16.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunito/v25/XRXI3I6Li01BKofiOc5wtlZ2di8HDLshdTQ3jw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f3.1e100.net

Software

sffe /

Resource Hash

5e2f97ea0fb92d5e3ae31eeef403b9c34363c8fb2a387e13cf381fa97f3e8cf7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://note1s.com
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 May 2023 14:30:45 GMT
x-content-type-options: nosniff
age: 3140
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14060
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:44:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 May 2024 14:30:45 GMT

GET
H3 200 fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/webfonts/ 76 KB
77 KB 290ms
145ms Font
application/octet-stream 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/webfonts/fa-solid-900.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8f52ae059ebd18fcb45ca5d2f81ab410ade2b54e096aa1284fd4b2b97bf3ddc9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css
Origin: https://note1s.com
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 May 2023 15:23:05 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1017890
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 78268
last-modified: Mon, 13 Sep 2021 19:10:03 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "613fa20b-131bc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1KHy3L58gpNraZDcpdt%2BFQKyND%2FxT7FZGl6LWc6TZVEOCYq7bZU%2BShzdQmac5lUwV5qzOl4w3jt1AMJvYuWgcM84LrAX1ctfLlj0D%2FgwqwPNa4UcRwwPclUBRuV4Ngse2a2LLRUD"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7ca594304f24377b-FRA
expires: Thu, 09 May 2024 15:23:05 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.6.0/ 87 KB
31 KB 429ms
141ms Script
text/javascript 142.250.186.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js

Requested by

Host: traffic1s.com
URL: https://traffic1s.com/js/site.js?v=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f10.1e100.net

Software

sffe /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://note1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 May 2023 03:57:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 41122
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31017
x-xss-protection: 0
last-modified: Wed, 10 Mar 2021 14:28:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 May 2024 03:57:43 GMT

GET
H2 200 XRXI3I6Li01BKofiOc5wtlZ2di8HDLshdTs3j77e.woff2
fonts.gstatic.com/s/nunito/v25/ 4 KB
4 KB 350ms
159ms Font
font/woff2 172.217.16.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunito/v25/XRXI3I6Li01BKofiOc5wtlZ2di8HDLshdTs3j77e.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f3.1e100.net

Software

sffe /

Resource Hash

7ed3b3e7cc5d46c24c6e02c7bd33100fbdd09822b0fb230956369b4881da6953

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://note1s.com
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 May 2023 15:16:22 GMT
x-content-type-options: nosniff
age: 403
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4252
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:27:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 May 2024 15:16:22 GMT

GET
H2 200 XRXI3I6Li01BKofiOc5wtlZ2di8HDLshdTo3j77e.woff2
fonts.gstatic.com/s/nunito/v25/ 12 KB
13 KB 140ms
140ms Font
font/woff2 172.217.16.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunito/v25/XRXI3I6Li01BKofiOc5wtlZ2di8HDLshdTo3j77e.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f3.1e100.net

Software

sffe /

Resource Hash

a8aed46dba06a6b68d94a3204205fc78f1e9fc5c90e69ca49fad346e3b7e47b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://note1s.com
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 May 2023 15:27:27 GMT
x-content-type-options: nosniff
age: 604538
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12736
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:32:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 May 2024 15:27:27 GMT

POST
H2 200 / Show response
note1s.com/sbbi/ Frame FF40 532 B
487 B 192ms
192ms Document
text/html 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://note1s.com/sbbi/?sbbpg=sbbShell&gprid=uL&sbbgs=h41fa314f676fa5d56a5286de56cd4b80340&ddl=1
Requested by: Host: note1s.com
URL: https://note1s.com/notes/R37A2K
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: fbs /
Resource Hash: eebc1e16930f8c02d8df7b36daf1d89122876c974d5599cc37d6f6c4b6c7519d

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://note1s.com
Referer: https://note1s.com/sbbi/?sbbpg=sbbShell&gprid=uL&sbbgs=h41fa314f676fa5d56a5286de56cd4b80340&ddl=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-store, no-cache, max-age=0, must-revalidate, private, max-stale=0, post-check=0, pre-check=0
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 20 May 2023 15:23:06 GMT
server: fbs
x-accel-expires: 0
x-hw: 1684596185.cds262.fr8.hn,1684596185.cds330.fr8.sc,1684596186.waf1-node03-fra02.stackpath.systems.-.i,1684596186.cds330.fr8.p

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/ 408 KB
126 KB 137ms
137ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

bd84d3b448dfa1f7ded33de1848cb5f06946f8d86058e9c8d183ae3dddea4ff3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://note1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 May 2023 14:45:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2261
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128722
x-xss-protection: 0
server: cafe
etag: 7615930951174331818
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sun, 19 May 2024 14:45:25 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 839 B
413 B 446ms
171ms XHR
application/json 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=note1s.com

Requested by

Host: note1s.com
URL: https://note1s.com/notes/R37A2K

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

32a7b9d9bf98f3969f628f02f2f0a72b1123e80c28f4683f1b0c787ca2220ad2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://note1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 May 2023 15:23:06 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 388
x-xss-protection: 0
expires: Sat, 20 May 2023 15:23:06 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230517/r20190131/ Frame D2E2 10 KB
5 KB 405ms
132ms Document
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230517/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://note1s.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

age: 29708
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 20 May 2023 07:07:58 GMT
etag: 15057649708203361565
expires: Sat, 03 Jun 2023 07:07:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 433ms
137ms Script
text/javascript 216.239.32.178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-129758818-11

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.239.32.178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://note1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 20 May 2023 14:35:39 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 2847
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Sat, 20 May 2023 16:35:39 GMT

GET
H2 200 / Show response
note1s.com/sbbi/ Frame FF40 7 KB
3 KB 144ms
144ms Document
text/html 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://note1s.com/sbbi/?sbbpg=sbbShell&gprid=uL
Requested by: Host: note1s.com
URL: https://note1s.com/notes/R37A2K
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: fbs /
Resource Hash: 11c84f2693b8cb0a56966621a000b1031c5249ab9cf85ec23fb2f4cb16923ec1

Request headers

Referer: https://note1s.com/sbbi/?sbbpg=sbbShell&gprid=uL&sbbgs=h41fa314f676fa5d56a5286de56cd4b80340&ddl=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-store, no-cache, max-age=0, must-revalidate, private, max-stale=0, post-check=0, pre-check=0
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 20 May 2023 15:23:06 GMT
server: fbs
x-accel-expires: 0
x-hw: 1684596186.cds262.fr8.hn,1684596186.cds057.fr8.sc,1684596186.waf1-node02-fra02.stackpath.systems.-.i,1684596186.cds057.fr8.p

GET
H/1.1 200
OK pm.js Show response
cdn.exmarketplace.com/bidder/ 10 KB
3 KB 145ms
145ms Script
application/javascript 95.110.206.108
ARUBA-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.exmarketplace.com/bidder/pm.js
Requested by: Host: cdn.exmarketplace.com
URL: https://cdn.exmarketplace.com/bidder/note1s/note1s.dfp.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.110.206.108 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS: host108-206-110-95.serverdedicati.aruba.it
Software: nginx/1.20.1 /
Resource Hash: cddba030c45b4ea556c7ee07bb723bbffa04f0698d402b6a3274b0fde7e685e5

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://note1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 20 May 2023 18:19:42 GMT
Content-Encoding: gzip
Via: 1.1 varnish (Varnish/5.2)
X-Cacheable: YES
age: 0
X-Cache: HIT
X-UnsetCookies: TRUE
Connection: keep-alive
Content-Length: 2857
Last-Modified: Mon, 19 Jul 2021 16:09:25 GMT
Server: nginx/1.20.1
ETag: "26d6-5c77c29471045-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
X-Varnish: 231128033 98307
Access-Control-Allow-Origin: *
cache-control: max-age=900
Accept-Ranges: bytes

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 839 B
413 B 172ms
171ms XHR
application/json 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=note1s.com

Requested by

Host: note1s.com
URL: https://note1s.com/notes/R37A2K

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

32a7b9d9bf98f3969f628f02f2f0a72b1123e80c28f4683f1b0c787ca2220ad2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://note1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 May 2023 15:23:06 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 388
x-xss-protection: 0
expires: Sat, 20 May 2023 15:23:06 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
202 B 144ms
144ms XHR
text/plain 216.239.32.178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=1910842933&t=pageview&_s=1&dl=https%3A%2F%2Fnote1s.com%2Fnotes%2FR37A2K&ul=en-us&de=UTF-8&dt=Note%3A%20What%20is%20the%20explanation%20behind%20individuals%20wearing%20tin%20foil%20hats&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1525506006&gjid=1759683975&cid=567942890.1684596187&tid=UA-129758818-11&_gid=1257926062.1684596187&_r=1&gtm=457e35h0&jsscut=1&z=1222533537

Requested by

Host: note1s.com
URL: https://note1s.com/notes/R37A2K

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.239.32.178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://note1s.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 20 May 2023 15:23:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://note1s.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 google-atp-list.json Show response
quantcast.mgr.consensu.org/tcfv2/ 151 KB
37 KB 598ms
213ms XHR
application/json 13.227.219.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/tcfv2/google-atp-list.json
Requested by: Host: note1s.com
URL: https://note1s.com/notes/R37A2K
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.227.219.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-219-52.ams54.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 31d1a8b234ef7e3fcd967fe38bb63298be8faf869e0dcd5352c330ed5c18964b

Request headers

Accept: application/json, text/plain, */*
Referer: https://note1s.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 May 2023 03:00:28 GMT
content-encoding: gzip
via: 1.1 2dc050ab05a5052054de7d000d6c5f50.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 44560
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Sat, 20 May 2023 03:00:26 GMT
server: AmazonS3
etag: W/"1dbfd79d4ea7f69c0c42a2f6065532e7"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=172800
access-control-allow-credentials: true
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: 6VCxd33syhKd0cBtqfx5-jUfhCoD3ahoPpcyKlTDAgV4HQ6W7G9Tuw==

GET
H2 200 cmp-list.json Show response
test.quantcast.mgr.consensu.org/GVL-v2/ 10 KB
3 KB 508ms
231ms XHR
application/json 18.66.15.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://test.quantcast.mgr.consensu.org/GVL-v2/cmp-list.json
Requested by: Host: note1s.com
URL: https://note1s.com/notes/R37A2K
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.15.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-15-11.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7174a8bff46f7c25aa0167fbf071096b488058459bf9d555ddd592ceea171804

Request headers

Accept: application/json, text/plain, */*
Referer: https://note1s.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 May 2023 03:00:36 GMT
x-amz-version-id: EA_SjBSkshypkIlfN0HhjKy2zyQuHOeN
content-encoding: br
via: 1.1 f0aabb4cf746d4b45640e8d63e2aaf1c.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-P1
age: 44553
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Sun, 14 May 2023 19:52:29 GMT
server: AmazonS3
etag: W/"1b98afd5dc64e23911ff6ddbdf668803"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=172800
vary: Accept-Encoding
x-amz-cf-id: smybsdjcBLhE00ZycrHvCqEjONDyVataJ8cJXovRsEDt5WQLttdFgQ==

GET
H2 200 vendor-list.json Show response
quantcast.mgr.consensu.org/GVL-v2/ 412 KB
55 KB 160ms
160ms XHR
application/json 13.227.219.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/GVL-v2/vendor-list.json
Requested by: Host: note1s.com
URL: https://note1s.com/notes/R37A2K
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.227.219.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-219-52.ams54.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2c8fe5bc6a32607070351c84541e64d2e4178357e6f80e0e02c3d135c3f9752c

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://note1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 May 2023 03:00:37 GMT
content-encoding: gzip
via: 1.1 2dc050ab05a5052054de7d000d6c5f50.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 44552
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 19 May 2023 14:31:23 GMT
server: AmazonS3
etag: W/"d55beec764506f2a764ded1e0643a12a"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=172800
access-control-allow-credentials: true
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: wsmO5CSerbx-peUzu9ENY-qikKCxQVJVmY9ApHHaI6CzaBW4udKMcA==

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 38 KB
12 KB 492ms
175ms Script
text/javascript 108.138.36.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-27.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9cf4fc9350f69e442ebfdf130d4e601377e9273b642282a1ebb4f79d6116e8c5

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://note1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 May 2023 05:55:32 GMT
content-encoding: gzip
via: 1.1 210c8ad3e752d602af05a2de06eb2ff8.cloudfront.net (CloudFront)
last-modified: Thu, 27 Apr 2023 00:14:05 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P2
age: 34058
x-amz-server-side-encryption: AES256
etag: W/"37e703da55f96b973658b8e7aeed0e93"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: arca3x9sQ9pKEA--feZk7dGA5PvWs20BmYi0fqD-TtFHIgyrh9PIWA==

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 2 KB
2 KB 423ms
139ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 3b89401fea631023de67ae75bf8f246b1af109a9a4247c3862016949eacc462b

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://note1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 May 2023 15:13:04 GMT
via: 1.1 google
age: 605
x-guploader-uploadid: ADPycdv-5YXTb_uwfBVJD0qyaIO5UPvL_VfITZJG2A7B-RsrBtaY1sBJ3UPx2hckOpTEIaWT4lkOqLFQLpchMkD1NAdYTQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1938
last-modified: Thu, 27 Apr 2023 19:53:17 GMT
server: UploadServer
etag: "0a4a90264145ed4c5c647dae5dfb0429"
x-goog-generation: 1682625197861193
x-goog-hash: crc32c=jhvysQ==, md5=CkqQJkFF7UxcZH2uXfsEKQ==
content-type: text/javascript
cache-control: public, max-age=3600
x-goog-stored-content-length: 1938
accept-ranges: bytes
expires: Sat, 20 May 2023 16:13:04 GMT

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
1 KB 520ms
136ms Script
application/javascript 151.101.65.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.229 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://note1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 20 May 2023 15:23:09 GMT
x-content-type-options: nosniff
age: 8569
x-jsd-version: master
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 732
x-served-by: cache-fra-eddf8230085-FRA
x-jsd-version-type: branch
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 2 KB
2 KB 489ms
138ms Script
text/javascript 18.66.123.194
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.123.194 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-123-194.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://note1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 20 May 2023 02:36:56 GMT
Via: 1.1 da4de4427d18bee1d3254f1bbdad25f2.cloudfront.net (CloudFront)
Last-Modified: Thu, 04 May 2023 00:14:06 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA60-P2
Age: 45974
x-amz-server-side-encryption: AES256
ETag: "4d5acbf33f4a0592ac0515db92fe88e6"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1858
X-Amz-Cf-Id: _blaF_34rue6fqXeNQmiCOZDLkXgOTyGDQj5aQOSHHtFgzQmJhu4aw==

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 59 KB
17 KB 437ms
159ms Script
text/javascript 104.22.53.86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.53.86 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d961a31d3d2fdb93a35a4024f9878b2ed896cd86a084ceb8df6af3bc53e29125

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://note1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 May 2023 15:23:09 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 06 Apr 2023 12:00:04 GMT
server: cloudflare
x-amz-request-id: E4WC8ZW8FRBSGGPP
age: 337
etag: W/"110f0c3c343ee36404c8a2300f4755c3"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7ca59445fa33372d-FRA
x-amz-id-2: TMsGokgS315E6FqOBpK9yhlvLe7KChSKw0QjhrjgzOykJJ1NA1RdC2F8KGuLwT24kR5DpOJ39SZBKc9KV8oH4w==

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 39 KB
13 KB 506ms
219ms Script
text/javascript 178.250.1.3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

c7fc8dae04703101d705fac5268f8900d96149d6b2d3fdd6c1fac249ed16cf1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://note1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 May 2023 15:23:09 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 24 Feb 2023 07:57:32 GMT
server: nginx
etag: W/"63f86dec-9c21"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 21 May 2023 15:23:09 GMT

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 941ms
134ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://note1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 07:00:45 GMT
content-encoding: gzip
age: 2535744
x-guploader-uploadid: ADPycdvJ9f2JAcW_u33Wuncj8S73-G6Q6wRUusXGmU1oTYHkwdtBIiLp1LRa7LAdcbtsWxYQGd2x5956XBCXTVQq42M4_Q
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Sat, 20 Apr 2024 07:00:45 GMT

GET
H2 200 integrator.js Show response
adservice.google.ge/adsid/ 107 B
531 B 530ms
247ms Script
application/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ge/adsid/integrator.js?domain=note1s.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://note1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 May 2023 15:23:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 1414ms
138ms Script
application/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=note1s.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://note1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 May 2023 15:23:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 3 KB
843 B 755ms
754ms XHR
text/plain 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4427469890554953&correlator=2226019676022866&eid=31072020%2C31074686%2C31074764%2C31074768%2C31073558%2C31074508&output=ldjh&gdfp_req=1&vrg=202305150101&ptt=17&impl=fifs&gdpr=0&us_privacy=1---&iu_parts=42150330%3A22558101590%2Cnote1s%2Cnote1s_Incontent_1%2Cnote1s_Interstitial&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3&prev_iu_szs=728x90%7C300x250%7C336x280%7C580x400%7C360x300%2C1x1&ifi=1&adks=4158959527%2C743653958&didk=2054258831~2102096968&sfv=1-0-40&ists=1&fas=0%2C8&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1684596188794&lmt=1684596188&dlt=1684596184624&idt=1811&adxs=436%2C-9&adys=3217%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1%7C-1&ucis=1%7C2&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fnote1s.com%2Fnotes%2FR37A2K&frm=20&vis=1&psz=1330x0%7C0x-1&msz=1330x0%7C0x-1&fws=0%2C2&ohw=0%2C0&ga_vid=567942890.1684596187&ga_sid=1684596189&ga_hid=1910842933&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY5cyHzoMxSABSAghkEhkKCnB1YmNpZC5vcmcY6syHzoMxSABSAghkEhcKCHJ0YmhvdXNlGOjMh86DMUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRjszIfOgzFIAFICCGQSGQoKdWlkYXBpLmNvbRjrzIfOgzFIAFICCGQSFAoFb3BlbngY7MyHzoMxSABSAghkEhsKDGlkNS1zeW5jLmNvbRjrzIfOgzFIAFICCGQ.

Requested by

Host: note1s.com
URL: https://note1s.com/notes/R37A2K

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

633ef1bd5efcb003a3a616ebc6ee8a7529d880e3cb79cb1c9806086effc85d3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://note1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 May 2023 15:23:09 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 813
x-xss-protection: 0
google-lineitem-id: -2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://note1s.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 768ms
184ms XHR
application/json 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202305150101&st=env

Requested by

Host: note1s.com
URL: https://note1s.com/notes/R37A2K

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

df499f14cfdfddbca4fe75154efffc155d6093a1759332ccef2b6c0dcda20954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://note1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 May 2023 15:23:09 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11029
x-xss-protection: 0

GET
H2 200 container.html Show response
0f5597e589f10cf53d17c6df0c05ac5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A567 6 KB
3 KB 774ms
151ms Document
text/html 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://0f5597e589f10cf53d17c6df0c05ac5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://note1s.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 20 May 2023 15:23:09 GMT
expires: Sun, 19 May 2024 15:23:09 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/ 36 KB
13 KB 132ms
132ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl_page_level_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

de908e93aea0cafaa888a7bac1484a103fc232571a8d409b0913acc3c4f82c43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://note1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 May 2023 13:44:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5913
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12839
x-xss-protection: 0
server: cafe
etag: 429275192381491579
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sun, 19 May 2024 13:44:35 GMT

OPTIONS
H2 200 encrypt
esp.rtbhouse.com/ Frame 0
0 440ms
148ms Preflight
text/plain 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://note1s.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST, GET
access-control-allow-origin: https://note1s.com
access-control-max-age: 600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
content-type: text/plain; charset=utf-8
date: Sat, 20 May 2023 15:23:09 GMT
server: Google Frontend
vary: Origin
via: 1.1 google
x-cloud-trace-context: 71bb25e90318e818a7e0b3a1534283cc

POST
H2 200 encrypt Show response
esp.rtbhouse.com/ 221 B
315 B 256ms
256ms Fetch
application/json 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Requested by: Host: note1s.com
URL: https://note1s.com/notes/R37A2K
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 6104fcaa8c743400ee6a33063a8adbd60221092230eec13234a6c70f1aaf96ca

Request headers

Referer: https://note1s.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 20 May 2023 15:23:09 GMT
via: 1.1 google
server: Google Frontend
content-type: application/json
access-control-allow-origin: *
x-cloud-trace-context: 473a0a77e801e8f6826ae67d08f95c58
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 221

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 156 B
610 B 649ms
174ms XHR
application/json 99.80.210.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: note1s.com
URL: https://note1s.com/notes/R37A2K
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.80.210.150 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-80-210-150.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2560aff96dffb02f4b6f0986d1fb91b22960918493ac308f3527552634e4c55f

Request headers

Referer: https://note1s.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 20 May 2023 15:23:09 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://note1s.com
cache-control: no-cache
x-server: 10.45.12.162
access-control-allow-credentials: true
content-length: 156
expires: 0

GET
H/1.1 204 increment Show response
id5-sync.com/api/esp/ 0
319 B 408ms
138ms XHR
text/plain 162.19.138.82
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: note1s.com
URL: https://note1s.com/notes/R37A2K

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.82 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31532337.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://note1s.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://note1s.com
date: Sat, 20 May 2023 15:23:09 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 208F 15 KB
6 KB 431ms
148ms Document
text/html 178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=note1s.com&gdpr=0&gdpr_consent=

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

97cf4206e208ceee4baa88c1d02f47176d84c5c84f85f63bca9d23aa9f077dc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://note1s.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 20 May 2023 15:23:08 GMT
server: Kestrel
server-processing-duration-in-ticks: 507335
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 543ms
260ms Script
text/javascript 216.58.212.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f129.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://note1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 May 2023 15:23:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 20 May 2023 15:23:09 GMT

GET
H2 200 json Show response
gum.criteo.com/sid/ Frame 208F 457 B
568 B 141ms
141ms Fetch
application/json 178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=publishertagids&domain=note1s.com&sn=ChromeSyncframe&so=0&topUrl=note1s.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0

Requested by

Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=note1s.com&gdpr=0&gdpr_consent=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

8f38d4de9eaac268589545c7e7e05e9aaeef7612f0a988c9644b29b18b970976

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=note1s.com&gdpr=0&gdpr_consent=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 May 2023 15:23:09 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1684101
expires: 0

GET esp
oajs.openx.net/ 0
0

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 68A0 13 KB
5 KB 136ms
135ms Document
text/html 216.58.212.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f129.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://note1s.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

accept-ranges: bytes
age: 3486
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 20 May 2023 14:25:04 GMT
expires: Sun, 19 May 2024 14:25:04 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame AF3C 783 B
1 KB 420ms
146ms Document
text/html 142.250.186.68

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.68 -, , ASN (),

Reverse DNS

Software

GSE /

Resource Hash

a5b858d955ca8a88a1542c2305f9581369c9074df68a371b5de207870c113101

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-LcWr4o9Aa0RKvtNpVHxH0A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://note1s.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-LcWr4o9Aa0RKvtNpVHxH0A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 20 May 2023 15:23:10 GMT
expires: Sat, 20 May 2023 15:23:10 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2

200

pd Show response
google-bidout-d.openx.net/w/1.0/ Frame 38B3
Redirect Chain

https://google-bidout-d.openx.net/w/1.0/pd?plm=5
https://google-bidout-d.openx.net/w/1.0/pd?cc=1&plm=5

520 B
664 B

154ms
153ms

Document
text/html

34.98.64.218

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?cc=1&plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 -, , ASN (),
Reverse DNS
Software: OXGW/0.0.0 /
Resource Hash: 6c57bc08c33c06595fdb8522bd93a0680c372b39da5ec90039198dd8716a0476

Request headers

Referer: https://note1s.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 331
content-type: text/html
date: Sat, 20 May 2023 15:23:11 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Sat, 20 May 2023 15:23:10 GMT
location: https://google-bidout-d.openx.net/w/1.0/pd?cc=1&plm=5
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
via: 1.1 google

GET
H2 200 gGcE_Je6QN6wd7zdqPO8VfplLXk3j_ez8wfuudjmOnY.js Show response
pagead2.googlesyndication.com/bg/ Frame 68A0 37 KB
15 KB 137ms
137ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gGcE_Je6QN6wd7zdqPO8VfplLXk3j_ez8wfuudjmOnY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

806704fc97ba40deb077bcdda8f3bc55fa652d79378ff7b3f307eeb9d8e63a76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 May 2023 16:56:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 340030
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14692
x-xss-protection: 0
last-modified: Mon, 15 May 2023 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 May 2024 16:56:00 GMT

GET
H2 204 generate_204
tpc.googlesyndication.com/ Frame 68A0 0
40 B 430ms
429ms Image
text/plain 216.58.212.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Ru3Y4w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.58.212.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: ams15s21-in-f129.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 May 2023 15:23:11 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame AF3C 0
0 169ms
168ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202305150101&jk=4427469890554953&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s48-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET p-25CIknq_eSg16.gif
cms.quantserve.com/pixel/ Frame 38B3 0
0

GET match
c1.adform.net/serving/cookie/ Frame 38B3 0
0

GET openx
match.adsrvr.org/track/cmf/ Frame 38B3 0
0

GET pixel
cm.g.doubleclick.net/ Frame 38B3 0
0

GET sodar
pagead2.googlesyndication.com/pagead/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: oajs.openx.net
URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fnote1s.com%2Fnotes%2FR37A2K&rid=esp

Domain: cms.quantserve.com
URL: https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0

Domain: c1.adform.net
URL: https://c1.adform.net/serving/cookie/match?party=22

Domain: match.adsrvr.org
URL: https://match.adsrvr.org/track/cmf/openx?oxid=2f294b00-55ee-3339-67be-2baa804f6a16&gdpr=0

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MDM0Njk4Y2EtOWM5OS02ZDlkLTcyNWUtNzExMzRhYWRhNDc2

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202305150101&jk=4427469890554953&bg=!T0ylTBjNAAZ8_aWmXP07ADkAdvg8WgMfDrDM49zpPzihLPqrOkJEl0_s9S-yyHhAFzViI8Z0umGSUWKKduJtTHboewgDQihnHIYCAAAAcVIAAAADaAEHmQKR1sZxw-qFbsZUSZDu4aJVj5NWxG4AX79JRJh6a2J_xT9BrDA3C0ZfoX6xlVSLLRPBenb9ddBoGE7DL7TsgFz2EfWnbkjXS5p21rNE2IEnYiZ-_6SzxNQLBcoLLctupRYHD_17xr8fxefOStDZIwH169jKWDOv1iPsNT2wLQ6axCifaUB5BRJCcIMT1GcL1h10vrtAfyamPGB2Pb8QwS9R-PKyc5vIZlAoX8GgExfDIy0Zd4DGaaFf-7EYkqDhzI9vamu42-OBQCtoyEkddQ34IAfuwK6p08LAmkQcl1X-AkvoLc3P5y4r_aZyCHPIqprXIn36Z4QXaDSUNEhwCq5dzWxgJMKmHhPTRa4PZK1dSwVBSZAwUJocukyY5Kl4ifgIhioMouw9iF64G5QHzCXpmWVTb86ZLbvXaNURtJGJmP16dFG7BM72Iov9hA49ghdzXllzyUc0hTu4D2jJM1k_9KLNzX8KjBOg_bMnPvR-OoekST5xhFUu4W1teHrl1WhkmG4EaaH4eHTUSnEayjG8M9_8ktmY91UQe2Jpf60ax6YhtAQHAI6afk1TH2RY2aZQ_d2cHqiB5RlW3qhelNgY1hYBjqkibRsrsmjYzt8-jxi-pv7hPSyEhLWQ2WzQ8RCh-1ReptLVwFDbYjXVyIew5i8LqUp4Zt1_d29lvddEWGMJB5WrhkhSDfasAifptl7h9dd28LH2MV_I_9vKuEj5oeoreITQIQ4cQpgrLI5LJh2bTq8Yz9vlncA261tEhBoReUkF4mC2TdDDuWhROqsCv9CJ7lTkKYH7MWqBXFUR25EwiyYWbN3wkzSLO6JYu39GOWkhopET0jZ7NPTwrkWoNenMbehgxllpBXL8Uu_yMSK1

Verdicts & Comments Add Verdict or Comment

207 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

21 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
note1s.com/	1969-12-31 23:59:59	Name: SPSI Value: 119250ec8aca2c01cca773a0e54d6ad4
note1s.com/	1969-12-31 23:59:59	Name: SPSE Value: RrmbC//yFDsjMOM5oBanOvrH6KdGw6hZUU+G8mGBLBi4e+t3vDCASA3t8VP/so64hSji/QoCfT20T3fCrS5yfQ==
note1s.com/	1970-01-20 11:56:43	Name: spcsrf Value: b4d304726fe2702e6cc137440be14931
note1s.com/	1970-01-20 11:56:43	Name: XSRF-TOKEN Value: eyJpdiI6ImZrVDVteVk1R1Bad2VLek03cmVBK2c9PSIsInZhbHVlIjoiakFCUlc1eVV1TmpSQkhueHRXZ1ZXYTd2NXByODg2RFRoRjQvVUFJUkpqZzlCVjhGS2FYYllHbjg5RkRiam54WGxCcHlIRnJ3ZGpzSGs1cjBIV05ZQTNSL1pQdEJjVHphS0pTS24rQnpkU2QwQllSZWpqMXBKVlN5R3RYNnRQTEQiLCJtYWMiOiI1YWExNDdhZTZkMzQ1ZmU4YTM5ZDVmODgyODE2Yjg3MTA5MDk4YzE0OTY4NzJjMWVjMTc2NTNhY2JmYTk0ZDYxIn0%3D
note1s.com/	1970-01-20 11:56:43	Name: online_notepad_take_notes_and_earn_money_at_note1scom_session Value: eyJpdiI6Im5xdVQ1MUxsWUpSMTZ6Q0I0Z1NWK2c9PSIsInZhbHVlIjoiMXN0ajlvdURnWHh1dnBkY0tUMTBmT28xclVNSFBzZUQ1OWhObmcxOFFRUXFEQTVMZjQ1U21ScHFlUGw5cHpkVDJIR1FsdXJHZW8rQzljMjJNQlM1eUJtYUVNYndReVR5aUFwZE00WmhjejFZQlhHZWRhUHFhenVHUFBnUmNvVzYiLCJtYWMiOiI0NTExMjhjMWQzZjA0NWY1ZTJmZjk3MDkzM2M2YTYxODJlYjY0NjdmODkzNjJmMTI2YWFkMjQwZjJkY2ZjNzVkIn0%3D
note1s.com/	1970-01-20 11:56:36	Name: sp_lit Value: M9L7yOnCQvcS8clWUpDvlA==
note1s.com/	1969-12-31 23:59:59	Name: PRLST Value: uL
note1s.com/	1970-01-20 16:15:48	Name: UTGv2 Value: h41fa314f676fa5d56a5286de56cd4b80340
note1s.com/	1969-12-31 23:59:59	Name: adOtr Value: 52101c98eca
.note1s.com/	1970-01-20 21:32:36	Name: _ga Value: GA1.2.567942890.1684596187
.note1s.com/	1970-01-20 11:58:02	Name: _gid Value: GA1.2.1257926062.1684596187
.note1s.com/	1970-01-20 11:56:36	Name: _gat_gtag_UA_129758818_11 Value: 1
.doubleclick.net/	1970-01-20 11:56:37	Name: test_cookie Value: CheckForPermission
.note1s.com/	1970-01-20 21:18:12	Name: __gads Value: ID=60262f77eaa235f7:T=1684596188:S=ALNI_MayXSS4IyyI3cEZ2r9yN2hX-ymjNQ
.note1s.com/	1970-01-20 21:18:12	Name: __gpi Value: UID=00000c18a4f60c1e:T=1684596188:RT=1684596188:S=ALNI_MbgOAAVHUikgGVRCr_Gub4zXLH2ow
.criteo.com/	1970-01-20 21:18:12	Name: uid Value: a25499f3-1655-4b93-8c64-4a62203a812d
.note1s.com/	1970-01-20 21:18:12	Name: cto_bundle Value: AEpubl9EWkxWZnIxJTJGVG4lMkJYRnhYZlpRNHh6NDcwM1duUTdqZCUyQiUyRnhSRGx1VEp5eUNhcjZtQzQlMkY0b0hVOEFZRU9KWFE1QUc0elU5OFQzaFUxVW4ybWJPeFpqVUxsQ3dpZkglMkYlMkJXM0RZb2FIbDRIaFhBNjh2WjNsREVPeEx4UWpaRU8lMkJDbXJFdGRyREYlMkZOaUhOR00lMkZuNGV1JTJCRHJ3JTNEJTNE
.crwdcntrl.net/	1970-01-20 18:25:22	Name: _cc_dc Value: 1
.crwdcntrl.net/	1970-01-20 18:25:22	Name: _cc_id Value: b167a0abc93c46fbebcbd17ebcaaefe4
.note1s.com/	1970-01-20 18:25:24	Name: _cc_id Value: b167a0abc93c46fbebcbd17ebcaaefe4
.note1s.com/	1970-01-20 11:58:02	Name: panoramaId_expiry Value: 1684682589860

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://note1s.com/notes/R37A2K Message: Mixed Content: The page at 'https://note1s.com/notes/R37A2K' was loaded over HTTPS, but requested an insecure element 'http://themindunleashed.com/wp-content/uploads/2014/05/tin-foillll.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://note1s.com/notes/R37A2K(Line 209) Message: Mixed Content: The page at 'https://note1s.com/notes/R37A2K' was loaded over HTTPS, but requested an insecure element 'http://themindunleashed.com/wp-content/uploads/2014/05/tin-foillll.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
javascript	error	URL: https://note1s.com/notes/R37A2K Message: Access to fetch at 'https://oajs.openx.net/esp?url=https%3A%2F%2Fnote1s.com%2Fnotes%2FR37A2K&rid=esp' from origin 'https://note1s.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fnote1s.com%2Fnotes%2FR37A2K&rid=esp Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0f5597e589f10cf53d17c6df0c05ac5e.safeframe.googlesyndication.com
adservice.google.com
adservice.google.ge
ajax.googleapis.com
bcp.crwdcntrl.net
c1.adform.net
cdn.exmarketplace.com
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
cms.quantserve.com
crberryauthor.files.wordpress.com
esp.rtbhouse.com
fonts.googleapis.com
fonts.gstatic.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
gum.criteo.com
id5-sync.com
invstatic101.creativecdn.com
match.adsrvr.org
note1s.com
oa.openxcdn.net
oajs.openx.net
pagead2.googlesyndication.com
quantcast.mgr.consensu.org
securepubads.g.doubleclick.net
static.criteo.net
tags.crwdcntrl.net
test.quantcast.mgr.consensu.org
themindunleashed.com
tpc.googlesyndication.com
traffic1s.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
c1.adform.net
cm.g.doubleclick.net
cms.quantserve.com
match.adsrvr.org
oajs.openx.net
pagead2.googlesyndication.com
104.17.24.14
104.22.53.86
108.138.36.27
13.227.219.52
142.250.185.226
142.250.185.66
142.250.185.98
142.250.186.104
142.250.186.129
142.250.186.138
142.250.186.68
142.250.186.74
151.101.65.229
151.139.128.10
162.19.138.82
172.217.16.195
172.217.18.2
178.250.1.3
178.250.7.13
18.66.123.194
18.66.15.11
192.0.72.26
216.239.32.178
216.58.212.129
3.122.152.250
34.102.146.192
34.96.70.87
34.98.64.218
35.190.39.111
95.110.206.108
99.80.210.150
11c84f2693b8cb0a56966621a000b1031c5249ab9cf85ec23fb2f4cb16923ec1
2560aff96dffb02f4b6f0986d1fb91b22960918493ac308f3527552634e4c55f
271f3b24a9e7bfe207729f336ba2b31de3863ca7bd35ec9de2916478eed8771d
2c8fe5bc6a32607070351c84541e64d2e4178357e6f80e0e02c3d135c3f9752c
31d1a8b234ef7e3fcd967fe38bb63298be8faf869e0dcd5352c330ed5c18964b
32a7b9d9bf98f3969f628f02f2f0a72b1123e80c28f4683f1b0c787ca2220ad2
3b89401fea631023de67ae75bf8f246b1af109a9a4247c3862016949eacc462b
44e9f7f6b20c1de26576d9613ab37d6f598fbe9178b8ab5e3e169709c08b10ad
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55f58aab9962486171a0847c430f3bfc3f3b33958bed93882d01e6bbc9e08593
57cd10686ae71459fe6c817253ebe772adcb88e83516bc7024168a873a9fcc1e
5e2f97ea0fb92d5e3ae31eeef403b9c34363c8fb2a387e13cf381fa97f3e8cf7
6104fcaa8c743400ee6a33063a8adbd60221092230eec13234a6c70f1aaf96ca
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
633ef1bd5efcb003a3a616ebc6ee8a7529d880e3cb79cb1c9806086effc85d3b
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c57bc08c33c06595fdb8522bd93a0680c372b39da5ec90039198dd8716a0476
7174a8bff46f7c25aa0167fbf071096b488058459bf9d555ddd592ceea171804
7ed3b3e7cc5d46c24c6e02c7bd33100fbdd09822b0fb230956369b4881da6953
806704fc97ba40deb077bcdda8f3bc55fa652d79378ff7b3f307eeb9d8e63a76
8b5da51cc7922a21ec9681c479cb6709d39d388235a4570c7f626ddd6174485d
8b5f15dca66c16b78603183689c81de78840b932c874af986c3ff299c753260e
8f38d4de9eaac268589545c7e7e05e9aaeef7612f0a988c9644b29b18b970976
8f52ae059ebd18fcb45ca5d2f81ab410ade2b54e096aa1284fd4b2b97bf3ddc9
97cf4206e208ceee4baa88c1d02f47176d84c5c84f85f63bca9d23aa9f077dc4
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e
9cf4fc9350f69e442ebfdf130d4e601377e9273b642282a1ebb4f79d6116e8c5
9f726a0127ce218459cccfbec762795e5897b91c4c3ed3aa653b982c2f35fbfc
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a5b858d955ca8a88a1542c2305f9581369c9074df68a371b5de207870c113101
a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032
a8aed46dba06a6b68d94a3204205fc78f1e9fc5c90e69ca49fad346e3b7e47b2
acb56c6f7cb5d7535893ca8f3ede167db52e709927be848f4285ab3d92973bb8
b078d0e36319047ba298c71fdfbbf7c52699587d6863138dfb5021b7ec49ef9b
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3d7664a9bc1602bae1581a2bb4181109516fb2ae83e439e272954399a8adb12
bb4e5956f130d6375ce85ca1225536f8852c4ca5b16ee74cb882ee40a4cbedd2
bd84d3b448dfa1f7ded33de1848cb5f06946f8d86058e9c8d183ae3dddea4ff3
beefff72be74e76b7e27d9e9a857e357e6b77d65d43e6252146181076ecb6a02
c7fc8dae04703101d705fac5268f8900d96149d6b2d3fdd6c1fac249ed16cf1b
cddba030c45b4ea556c7ee07bb723bbffa04f0698d402b6a3274b0fde7e685e5
d961a31d3d2fdb93a35a4024f9878b2ed896cd86a084ceb8df6af3bc53e29125
de908e93aea0cafaa888a7bac1484a103fc232571a8d409b0913acc3c4f82c43
df499f14cfdfddbca4fe75154efffc155d6093a1759332ccef2b6c0dcda20954
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e95f105528cec6c3b1ccf8376261f5c1f2dd12cc1ee61225bcd4d373ce4f514c
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
eebc1e16930f8c02d8df7b36daf1d89122876c974d5599cc37d6f6c4b6c7519d
faedfeefc726ed56cbd58f17290f2ea5833f455f12098ebb287fca796a21eac2
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

note1s.com Open in urlscan Pro 151.139.128.10 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

66 Requests

89 %HTTPS

0 %IPv6

28 Domains

38 Subdomains

32 IPs

6 Countries

1044 kBTransfer

2917 kBSize

21 Cookies

7 Outgoing links

Redirected requests

66 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

note1s.com Open in urlscan Pro
151.139.128.10 Public Scan

Screenshot
Live screenshot

Full Image

66
Requests

89 %
HTTPS

0 %
IPv6

28
Domains

38
Subdomains

32
IPs

6
Countries

1044 kB
Transfer

2917 kB
Size

21
Cookies

66 HTTP transactions
0 data transactions