urlscan.io logo urlscan.io
SecurityTrails logo

secure.mycnote.com Open in urlscan Pro
52.43.6.166  Public Scan

Go To Rescan Add Verdict Report
URL: https://secure.mycnote.com/login
Submission: On April 29 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 19 IPs in 6 countries across 16 domains to perform 46 HTTP transactions. The main IP is 52.43.6.166, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is secure.mycnote.com.
TLS certificate: Issued by Amazon on September 27th 2019. Valid for: a year.
This is the only time secure.mycnote.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
12 52.43.6.166 16509 (AMAZON-02)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
3 13.35.253.113 16509 (AMAZON-02)
5 104.18.70.113 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 147.75.100.69 54825 (PACKET)
2 52.129.74.12 395492 (IOVATION3)
2 2a00:1450:400... 15169 (GOOGLE)
1 104.18.71.113 13335 (CLOUDFLAR...)
1 35.188.42.15 15169 (GOOGLE)
1 147.75.102.13 54825 (PACKET)
3 2a03:2880:f02... 32934 (FACEBOOK)
1 147.75.102.203 54825 (PACKET)
4 104.16.53.111 13335 (CLOUDFLAR...)
1 2a03:2880:f12... 32934 (FACEBOOK)
46 19
12    52.43.6.166 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-43-6-166.us-west-2.compute.amazonaws.com
secure.mycnote.com
1    2001:4de0:ac19::1:b:3a (Netherlands)

ASN20446 (HIGHWINDS3, US)
maxcdn.bootstrapcdn.com
2    2606:4700::6810:84e5 (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2606:4700::6810:7eaf (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
1    2a00:1450:4001:821::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    13.35.253.113 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-253-113.fra6.r.cloudfront.net
content.mycnote.com
5    104.18.70.113 (United States)

ASN13335 (CLOUDFLARENET, US)
static.zdassets.com
2    2a00:1450:4001:81c::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    147.75.100.69 (Central, Hong Kong)

ASN54825 (PACKET, US)
PTR: pkt-ams-k2-shared-ingress16
static.hotjar.com
2    52.129.74.12 (United States)

ASN395492 (IOVATION3, US)
PTR: mpsnare.iesnare.com
mpsnare.iesnare.com
2    2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    104.18.71.113 (United States)

ASN13335 (CLOUDFLARENET, US)
ekr.zdassets.com
1    35.188.42.15 (United States)

ASN15169 (GOOGLE, US)
PTR: 15.42.188.35.bc.googleusercontent.com
sentry.io
1    147.75.102.13 (Central, Hong Kong)

ASN54825 (PACKET, US)
PTR: pkt-ams-k2-shared-ingress1
script.hotjar.com
3    2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    147.75.102.203 (Central, Hong Kong)

ASN54825 (PACKET, US)
PTR: pkt-ams-k2-shared-ingress3
vars.hotjar.com
4    104.16.53.111 (United States)

ASN13335 (CLOUDFLARENET, US)
mycnote.zendesk.com
1    2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)
www.facebook.com
Domain Requested by
12 secure.mycnote.com secure.mycnote.com
5 static.zdassets.com secure.mycnote.com
static.zdassets.com
4 mycnote.zendesk.com secure.mycnote.com
static.zdassets.com
3 connect.facebook.net secure.mycnote.com
connect.facebook.net
3 content.mycnote.com secure.mycnote.com
2 fonts.gstatic.com secure.mycnote.com
2 mpsnare.iesnare.com secure.mycnote.com
mpsnare.iesnare.com
2 www.google-analytics.com secure.mycnote.com
2 cdnjs.cloudflare.com secure.mycnote.com
1 www.facebook.com secure.mycnote.com
1 vars.hotjar.com static.hotjar.com
1 script.hotjar.com static.hotjar.com
1 sentry.io secure.mycnote.com
1 ekr.zdassets.com static.zdassets.com
1 static.hotjar.com secure.mycnote.com
1 fonts.googleapis.com secure.mycnote.com
1 unpkg.com secure.mycnote.com
1 maxcdn.bootstrapcdn.com secure.mycnote.com
0 www.google.de Failed secure.mycnote.com
0 www.google.com Failed secure.mycnote.com
46 20

This site contains links to these domains. Also see Links.

Domain
www.mycnote.com
Subject Issuer Validity Valid
*.mycnote.com
Amazon		 2019-09-27 -
2020-10-27		 a year crt.sh
*.bootstrapcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2019-09-14 -
2020-10-13		 a year crt.sh
cloudflare.com
CloudFlare Inc ECC CA-2		 2020-01-07 -
2020-10-09		 9 months crt.sh
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2020-04-06 -
2020-10-09		 6 months crt.sh
upload.video.google.com
GTS CA 1O1		 2020-04-07 -
2020-06-30		 3 months crt.sh
*.zdassets.com
Sectigo RSA Domain Validation Secure Server CA		 2019-06-25 -
2021-05-31		 2 years crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-04-07 -
2020-06-30		 3 months crt.sh
static.hotjar.com
Let's Encrypt Authority X3		 2020-04-04 -
2020-07-03		 3 months crt.sh
mpsnare.iesnare.com
DigiCert SHA2 High Assurance Server CA		 2019-04-24 -
2020-05-26		 a year crt.sh
*.gstatic.com
GTS CA 1O1		 2020-04-07 -
2020-06-30		 3 months crt.sh
sentry.io
DigiCert SHA2 Secure Server CA		 2017-03-24 -
2020-06-21		 3 years crt.sh
script.hotjar.com
Let's Encrypt Authority X3		 2020-04-04 -
2020-07-03		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2020-04-15 -
2020-07-14		 3 months crt.sh
vars.hotjar.com
Let's Encrypt Authority X3		 2020-04-04 -
2020-07-03		 3 months crt.sh
mycnote.zendesk.com
CloudFlare Inc ECC CA-2		 2019-08-01 -
2020-07-31		 a year crt.sh

This page contains 3 frames:

Primary Page: https://secure.mycnote.com/login
Frame ID: E2141E0696B196D4CDF27AD94C41BE32
Requests: 38 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/latest/preload.67ba507e0c169cffc983.js
Frame ID: A27538CB0A7D21DCDF81574ED1E14B23
Requests: 7 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Frame ID: BC598E68DFCB63644662AE900F0A9A59
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

46
Requests

96 %
HTTPS

44 %
IPv6

16
Domains

20
Subdomains

19
IPs

6
Countries

976 kB
Transfer

3794 kB
Size

7
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 23
  • https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1385664584&t=pageview&_s=1&dl=https%3A%2F%2Fsecure.mycnote.com%2Flogin&ul=en-us&de=UTF-8&dt=Secure%20CNote%20Account%20Log%20In.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=1446153449&gjid=904892770&cid=150927189.1588179540&tid=UA-87944362-1&_gid=2119062215.1588179540&_r=1&z=1231319027 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-87944362-1&cid=150927189.1588179540&jid=1446153449&_gid=2119062215.1588179540&gjid=904892770&_v=j81&z=1231319027 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-87944362-1&cid=150927189.1588179540&jid=1446153449&_v=j81&z=1231319027

46 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login
secure.mycnote.com/ 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://secure.mycnote.com/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.43.6.166 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-43-6-166.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
02422e2c906c6da0b77504e3deb6babf742bbb2bdb6d96aca439d38dd046fd43
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com https://fonts.googleapis.com optimize.google.com https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/slick.min.css https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/slick-theme.min.css https://unpkg.com/react-select@1.2.1/dist/react-select.css https://secure.mycnote.com/widget/calculator/style.css https://content.mycnote.com https://www.dwolla.com; script-src 'self' cdn.dwolla.com ekr.zdassets.com static.zdassets.com www.google-analytics.com *.hotjar.com www.googleadservices.com googleads.g.doubleclick.net connect.facebook.net mpsnare.iesnare.com https://secure.mycnote.com/widget/calculator/bundle.js; font-src 'self' fonts.googleapis.com https://fonts.gstatic.com maxcdn.bootstrapcdn.com *.hotjar.com data: https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/fonts/slick.ttf https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/fonts/slick.woff https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/fonts/slick.eot https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/fonts/slick.svg; img-src 'self' content.mycnote.com mk0mycnoteej5y7x45qo.kinstacdn.com www.google-analytics.com stats.g.doubleclick.net www.google.com www.facebook.com *.hotjar.com data: cdn.mycnote.com; connect-src 'self' mycnote.zendesk.com ekr.zdassets.com www.google-analytics.com stats.g.doubleclick.net sentry.io wss://*.hotjar.com *.hotjar.com:* vc.hotjar.io wss://mpsnare.iesnare.com; frame-src 'self' *.hotjar.com www.dwolla.com https://secure.mycnote.com/widget/calculator/; frame-ancestors 'none'; media-src content.mycnote.com mk0mycnoteej5y7x45qo.kinstacdn.com mpsnare.iesnare.com; base-uri *.mycnote.com; upgrade-insecure-requests; report-uri https://sentry.io/api/231850/security/?sentry_key=e8829be5535f4d43bbfa156a887ef030&sentry_environment=production&sentry_release=0.0.1582
Strict-Transport-Security max-age=108864000000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
secure.mycnote.com
:scheme
https
:path
/login
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Wed, 29 Apr 2020 16:58:58 GMT
content-type
text/html; charset=utf-8
server
nginx
x-dns-prefetch-control
off
x-frame-options
DENY
strict-transport-security
max-age=108864000000; includeSubDomains
x-download-options
noopen
x-content-type-options
nosniff
x-xss-protection
1; mode=block
surrogate-control
no-store
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
pragma
no-cache
expires
0
referrer-policy
strict-origin-when-cross-origin
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com https://fonts.googleapis.com optimize.google.com https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/slick.min.css https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/slick-theme.min.css https://unpkg.com/react-select@1.2.1/dist/react-select.css https://secure.mycnote.com/widget/calculator/style.css https://content.mycnote.com https://www.dwolla.com; script-src 'self' cdn.dwolla.com ekr.zdassets.com static.zdassets.com www.google-analytics.com *.hotjar.com www.googleadservices.com googleads.g.doubleclick.net connect.facebook.net mpsnare.iesnare.com https://secure.mycnote.com/widget/calculator/bundle.js; font-src 'self' fonts.googleapis.com https://fonts.gstatic.com maxcdn.bootstrapcdn.com *.hotjar.com data: https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/fonts/slick.ttf https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/fonts/slick.woff https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/fonts/slick.eot https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/fonts/slick.svg; img-src 'self' content.mycnote.com mk0mycnoteej5y7x45qo.kinstacdn.com www.google-analytics.com stats.g.doubleclick.net www.google.com www.facebook.com *.hotjar.com data: cdn.mycnote.com; connect-src 'self' mycnote.zendesk.com ekr.zdassets.com www.google-analytics.com stats.g.doubleclick.net sentry.io wss://*.hotjar.com *.hotjar.com:* vc.hotjar.io wss://mpsnare.iesnare.com; frame-src 'self' *.hotjar.com www.dwolla.com https://secure.mycnote.com/widget/calculator/; frame-ancestors 'none'; media-src content.mycnote.com mk0mycnoteej5y7x45qo.kinstacdn.com mpsnare.iesnare.com; base-uri *.mycnote.com; upgrade-insecure-requests; report-uri https://sentry.io/api/231850/security/?sentry_key=e8829be5535f4d43bbfa156a887ef030&sentry_environment=production&sentry_release=0.0.1582
access-control-allow-origin
https://secure.mycnote.com
vary
Origin
etag
W/"30df-qJMy8o9K9gKpH5HwBohLFzjxhz8"
set-cookie
connect.sid=s%3A2GELjGwN-yie2h2Iod-Exse6ErsSr6MW.ZAUMeytkWjRCcmvKkAav%2FZ9kc9tTXIsaCbgAWW9muu4; Path=/; secure; Expires=Wed, 29 Apr 2020 17:28:58 GMT; HttpOnly; Secure
content-encoding
gzip
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ 		118 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
Requested by
Host: secure.mycnote.com
URL: https://secure.mycnote.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.mycnote.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 29 Apr 2020 16:58:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 12 Dec 2018 18:34:07 GMT
status
200
etag
"1544639647"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
19740
slick.min.css
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/ 		1 KB
606 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/slick.min.css
Requested by
Host: secure.mycnote.com
URL: https://secure.mycnote.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:84e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f24862077717aa659bc9f521e03cd8dbb013fcae88a3eff5a3824a064c92029
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://secure.mycnote.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 29 Apr 2020 16:58:59 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
15760886
status
200
alt-svc
h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cf-request-id
026879ac8200001f1dab214200000001
served-in-seconds
0.001
timing-allow-origin
*
last-modified
Thu, 17 May 2018 09:26:46 GMT
server
cloudflare
etag
W/"5afd4ad6-50a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=30672000
cf-ray
58ba92273bc81f1d-FRA
expires
Mon, 19 Apr 2021 16:58:59 GMT
slick-theme.min.css
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/ 		2 KB
787 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/slick-theme.min.css
Requested by
Host: secure.mycnote.com
URL: https://secure.mycnote.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:84e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a684227c1eef599cf45d875e0f906a73e0fb247aca49c0de70c1a14e7ef818f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://secure.mycnote.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 29 Apr 2020 16:58:59 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
4659382
status
200
alt-svc
h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cf-request-id
026879ac8200001f1dab215200000001
served-in-seconds
0.001
timing-allow-origin
*
last-modified
Thu, 17 May 2018 09:26:46 GMT
server
cloudflare
etag
W/"5afd4ad6-92d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=30672000
cf-ray
58ba92273bca1f1d-FRA
expires
Mon, 19 Apr 2021 16:58:59 GMT
react-select.css
unpkg.com/react-select@1.2.1/dist/ 		10 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/react-select@1.2.1/dist/react-select.css
Requested by
Host: secure.mycnote.com
URL: https://secure.mycnote.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d27c8b441cfe7e57d1c74f5ce1c9b00aec8001cb70d34248ec4a2db1cb411b21
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.mycnote.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 29 Apr 2020 16:58:59 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
15593257
status
200
vary
Accept-Encoding, Origin
cf-request-id
026879ac94000097a2e0383200000001
last-modified
Sat, 13 Jan 2018 03:39:31 GMT
server
cloudflare
etag
W/"287e-jndGQXQwwgEPPyr9gw4FZe98oJM"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
x-cloud-trace-context
1245b3d3b75af593ea7e893469e6e4de
cache-control
public, max-age=31536000
cf-ray
58ba922758b097a2-FRA
css
fonts.googleapis.com/ 		1 KB
533 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Karla:400,700
Requested by
Host: secure.mycnote.com
URL: https://secure.mycnote.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
935d4bfb2f4ee54774b809787f7911ec5d5a7afa03ac619c025b69ceffec31eb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://secure.mycnote.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 29 Apr 2020 16:58:59 GMT
server
ESF
date
Wed, 29 Apr 2020 16:58:59 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 29 Apr 2020 16:58:59 GMT
login.bundle.css
secure.mycnote.com/bundle/ 		63 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure.mycnote.com/bundle/login.bundle.css
Requested by
Host: secure.mycnote.com
URL: https://secure.mycnote.com/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.43.6.166 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-43-6-166.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
830805872206eae14968a7d088c604e3a5dcb73f2e05d73115bca58f05bfee89
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com https://fonts.googleapis.com optimize.google.com https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/slick.min.css https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/slick-theme.min.css https://unpkg.com/react-select@1.2.1/dist/react-select.css https://secure.mycnote.com/widget/calculator/style.css https://content.mycnote.com https://www.dwolla.com; script-src 'self' cdn.dwolla.com ekr.zdassets.com static.zdassets.com www.google-analytics.com *.hotjar.com www.googleadservices.com googleads.g.doubleclick.net connect.facebook.net mpsnare.iesnare.com https://secure.mycnote.com/widget/calculator/bundle.js; font-src 'self' fonts.googleapis.com https://fonts.gstatic.com maxcdn.bootstrapcdn.com *.hotjar.com data: https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/fonts/slick.ttf https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/fonts/slick.woff https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/fonts/slick.eot https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/fonts/slick.svg; img-src 'self' content.mycnote.com mk0mycnoteej5y7x45qo.kinstacdn.com www.google-analytics.com stats.g.doubleclick.net www.google.com www.facebook.com *.hotjar.com data: cdn.mycnote.com; connect-src 'self' mycnote.zendesk.com ekr.zdassets.com www.google-analytics.com stats.g.doubleclick.net sentry.io wss://*.hotjar.com *.hotjar.com:* vc.hotjar.io wss://mpsnare.iesnare.com; frame-src 'self' *.hotjar.com www.dwolla.com https://secure.mycnote.com/widget/calculator/; frame-ancestors 'none'; media-src content.mycnote.com mk0mycnoteej5y7x45qo.kinstacdn.com mpsnare.iesnare.com; base-uri *.mycnote.com; upgrade-insecure-requests; report-uri https://sentry.io/api/231850/security/?sentry_key=e8829be5535f4d43bbfa156a887ef030&sentry_environment=production&sentry_release=0.0.1582
Strict-Transport-Security max-age=108864000000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://secure.mycnote.com/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 29 Apr 2020 16:58:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
surrogate-control
no-store
x-dns-prefetch-control
off
status
200
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 28 Apr 2020 22:53:32 GMT
server
nginx
x-frame-options
DENY
etag
W/"fc1b-171c2fed1e0"
x-download-options
noopen
strict-transport-security
max-age=108864000000; includeSubDomains
content-type
text/css; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com https://fonts.googleapis.com optimize.google.com https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/slick.min.css https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/slick-theme.min.css https://unpkg.com/react-select@1.2.1/dist/react-select.css https://secure.mycnote.com/widget/calculator/style.css https://content.mycnote.com https://www.dwolla.com; script-src 'self' cdn.dwolla.com ekr.zdassets.com static.zdassets.com www.google-analytics.com *.hotjar.com www.googleadservices.com googleads.g.doubleclick.net connect.facebook.net mpsnare.iesnare.com https://secure.mycnote.com/widget/calculator/bundle.js; font-src 'self' fonts.googleapis.com https://fonts.gstatic.com maxcdn.bootstrapcdn.com *.hotjar.com data: https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/fonts/slick.ttf https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/fonts/slick.woff https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/fonts/slick.eot https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/fonts/slick.svg; img-src 'self' content.mycnote.com mk0mycnoteej5y7x45qo.kinstacdn.com www.google-analytics.com stats.g.doubleclick.net www.google.com www.facebook.com *.hotjar.com data: cdn.mycnote.com; connect-src 'self' mycnote.zendesk.com ekr.zdassets.com www.google-analytics.com stats.g.doubleclick.net sentry.io wss://*.hotjar.com *.hotjar.com:* vc.hotjar.io wss://mpsnare.iesnare.com; frame-src 'self' *.hotjar.com www.dwolla.com https://secure.mycnote.com/widget/calculator/; frame-ancestors 'none'; media-src content.mycnote.com mk0mycnoteej5y7x45qo.kinstacdn.com mpsnare.iesnare.com; base-uri *.mycnote.com; upgrade-insecure-requests; report-uri https://sentry.io/api/231850/security/?sentry_key=e8829be5535f4d43bbfa156a887ef030&sentry_environment=production&sentry_release=0.0.1582
expires
0
ga.js
secure.mycnote.com/external/ 		469 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.mycnote.com/external/ga.js
Requested by
Host: secure.mycnote.com
URL: https://secure.mycnote.com/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.43.6.166 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-43-6-166.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
332bf73fb2583537904f076eb92dd769f3952f85619b8380115aee4074e5ecfd
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com https://fonts.googleapis.com optimize.google.com https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/slick.min.css https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/slick-theme.min.css https://unpkg.com/react-select@1.2.1/dist/react-select.css https://secure.mycnote.com/widget/calculator/style.css https://content.mycnote.com https://www.dwolla.com; script-src 'self' cdn.dwolla.com ekr.zdassets.com static.zdassets.com www.google-analytics.com *.hotjar.com www.googleadservices.com googleads.g.doubleclick.net connect.facebook.net mpsnare.iesnare.com https://secure.mycnote.com/widget/calculator/bundle.js; font-src 'self' fonts.googleapis.com https://fonts.gstatic.com maxcdn.bootstrapcdn.com *.hotjar.com data: https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/fonts/slick.ttf https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/fonts/slick.woff https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/fonts/slick.eot https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/fonts/slick.svg; img-src 'self' content.mycnote.com mk0mycnoteej5y7x45qo.kinstacdn.com www.google-analytics.com stats.g.doubleclick.net www.google.com www.facebook.com *.hotjar.com data: cdn.mycnote.com; connect-src 'self' mycnote.zendesk.com ekr.zdassets.com www.google-analytics.com stats.g.doubleclick.net sentry.io wss://*.hotjar.com *.hotjar.com:* vc.hotjar.io wss://mpsnare.iesnare.com; frame-src 'self' *.hotjar.com www.dwolla.com https://secure.mycnote.com/widget/calculator/; frame-ancestors 'none'; media-src content.mycnote.com mk0mycnoteej5y7x45qo.kinstacdn.com mpsnare.iesnare.com; base-uri *.mycnote.com; upgrade-insecure-requests; report-uri https://sentry.io/api/231850/security/?sentry_key=e8829be5535f4d43bbfa156a887ef030&sentry_environment=production&sentry_release=0.0.1582
Strict-Transport-Security max-age=108864000000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://secure.mycnote.com/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 29 Apr 2020 16:58:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
surrogate-control
no-store
x-dns-prefetch-control
off
status
200
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 28 Apr 2020 22:48:30 GMT
server
nginx
x-frame-options
DENY
etag
W/"1d5-171c2fa3630"
x-download-options
noopen
strict-transport-security
max-age=108864000000; includeSubDomains
content-type
application/javascript; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com https://fonts.googleapis.com optimize.google.com https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/slick.min.css https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/slick-theme.min.css https://unpkg.com/react-select@1.2.1/dist/react-select.css https://secure.mycnote.com/widget/calculator/style.css https://content.mycnote.com https://www.dwolla.com; script-src 'self' cdn.dwolla.com ekr.zdassets.com static.zdassets.com www.google-analytics.com *.hotjar.com www.googleadservices.com googleads.g.doubleclick.net connect.facebook.net mpsnare.iesnare.com https://secure.mycnote.com/widget/calculator/bundle.js; font-src 'self' fonts.googleapis.com https://fonts.gstatic.com maxcdn.bootstrapcdn.com *.hotjar.com data: https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/fonts/slick.ttf https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/fonts/slick.woff https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/fonts/slick.eot https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/fonts/slick.svg; img-src 'self' content.mycnote.com mk0mycnoteej5y7x45qo.kinstacdn.com www.google-analytics.com stats.g.doubleclick.net www.google.com www.facebook.com *.hotjar.com data: cdn.mycnote.com; connect-src 'self' mycnote.zendesk.com ekr.zdassets.com www.google-analytics.com stats.g.doubleclick.net sentry.io wss://*.hotjar.com *.hotjar.com:* vc.hotjar.io wss://mpsnare.iesnare.com; frame-src 'self' *.hotjar.com www.dwolla.com https://secure.mycnote.com/widget/calculator/; frame-ancestors 'none'; media-src content.mycnote.com mk0mycnoteej5y7x45qo.kinstacdn.com mpsnare.iesnare.com; base-uri *.mycnote.com; upgrade-insecure-requests; report-uri https://sentry.io/api/231850/security/?sentry_key=e8829be5535f4d43bbfa156a887ef030&sentry_environment=production&sentry_release=0.0.1582
expires
0
hotjar.js
secure.mycnote.com/external/ 		418 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.mycnote.com/external/hotjar.js
Requested by
Host: secure.mycnote.com
URL: https://secure.mycnote.com/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.43.6.166 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-43-6-166.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
cc94a1b751b15f858cb9db1584c0c8f6d8748d91c1a25110aff5a9c03612dca7
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com https://fonts.googleapis.com optimize.google.com https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/slick.min.css https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/slick-theme.min.css https://unpkg.com/react-select@1.2.1/dist/react-select.css https://secure.mycnote.com/widget/calculator/style.css https://content.mycnote.com https://www.dwolla.com; script-src 'self' cdn.dwolla.com ekr.zdassets.com static.zdassets.com www.google-analytics.com *.hotjar.com www.googleadservices.com googleads.g.doubleclick.net connect.facebook.net mpsnare.iesnare.com https://secure.mycnote.com/widget/calculator/bundle.js; font-src 'self' fonts.googleapis.com https://fonts.gstatic.com maxcdn.bootstrapcdn.com *.hotjar.com data: https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/fonts/slick.ttf https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/fonts/slick.woff https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/fonts/slick.eot https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/fonts/slick.svg; img-src 'self' content.mycnote.com mk0mycnoteej5y7x45qo.kinstacdn.com www.google-analytics.com stats.g.doubleclick.net www.google.com www.facebook.com *.hotjar.com data: cdn.mycnote.com; connect-src 'self' mycnote.zendesk.com ekr.zdassets.com www.google-analytics.com stats.g.doubleclick.net sentry.io wss://*.hotjar.com *.hotjar.com:* vc.hotjar.io wss://mpsnare.iesnare.com; frame-src 'self' *.hotjar.com www.dwolla.com https://secure.mycnote.com/widget/calculator/; frame-ancestors 'none'; media-src content.mycnote.com mk0mycnoteej5y7x45qo.kinstacdn.com mpsnare.iesnare.com; base-uri *.mycnote.com; upgrade-insecure-requests; report-uri https://sentry.io/api/231850/security/?sentry_key=e8829be5535f4d43bbfa156a887ef030&sentry_environment=production&sentry_release=0.0.1582
Strict-Transport-Security max-age=108864000000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://secure.mycnote.com/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 29 Apr 2020 16:58:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
surrogate-control
no-store
x-dns-prefetch-control
off
status
200
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 28 Apr 2020 22:48:30 GMT
server
nginx
x-frame-options
DENY
etag
W/"1a2-171c2fa3630"
x-download-options
noopen
strict-transport-security
max-age=108864000000; includeSubDomains
content-type
application/javascript; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com https://fonts.googleapis.com optimize.google.com https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/slick.min.css https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/slick-theme.min.css https://unpkg.com/react-select@1.2.1/dist/react-select.css https://secure.mycnote.com/widget/calculator/style.css https://content.mycnote.com https://www.dwolla.com; script-src 'self' cdn.dwolla.com ekr.zdassets.com static.zdassets.com www.google-analytics.com *.hotjar.com www.googleadservices.com googleads.g.doubleclick.net connect.facebook.net mpsnare.iesnare.com https://secure.mycnote.com/widget/calculator/bundle.js; font-src 'self' fonts.googleapis.com https://fonts.gstatic.com maxcdn.bootstrapcdn.com *.hotjar.com data: https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/fonts/slick.ttf https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/fonts/slick.woff https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/fonts/slick.eot https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/fonts/slick.svg; img-src 'self' content.mycnote.com mk0mycnoteej5y7x45qo.kinstacdn.com www.google-analytics.com stats.g.doubleclick.net www.google.com www.facebook.com *.hotjar.com data: cdn.mycnote.com; connect-src 'self' mycnote.zendesk.com ekr.zdassets.com www.google-analytics.com stats.g.doubleclick.net sentry.io wss://*.hotjar.com *.hotjar.com:* vc.hotjar.io wss://mpsnare.iesnare.com; frame-src 'self' *.hotjar.com www.dwolla.com https://secure.mycnote.com/widget/calculator/; frame-ancestors 'none'; media-src content.mycnote.com mk0mycnoteej5y7x45qo.kinstacdn.com mpsnare.iesnare.com; base-uri *.mycnote.com; upgrade-insecure-requests; report-uri https://sentry.io/api/231850/security/?sentry_key=e8829be5535f4d43bbfa156a887ef030&sentry_environment=production&sentry_release=0.0.1582
expires
0
iovation.config.js
secure.mycnote.com/external/ 		311 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.mycnote.com/external/iovation.config.js
Requested by
Host: secure.mycnote.com
URL: https://secure.mycnote.com/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.43.6.166 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-43-6-166.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
c36a417cd81b93954db0f22246e38502fd43161cd85998517b4fccdcdcd3d491
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com https://fonts.googleapis.com optimize.google.com https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/slick.min.css https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/slick-theme.min.css https://unpkg.com/react-select@1.2.1/dist/react-select.css https://secure.mycnote.com/widget/calculator/style.css https://content.mycnote.com https://www.dwolla.com; script-src 'self' cdn.dwolla.com ekr.zdassets.com static.zdassets.com www.google-analytics.com *.hotjar.com www.googleadservices.com googleads.g.doubleclick.net connect.facebook.net mpsnare.iesnare.com https://secure.mycnote.com/widget/calculator/bundle.js; font-src 'self' fonts.googleapis.com https://fonts.gstatic.com maxcdn.bootstrapcdn.com *.hotjar.com data: https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/fonts/slick.ttf https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/fonts/slick.woff https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/fonts/slick.eot https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/fonts/slick.svg; img-src 'self' content.mycnote.com mk0mycnoteej5y7x45qo.kinstacdn.com www.google-analytics.com stats.g.doubleclick.net www.google.com www.facebook.com *.hotjar.com data: cdn.mycnote.com; connect-src 'self' mycnote.zendesk.com ekr.zdassets.com www.google-analytics.com stats.g.doubleclick.net sentry.io wss://*.hotjar.com *.hotjar.com:* vc.hotjar.io wss://mpsnare.iesnare.com; frame-src 'self' *.hotjar.com www.dwolla.com https://secure.mycnote.com/widget/calculator/; frame-ancestors 'none'; media-src content.mycnote.com mk0mycnoteej5y7x45qo.kinstacdn.com mpsnare.iesnare.com; base-uri *.mycnote.com; upgrade-insecure-requests; report-uri https://sentry.io/api/231850/security/?sentry_key=e8829be5535f4d43bbfa156a887ef030&sentry_environment=production&sentry_release=0.0.1582
Strict-Transport-Security max-age=108864000000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://secure.mycnote.com/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 29 Apr 2020 16:58:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
surrogate-control
no-store
x-dns-prefetch-control
off
status
200
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 28 Apr 2020 22:48:30 GMT
server
nginx
x-frame-options
DENY
etag
W/"137-171c2fa3630"
x-download-options
noopen
strict-transport-security
max-age=108864000000; includeSubDomains
content-type
application/javascript; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com https://fonts.googleapis.com optimize.google.com https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/slick.min.css https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/slick-theme.min.css https://unpkg.com/react-select@1.2.1/dist/react-select.css https://secure.mycnote.com/widget/calculator/style.css https://content.mycnote.com https://www.dwolla.com; script-src 'self' cdn.dwolla.com ekr.zdassets.com static.zdassets.com www.google-analytics.com *.hotjar.com www.googleadservices.com googleads.g.doubleclick.net connect.facebook.net mpsnare.iesnare.com https://secure.mycnote.com/widget/calculator/bundle.js; font-src 'self' fonts.googleapis.com https://fonts.gstatic.com maxcdn.bootstrapcdn.com *.hotjar.com data: https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/fonts/slick.ttf https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/fonts/slick.woff https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/fonts/slick.eot https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/fonts/slick.svg; img-src 'self' content.mycnote.com mk0mycnoteej5y7x45qo.kinstacdn.com www.google-analytics.com stats.g.doubleclick.net www.google.com www.facebook.com *.hotjar.com data: cdn.mycnote.com; connect-src 'self' mycnote.zendesk.com ekr.zdassets.com www.google-analytics.com stats.g.doubleclick.net sentry.io wss://*.hotjar.com *.hotjar.com:* vc.hotjar.io wss://mpsnare.iesnare.com; frame-src 'self' *.hotjar.com www.dwolla.com https://secure.mycnote.com/widget/calculator/; frame-ancestors 'none'; media-src content.mycnote.com mk0mycnoteej5y7x45qo.kinstacdn.com mpsnare.iesnare.com; base-uri *.mycnote.com; upgrade-insecure-requests; report-uri https://sentry.io/api/231850/security/?sentry_key=e8829be5535f4d43bbfa156a887ef030&sentry_environment=production&sentry_release=0.0.1582
expires
0
iovation.loader_v5.1.js
secure.mycnote.com/external/ 		5 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.mycnote.com/external/iovation.loader_v5.1.js
Requested by
Host: secure.mycnote.com
URL: https://secure.mycnote.com/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.43.6.166 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-43-6-166.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
555c478b66daf5e75bf14a7d087eeab2f1e5e00cc7b85ade52e507fd6d7cdb90
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com https://fonts.googleapis.com optimize.google.com https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/slick.min.css https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/slick-theme.min.css https://unpkg.com/react-select@1.2.1/dist/react-select.css https://secure.mycnote.com/widget/calculator/style.css https://content.mycnote.com https://www.dwolla.com; script-src 'self' cdn.dwolla.com ekr.zdassets.com static.zdassets.com www.google-analytics.com *.hotjar.com www.googleadservices.com googleads.g.doubleclick.net connect.facebook.net mpsnare.iesnare.com https://secure.mycnote.com/widget/calculator/bundle.js; font-src 'self' fonts.googleapis.com https://fonts.gstatic.com maxcdn.bootstrapcdn.com *.hotjar.com data: https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/fonts/slick.ttf https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/fonts/slick.woff https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/fonts/slick.eot https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/fonts/slick.svg; img-src 'self' content.mycnote.com mk0mycnoteej5y7x45qo.kinstacdn.com www.google-analytics.com stats.g.doubleclick.net www.google.com www.facebook.com *.hotjar.com data: cdn.mycnote.com; connect-src 'self' mycnote.zendesk.com ekr.zdassets.com www.google-analytics.com stats.g.doubleclick.net sentry.io wss://*.hotjar.com *.hotjar.com:* vc.hotjar.io wss://mpsnare.iesnare.com; frame-src 'self' *.hotjar.com www.dwolla.com https://secure.mycnote.com/widget/calculator/; frame-ancestors 'none'; media-src content.mycnote.com mk0mycnoteej5y7x45qo.kinstacdn.com mpsnare.iesnare.com; base-uri *.mycnote.com; upgrade-insecure-requests; report-uri https://sentry.io/api/231850/security/?sentry_key=e8829be5535f4d43bbfa156a887ef030&sentry_environment=production&sentry_release=0.0.1582
Strict-Transport-Security max-age=108864000000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://secure.mycnote.com/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 29 Apr 2020 16:58:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
surrogate-control
no-store
x-dns-prefetch-control
off
status
200
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 28 Apr 2020 22:48:30 GMT
server
nginx
x-frame-options
DENY
etag
W/"1254-171c2fa3630"
x-download-options
noopen
strict-transport-security
max-age=108864000000; includeSubDomains
content-type
application/javascript; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com https://fonts.googleapis.com optimize.google.com https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/slick.min.css https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/slick-theme.min.css https://unpkg.com/react-select@1.2.1/dist/react-select.css https://secure.mycnote.com/widget/calculator/style.css https://content.mycnote.com https://www.dwolla.com; script-src 'self' cdn.dwolla.com ekr.zdassets.com static.zdassets.com www.google-analytics.com *.hotjar.com www.googleadservices.com googleads.g.doubleclick.net connect.facebook.net mpsnare.iesnare.com https://secure.mycnote.com/widget/calculator/bundle.js; font-src 'self' fonts.googleapis.com https://fonts.gstatic.com maxcdn.bootstrapcdn.com *.hotjar.com data: https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/fonts/slick.ttf https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/fonts/slick.woff https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/fonts/slick.eot https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/fonts/slick.svg; img-src 'self' content.mycnote.com mk0mycnoteej5y7x45qo.kinstacdn.com www.google-analytics.com stats.g.doubleclick.net www.google.com www.facebook.com *.hotjar.com data: cdn.mycnote.com; connect-src 'self' mycnote.zendesk.com ekr.zdassets.com www.google-analytics.com stats.g.doubleclick.net sentry.io wss://*.hotjar.com *.hotjar.com:* vc.hotjar.io wss://mpsnare.iesnare.com; frame-src 'self' *.hotjar.com www.dwolla.com https://secure.mycnote.com/widget/calculator/; frame-ancestors 'none'; media-src content.mycnote.com mk0mycnoteej5y7x45qo.kinstacdn.com mpsnare.iesnare.com; base-uri *.mycnote.com; upgrade-insecure-requests; report-uri https://sentry.io/api/231850/security/?sentry_key=e8829be5535f4d43bbfa156a887ef030&sentry_environment=production&sentry_release=0.0.1582
expires
0
CNote_Header_Logo.png
content.mycnote.com/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.mycnote.com/images/CNote_Header_Logo.png
Requested by
Host: secure.mycnote.com
URL: https://secure.mycnote.com/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.253.113 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-113.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d2266622a43270473575ee45cf3b4f7d8d6643fb0734479f85dbc3ae5bbe41ba

Request headers

Referer
https://secure.mycnote.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
jS3NtWzL1hJAowgDbK59w.sEdWtBlRZ2
via
1.1 f038e7175be9761825b2eefc2b0a832e.cloudfront.net (CloudFront)
last-modified
Fri, 13 Jul 2018 19:27:26 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
etag
"ae494c6ebe30fd5a1afc688b418ee860"
x-cache
RefreshHit from cloudfront
content-type
image/png
status
200
cache-control
public, max-age=86400
date
Wed, 29 Apr 2020 16:59:01 GMT
accept-ranges
bytes
content-length
7031
x-amz-cf-id
S5v9O8WczSHbvfh-6K6Zi04CE3UdguKnTVWqNa2WrvGCHgEypG70-A==
snippet.js
static.zdassets.com/ekr/ 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/ekr/snippet.js?key=2e2dfff4-5bd4-412e-bb98-c865640005bf
Requested by
Host: secure.mycnote.com
URL: https://secure.mycnote.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb4b7a1be5f80c37ac74daa6f20b193b24414f23da856ad2560a0053e65a2cb7
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://secure.mycnote.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 29 Apr 2020 16:58:59 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
54
x-amz-server-side-encryption
AES256
status
200
x-amz-replication-status
COMPLETED
x-amz-request-id
3F9AD50FB0A4FBC9
x-amz-id-2
fO+ftF+mKHff9Ewlj+Iy6sqdFzrpn59yBrDROR/NG1e3eqOoeXSU0dyNO2irbelnJcy8489pU9w=
last-modified
Mon, 02 Mar 2020 02:50:56 GMT
server
cloudflare
etag
W/"f47f1934dec578b3ec2daacb7e61d9c9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
application/javascript
cache-control
public, max-age=3600, s-maxage=60
x-amz-version-id
9jfU0J9VWlATjidupegYZZ3MvXR2S9Ct
cf-request-id
026879ae1f0000cc4eb78bd200000001
cf-ray
58ba9229cfd5cc4e-ZRH
zendesk.js
secure.mycnote.com/external/ 		164 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.mycnote.com/external/zendesk.js
Requested by
Host: secure.mycnote.com
URL: https://secure.mycnote.com/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.43.6.166 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-43-6-166.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
51139173f96578b41c6544782053d2158ee95b6555fea2fa7a2c9ea3809dac8b
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com https://fonts.googleapis.com optimize.google.com https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/slick.min.css https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/slick-theme.min.css https://unpkg.com/react-select@1.2.1/dist/react-select.css https://secure.mycnote.com/widget/calculator/style.css https://content.mycnote.com https://www.dwolla.com; script-src 'self' cdn.dwolla.com ekr.zdassets.com static.zdassets.com www.google-analytics.com *.hotjar.com www.googleadservices.com googleads.g.doubleclick.net connect.facebook.net mpsnare.iesnare.com https://secure.mycnote.com/widget/calculator/bundle.js; font-src 'self' fonts.googleapis.com https://fonts.gstatic.com maxcdn.bootstrapcdn.com *.hotjar.com data: https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/fonts/slick.ttf https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/fonts/slick.woff https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/fonts/slick.eot https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/fonts/slick.svg; img-src 'self' content.mycnote.com mk0mycnoteej5y7x45qo.kinstacdn.com www.google-analytics.com stats.g.doubleclick.net www.google.com www.facebook.com *.hotjar.com data: cdn.mycnote.com; connect-src 'self' mycnote.zendesk.com ekr.zdassets.com www.google-analytics.com stats.g.doubleclick.net sentry.io wss://*.hotjar.com *.hotjar.com:* vc.hotjar.io wss://mpsnare.iesnare.com; frame-src 'self' *.hotjar.com www.dwolla.com https://secure.mycnote.com/widget/calculator/; frame-ancestors 'none'; media-src content.mycnote.com mk0mycnoteej5y7x45qo.kinstacdn.com mpsnare.iesnare.com; base-uri *.mycnote.com; upgrade-insecure-requests; report-uri https://sentry.io/api/231850/security/?sentry_key=e8829be5535f4d43bbfa156a887ef030&sentry_environment=production&sentry_release=0.0.1582
Strict-Transport-Security max-age=108864000000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://secure.mycnote.com/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 29 Apr 2020 16:58:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
surrogate-control
no-store
x-dns-prefetch-control
off
status
200
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 28 Apr 2020 22:48:30 GMT
server
nginx
x-frame-options
DENY
etag
W/"a4-171c2fa3630"
x-download-options
noopen
strict-transport-security
max-age=108864000000; includeSubDomains
content-type
application/javascript; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com https://fonts.googleapis.com optimize.google.com https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/slick.min.css https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/slick-theme.min.css https://unpkg.com/react-select@1.2.1/dist/react-select.css https://secure.mycnote.com/widget/calculator/style.css https://content.mycnote.com https://www.dwolla.com; script-src 'self' cdn.dwolla.com ekr.zdassets.com static.zdassets.com www.google-analytics.com *.hotjar.com www.googleadservices.com googleads.g.doubleclick.net connect.facebook.net mpsnare.iesnare.com https://secure.mycnote.com/widget/calculator/bundle.js; font-src 'self' fonts.googleapis.com https://fonts.gstatic.com maxcdn.bootstrapcdn.com *.hotjar.com data: https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/fonts/slick.ttf https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/fonts/slick.woff https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/fonts/slick.eot https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/fonts/slick.svg; img-src 'self' content.mycnote.com mk0mycnoteej5y7x45qo.kinstacdn.com www.google-analytics.com stats.g.doubleclick.net www.google.com www.facebook.com *.hotjar.com data: cdn.mycnote.com; connect-src 'self' mycnote.zendesk.com ekr.zdassets.com www.google-analytics.com stats.g.doubleclick.net sentry.io wss://*.hotjar.com *.hotjar.com:* vc.hotjar.io wss://mpsnare.iesnare.com; frame-src 'self' *.hotjar.com www.dwolla.com https://secure.mycnote.com/widget/calculator/; frame-ancestors 'none'; media-src content.mycnote.com mk0mycnoteej5y7x45qo.kinstacdn.com mpsnare.iesnare.com; base-uri *.mycnote.com; upgrade-insecure-requests; report-uri https://sentry.io/api/231850/security/?sentry_key=e8829be5535f4d43bbfa156a887ef030&sentry_environment=production&sentry_release=0.0.1582
expires
0
core.bundle.js
secure.mycnote.com/bundle/ 		107 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.mycnote.com/bundle/core.bundle.js
Requested by
Host: secure.mycnote.com
URL: https://secure.mycnote.com/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.43.6.166 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-43-6-166.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
0a9f5faf37e5f424f9397b41acffc22b01967491ece7439c6db44236a78d503e
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com https://fonts.googleapis.com optimize.google.com https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/slick.min.css https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/slick-theme.min.css https://unpkg.com/react-select@1.2.1/dist/react-select.css https://secure.mycnote.com/widget/calculator/style.css https://content.mycnote.com https://www.dwolla.com; script-src 'self' cdn.dwolla.com ekr.zdassets.com static.zdassets.com www.google-analytics.com *.hotjar.com www.googleadservices.com googleads.g.doubleclick.net connect.facebook.net mpsnare.iesnare.com https://secure.mycnote.com/widget/calculator/bundle.js; font-src 'self' fonts.googleapis.com https://fonts.gstatic.com maxcdn.bootstrapcdn.com *.hotjar.com data: https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/fonts/slick.ttf https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/fonts/slick.woff https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/fonts/slick.eot https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/fonts/slick.svg; img-src 'self' content.mycnote.com mk0mycnoteej5y7x45qo.kinstacdn.com www.google-analytics.com stats.g.doubleclick.net www.google.com www.facebook.com *.hotjar.com data: cdn.mycnote.com; connect-src 'self' mycnote.zendesk.com ekr.zdassets.com www.google-analytics.com stats.g.doubleclick.net sentry.io wss://*.hotjar.com *.hotjar.com:* vc.hotjar.io wss://mpsnare.iesnare.com; frame-src 'self' *.hotjar.com www.dwolla.com https://secure.mycnote.com/widget/calculator/; frame-ancestors 'none'; media-src content.mycnote.com mk0mycnoteej5y7x45qo.kinstacdn.com mpsnare.iesnare.com; base-uri *.mycnote.com; upgrade-insecure-requests; report-uri https://sentry.io/api/231850/security/?sentry_key=e8829be5535f4d43bbfa156a887ef030&sentry_environment=production&sentry_release=0.0.1582
Strict-Transport-Security max-age=108864000000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://secure.mycnote.com/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 29 Apr 2020 16:58:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
surrogate-control
no-store
x-dns-prefetch-control
off
status
200
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 28 Apr 2020 22:53:32 GMT
server
nginx
x-frame-options
DENY
etag
W/"1ac88-171c2fed1e0"
x-download-options
noopen
strict-transport-security
max-age=108864000000; includeSubDomains
content-type
application/javascript; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com https://fonts.googleapis.com optimize.google.com https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/slick.min.css https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/slick-theme.min.css https://unpkg.com/react-select@1.2.1/dist/react-select.css https://secure.mycnote.com/widget/calculator/style.css https://content.mycnote.com https://www.dwolla.com; script-src 'self' cdn.dwolla.com ekr.zdassets.com static.zdassets.com www.google-analytics.com *.hotjar.com www.googleadservices.com googleads.g.doubleclick.net connect.facebook.net mpsnare.iesnare.com https://secure.mycnote.com/widget/calculator/bundle.js; font-src 'self' fonts.googleapis.com https://fonts.gstatic.com maxcdn.bootstrapcdn.com *.hotjar.com data: https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/fonts/slick.ttf https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/fonts/slick.woff https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/fonts/slick.eot https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/fonts/slick.svg; img-src 'self' content.mycnote.com mk0mycnoteej5y7x45qo.kinstacdn.com www.google-analytics.com stats.g.doubleclick.net www.google.com www.facebook.com *.hotjar.com data: cdn.mycnote.com; connect-src 'self' mycnote.zendesk.com ekr.zdassets.com www.google-analytics.com stats.g.doubleclick.net sentry.io wss://*.hotjar.com *.hotjar.com:* vc.hotjar.io wss://mpsnare.iesnare.com; frame-src 'self' *.hotjar.com www.dwolla.com https://secure.mycnote.com/widget/calculator/; frame-ancestors 'none'; media-src content.mycnote.com mk0mycnoteej5y7x45qo.kinstacdn.com mpsnare.iesnare.com; base-uri *.mycnote.com; upgrade-insecure-requests; report-uri https://sentry.io/api/231850/security/?sentry_key=e8829be5535f4d43bbfa156a887ef030&sentry_environment=production&sentry_release=0.0.1582
expires
0
login.bundle.js
secure.mycnote.com/bundle/ 		603 KB
187 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.mycnote.com/bundle/login.bundle.js
Requested by
Host: secure.mycnote.com
URL: https://secure.mycnote.com/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.43.6.166 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-43-6-166.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
cd4416cba3945c6b99eea4f97a429f8bf6c9c36ef7b0f3d0b4ec18fdbf3e6d0e
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com https://fonts.googleapis.com optimize.google.com https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/slick.min.css https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/slick-theme.min.css https://unpkg.com/react-select@1.2.1/dist/react-select.css https://secure.mycnote.com/widget/calculator/style.css https://content.mycnote.com https://www.dwolla.com; script-src 'self' cdn.dwolla.com ekr.zdassets.com static.zdassets.com www.google-analytics.com *.hotjar.com www.googleadservices.com googleads.g.doubleclick.net connect.facebook.net mpsnare.iesnare.com https://secure.mycnote.com/widget/calculator/bundle.js; font-src 'self' fonts.googleapis.com https://fonts.gstatic.com maxcdn.bootstrapcdn.com *.hotjar.com data: https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/fonts/slick.ttf https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/fonts/slick.woff https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/fonts/slick.eot https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/fonts/slick.svg; img-src 'self' content.mycnote.com mk0mycnoteej5y7x45qo.kinstacdn.com www.google-analytics.com stats.g.doubleclick.net www.google.com www.facebook.com *.hotjar.com data: cdn.mycnote.com; connect-src 'self' mycnote.zendesk.com ekr.zdassets.com www.google-analytics.com stats.g.doubleclick.net sentry.io wss://*.hotjar.com *.hotjar.com:* vc.hotjar.io wss://mpsnare.iesnare.com; frame-src 'self' *.hotjar.com www.dwolla.com https://secure.mycnote.com/widget/calculator/; frame-ancestors 'none'; media-src content.mycnote.com mk0mycnoteej5y7x45qo.kinstacdn.com mpsnare.iesnare.com; base-uri *.mycnote.com; upgrade-insecure-requests; report-uri https://sentry.io/api/231850/security/?sentry_key=e8829be5535f4d43bbfa156a887ef030&sentry_environment=production&sentry_release=0.0.1582
Strict-Transport-Security max-age=108864000000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://secure.mycnote.com/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 29 Apr 2020 16:58:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
surrogate-control
no-store
x-dns-prefetch-control
off
status
200
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 28 Apr 2020 22:53:32 GMT
server
nginx
x-frame-options
DENY
etag
W/"96dd8-171c2fed1e0"
x-download-options
noopen
strict-transport-security
max-age=108864000000; includeSubDomains
content-type
application/javascript; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com https://fonts.googleapis.com optimize.google.com https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/slick.min.css https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/slick-theme.min.css https://unpkg.com/react-select@1.2.1/dist/react-select.css https://secure.mycnote.com/widget/calculator/style.css https://content.mycnote.com https://www.dwolla.com; script-src 'self' cdn.dwolla.com ekr.zdassets.com static.zdassets.com www.google-analytics.com *.hotjar.com www.googleadservices.com googleads.g.doubleclick.net connect.facebook.net mpsnare.iesnare.com https://secure.mycnote.com/widget/calculator/bundle.js; font-src 'self' fonts.googleapis.com https://fonts.gstatic.com maxcdn.bootstrapcdn.com *.hotjar.com data: https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/fonts/slick.ttf https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/fonts/slick.woff https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/fonts/slick.eot https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/fonts/slick.svg; img-src 'self' content.mycnote.com mk0mycnoteej5y7x45qo.kinstacdn.com www.google-analytics.com stats.g.doubleclick.net www.google.com www.facebook.com *.hotjar.com data: cdn.mycnote.com; connect-src 'self' mycnote.zendesk.com ekr.zdassets.com www.google-analytics.com stats.g.doubleclick.net sentry.io wss://*.hotjar.com *.hotjar.com:* vc.hotjar.io wss://mpsnare.iesnare.com; frame-src 'self' *.hotjar.com www.dwolla.com https://secure.mycnote.com/widget/calculator/; frame-ancestors 'none'; media-src content.mycnote.com mk0mycnoteej5y7x45qo.kinstacdn.com mpsnare.iesnare.com; base-uri *.mycnote.com; upgrade-insecure-requests; report-uri https://sentry.io/api/231850/security/?sentry_key=e8829be5535f4d43bbfa156a887ef030&sentry_environment=production&sentry_release=0.0.1582
expires
0
analytics.js
www.google-analytics.com/ 		44 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: secure.mycnote.com
URL: https://secure.mycnote.com/external/ga.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.mycnote.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 06 Feb 2020 00:21:02 GMT
server
Golfe2
age
159
date
Wed, 29 Apr 2020 16:56:20 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
18174
expires
Wed, 29 Apr 2020 18:56:20 GMT
hotjar-495218.js
static.hotjar.com/c/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-495218.js?sv=6
Requested by
Host: secure.mycnote.com
URL: https://secure.mycnote.com/external/hotjar.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.100.69 Central, Hong Kong, ASN54825 (PACKET, US),
Reverse DNS
pkt-ams-k2-shared-ingress16
Software
/
Resource Hash
ad50e0a14e698560816e4e7651b3ec00030a6762f0cd1e7d65129d35d57dd0ee
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.mycnote.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 29 Apr 2020 16:58:58 GMT
content-encoding
br
x-content-type-options
nosniff
section-io-tag
hotjar
age
0
status
200
section-io-cache
Miss
vary
Accept-Encoding
content-length
1583
cache-control
max-age=60
etag
W/d057fb4376c13cc55ba3c413133f8b96
access-control-max-age
600
section-io-origin-status
200
access-control-allow-origin
*
x-cache-hit
1
section-io-origin-time-seconds
0.077
section-io-id
ac27c9cb23f7851b60e95ce3887816de
accept-ranges
bytes
content-type
application/javascript
section-origin-responded
true
static_wdp.js
secure.mycnote.com/iojs/general5/tm1cry07Wg8CtLY792Ij-IwJ2C8wyyG-hIhq8L0VR8M/ 		39 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.mycnote.com/iojs/general5/tm1cry07Wg8CtLY792Ij-IwJ2C8wyyG-hIhq8L0VR8M/static_wdp.js?loaderVer=5.1.0&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false
Requested by
Host: secure.mycnote.com
URL: https://secure.mycnote.com/external/iovation.loader_v5.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.43.6.166 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-43-6-166.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
ab0c17e126740941d90b4b107e8d8a4921098aae1c270c56431632df58b7ae8d

Request headers

Referer
https://secure.mycnote.com/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 29 Apr 2020 16:58:59 GMT
content-encoding
gzip
last-modified
Tue, 06 May 2014 00:01:40 GMT
server
nginx
p3p
CP="NON DSP COR CURa"
status
200
cache-control
private
content-type
text/javascript; charset=utf-8
expires
Fri, 29 May 2020 16:58:59 GMT
wdp.js
mpsnare.iesnare.com/general5/tm1cry07Wg8CtLY792Ij-IwJ2C8wyyG-hIhq8L0VR8M/ 		50 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mpsnare.iesnare.com/general5/tm1cry07Wg8CtLY792Ij-IwJ2C8wyyG-hIhq8L0VR8M/wdp.js?loaderVer=5.1.0&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false
Requested by
Host: secure.mycnote.com
URL: https://secure.mycnote.com/external/iovation.loader_v5.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.129.74.12 , United States, ASN395492 (IOVATION3, US),
Reverse DNS
mpsnare.iesnare.com
Software
nginx /
Resource Hash
512bc8cc0479e9d32adfd8bcead01f39407afbcd9e07660ca7db65ae11a31ba6
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://secure.mycnote.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 29 Apr 2020 16:58:59 GMT
Content-Encoding
gzip
Server
nginx
Strict-Transport-Security
max-age=15552000; includeSubDomains
p3p
CP="NON DSP COR CURa"
Cache-Control
no-cache, private
Transfer-Encoding
chunked
Connection
keep-alive
Content-Type
text/javascript; charset=utf-8
Expires
0
email.png
content.mycnote.com/images/account/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.mycnote.com/images/account/email.png
Requested by
Host: secure.mycnote.com
URL: https://secure.mycnote.com/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.253.113 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-113.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee54fa5d44125f5804d6a7fcf7930a43c8f9dc18fb63243206d5251bf32dfd0f

Request headers

Referer
https://secure.mycnote.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 f038e7175be9761825b2eefc2b0a832e.cloudfront.net (CloudFront)
last-modified
Wed, 23 Aug 2017 14:47:58 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
etag
"5f0569a986873328c06a404f1500888b"
x-cache
RefreshHit from cloudfront
content-type
image/png
status
200
cache-control
public, max-age=86400
date
Wed, 29 Apr 2020 16:59:01 GMT
accept-ranges
bytes
content-length
1276
x-amz-cf-id
_deXezpQj3pcW0U44Sa7EHT2gd3UHhOlFTlAlmOUkqBzviTraJ5s0Q==
social_sprite-v1.png
content.mycnote.com/images/landing/v1/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.mycnote.com/images/landing/v1/social_sprite-v1.png
Requested by
Host: secure.mycnote.com
URL: https://secure.mycnote.com/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.253.113 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-113.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cde73a6baae636441a6822dde4a7609d26d76f3d07e172b73e1e88be9f3adff4

Request headers

Referer
https://secure.mycnote.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 f038e7175be9761825b2eefc2b0a832e.cloudfront.net (CloudFront)
last-modified
Tue, 10 Oct 2017 11:56:12 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
etag
"54effb7f518db037918ab094ca551dd1"
x-cache
RefreshHit from cloudfront
content-type
image/png
status
200
cache-control
public, max-age=86400
date
Wed, 29 Apr 2020 16:59:01 GMT
accept-ranges
bytes
content-length
1179
x-amz-cf-id
xiRxAXxlJ0bfM3iElHIvm_IY3zXLnebTYF4_0FN_yWyyMApoJFfTbQ==
qkBWXvYC6trAT7zuC8m5xLtlmgzD.woff2
fonts.gstatic.com/s/karla/v13/ 		7 KB
7 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/karla/v13/qkBWXvYC6trAT7zuC8m5xLtlmgzD.woff2
Requested by
Host: secure.mycnote.com
URL: https://secure.mycnote.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
44a947b84d612dfbb0031de1b59f60bb6ba538445ae478cf4e0835ae856498c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Karla:400,700
Origin
https://secure.mycnote.com

Response headers

date
Fri, 10 Apr 2020 03:22:07 GMT
x-content-type-options
nosniff
last-modified
Sun, 08 Dec 2019 17:40:47 GMT
server
sffe
age
1690612
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6796
x-xss-protection
0
expires
Sat, 10 Apr 2021 03:22:07 GMT
qkBbXvYC6trAT7RVLtyU5rZP.woff2
fonts.gstatic.com/s/karla/v13/ 		6 KB
6 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/karla/v13/qkBbXvYC6trAT7RVLtyU5rZP.woff2
Requested by
Host: secure.mycnote.com
URL: https://secure.mycnote.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0e16c1755f809d290b0c5e746654f10169af40c580767e0765bdd43fc542dfce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Karla:400,700
Origin
https://secure.mycnote.com

Response headers

date
Thu, 23 Apr 2020 17:38:17 GMT
x-content-type-options
nosniff
last-modified
Sun, 08 Dec 2019 17:40:34 GMT
server
sffe
age
516042
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6332
x-xss-protection
0
expires
Fri, 23 Apr 2021 17:38:17 GMT
ga-audiences
www.google.com/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1385664584&t=pageview&_s=1&dl=https%3A%2F%2Fsecure.mycnote.com%2Flogin&ul=en-us&de=UTF-8&dt=Secure%20CNote%20Account%20Log%20In.&sd=24-bit&sr...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-87944362-1&cid=150927189.1588179540&jid=1446153449&_gid=2119062215.1588179540&gjid=904892770&_v=j81&z=1231319027
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-87944362-1&cid=150927189.1588179540&jid=1446153449&_v=j81&z=1231319027
0
0
2e2dfff4-5bd4-412e-bb98-c865640005bf
ekr.zdassets.com/compose/ 		543 B
775 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ekr.zdassets.com/compose/2e2dfff4-5bd4-412e-bb98-c865640005bf
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=2e2dfff4-5bd4-412e-bb98-c865640005bf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.71.113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cbe488c1964ec69fdde236cfedaea189f06458473379151bb3906d82a0ad0dcb
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://secure.mycnote.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 29 Apr 2020 16:58:59 GMT
content-encoding
br
vary
Origin, Accept-Encoding
cf-cache-status
MISS
status
200, 200 OK
strict-transport-security
max-age=0
cf-request-id
026879ae710000cc3ee1910200000001
x-request-id
c2f8e6e6-187b-411a-b8ad-da3a23858457
x-runtime
0.002980
server
cloudflare
etag
W/"cbe488c1964ec69fdde236cfedaea189"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
1728000
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=600, public, s-maxage=60, stale-while-revalidate=600, stale-if-error=3600
cf-ray
58ba922a4cd6cc3e-ZRH
/
sentry.io/api/231850/security/ 		0
417 B 		Other
General
Check archive.org
Download Go to
Full URL
https://sentry.io/api/231850/security/?sentry_key=e8829be5535f4d43bbfa156a887ef030&sentry_environment=production&sentry_release=0.0.1582
Requested by
Host: secure.mycnote.com
URL: https://secure.mycnote.com/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.188.42.15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
15.42.188.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://secure.mycnote.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/csp-report

Response headers

Date
Wed, 29 Apr 2020 16:59:00 GMT
vary
Origin
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Type
application/javascript
access-control-allow-origin
https://secure.mycnote.com
access-control-expose-headers
retry-after, x-sentry-error, x-sentry-rate-limits
x-envoy-upstream-service-time
1
Connection
keep-alive
Content-Length
0
ga-audiences
www.google.de/ads/ 		0
0
logo.js
mpsnare.iesnare.com/5.2.2/tm1cry07Wg8CtLY792Ij-IwJ2C8wyyG-hIhq8L0VR8M/ 		477 B
809 B 		Script
General
Check archive.org
Download Go to
Full URL
https://mpsnare.iesnare.com/5.2.2/tm1cry07Wg8CtLY792Ij-IwJ2C8wyyG-hIhq8L0VR8M/logo.js
Requested by
Host: mpsnare.iesnare.com
URL: https://mpsnare.iesnare.com/general5/tm1cry07Wg8CtLY792Ij-IwJ2C8wyyG-hIhq8L0VR8M/wdp.js?loaderVer=5.1.0&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.129.74.12 , United States, ASN395492 (IOVATION3, US),
Reverse DNS
mpsnare.iesnare.com
Software
nginx /
Resource Hash
b1d7819f48bf3ee51ed168f9004eb536e92fc70f849927abd51b956e4f3b46b5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://secure.mycnote.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 29 Apr 2020 16:58:59 GMT
Content-Encoding
gzip
Last-Modified
Tue, 06 May 2014 00:01:40 GMT
Server
nginx
Strict-Transport-Security
max-age=15552000; includeSubDomains
p3p
CP="NON DSP COR CURa"
Cache-Control
private
Transfer-Encoding
chunked
Connection
keep-alive
Content-Type
text/javascript; charset=utf-8
Expires
Thu, 29 Apr 2021 16:58:59 GMT
modules.de7e888e0955327c1dca.js
script.hotjar.com/ 		367 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.de7e888e0955327c1dca.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-495218.js?sv=6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.102.13 Central, Hong Kong, ASN54825 (PACKET, US),
Reverse DNS
pkt-ams-k2-shared-ingress1
Software
/
Resource Hash
2c271c4a665faddbe0cc0775cffff81a985f7ee272e43b346d81cb0dc4fda652

Request headers

Referer
https://secure.mycnote.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 29 Apr 2020 16:58:59 GMT
content-encoding
br
age
96909
status
200
section-io-cache
Hit
content-length
70843
last-modified
Tue, 28 Apr 2020 14:00:26 GMT
etag
"8236059abaf6e318caaa8285194d3c2a"
vary
Accept-Encoding
section-io-origin-status
200
access-control-allow-origin
*
cache-control
max-age=31536000
section-io-origin-time-seconds
0.089
section-io-id
a561cb73310ee13077b183b215d2679b
accept-ranges
bytes
content-type
application/javascript
section-origin-responded
true
dyn_wdp.js
secure.mycnote.com/iojs/5.3.0/tm1cry07Wg8CtLY792Ij-IwJ2C8wyyG-hIhq8L0VR8M/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.mycnote.com/iojs/5.3.0/tm1cry07Wg8CtLY792Ij-IwJ2C8wyyG-hIhq8L0VR8M/dyn_wdp.js?loaderVer=5.1.0&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false
Requested by
Host: secure.mycnote.com
URL: https://secure.mycnote.com/external/iovation.loader_v5.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.43.6.166 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-43-6-166.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
7f114720c0e5a75aa76b5cd318726e1f3a699d85740d5b7d0335eb0a042341bb

Request headers

Referer
https://secure.mycnote.com/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Apr 2020 16:59:00 GMT
content-encoding
gzip
server
nginx
p3p
CP="NON DSP COR CURa"
status
200
cache-control
no-cache, private
content-type
text/javascript; charset=utf-8
expires
0
fbevents.js
connect.facebook.net/en_US/ 		126 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: secure.mycnote.com
URL: https://secure.mycnote.com/bundle/login.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://secure.mycnote.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-27=":443"; ma=3600
content-length
30466
x-xss-protection
0
pragma
public
x-fb-debug
TP6Qp5Jn3MCooxXEuVHKHw+KCHvsnZ7gcWKjzh1lHVmqn2qvNNwD27GkVohG6N3BJH1IbxY9m3hhaDqHSFcKTw==
x-fb-trip-id
1850256238
x-frame-options
DENY
date
Wed, 29 Apr 2020 16:59:00 GMT, Wed, 29 Apr 2020 16:59:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j81&a=1385664584&t=pageview&_s=2&dl=https%3A%2F%2Fsecure.mycnote.com%2Flogin&dp=%2Flogin&ul=en-us&de=UTF-8&dt=Secure%20CNote%20Account%20Log%20In.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KEBAAEAB~&jid=&gjid=&cid=150927189.1588179540&tid=UA-87944362-1&_gid=2119062215.1588179540&z=1611512053
Requested by
Host: secure.mycnote.com
URL: https://secure.mycnote.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.mycnote.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Apr 2020 13:18:26 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
2432434
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
preload.67ba507e0c169cffc983.js
static.zdassets.com/web_widget/latest/ Frame A275 		44 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/latest/preload.67ba507e0c169cffc983.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=2e2dfff4-5bd4-412e-bb98-c865640005bf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd35a1d6460bc4880c26dbdf7d3bfe216e54d3d84f660e64d73f32d714344803
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 29 Apr 2020 16:59:00 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
43746
x-amz-server-side-encryption
AES256
status
200
x-amz-replication-status
COMPLETED
x-amz-request-id
4BBC222ABFE18D1D
x-amz-id-2
/+sSL5JwFS6Jy4xUOLaV4ZSRPKuoNG+P2o+Npx4UNsGPo1icPNd4I/1KXwD+t0v+ERcjxX/pyAQ=
last-modified
Wed, 29 Apr 2020 04:38:05 GMT
server
cloudflare
etag
W/"be885d2bed606e851c3344172d430a56"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
BsYB_x5XEnzrgR9TnCpySc6UkRjcLf_t
cf-request-id
026879b0eb0000cc4eb78eb200000001
cf-ray
58ba922e499ccc4e-ZRH
expires
Thu, 29 Apr 2021 04:38:04 GMT
vendors~web_widget.5f9455b566eeeb5e7324.chunk.js
static.zdassets.com/web_widget/latest/ Frame A275 		1 MB
279 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/latest/vendors~web_widget.5f9455b566eeeb5e7324.chunk.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=2e2dfff4-5bd4-412e-bb98-c865640005bf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
03ad20dbca1ec66ce5fe85edbd024ca1f4f4de08bf960a4d718d6ecc2a98f212
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 29 Apr 2020 16:59:00 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
3865
x-amz-server-side-encryption
AES256
status
200
x-amz-replication-status
COMPLETED
x-amz-request-id
E2640779C7B992F6
x-amz-id-2
l+u/axGqOhKFSNp9C6khKNs8tV8X4N1P2T6qli/l6FuNLlrzMUFuziU1iWSeApr5moJVbmTR70I=
last-modified
Wed, 29 Apr 2020 04:38:06 GMT
server
cloudflare
etag
W/"0a541654b0fee8b91c25e61e08aef795"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
f15XivGcQ4UHaEKRGfB4Jwq8bhX6AgbF
cf-request-id
026879b0eb0000cc4eb78ec200000001
cf-ray
58ba922e499fcc4e-ZRH
expires
Thu, 29 Apr 2021 04:38:05 GMT
web_widget.7fa49dc7690999ffd64b.chunk.js
static.zdassets.com/web_widget/latest/ Frame A275 		878 KB
166 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/latest/web_widget.7fa49dc7690999ffd64b.chunk.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=2e2dfff4-5bd4-412e-bb98-c865640005bf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
443be5afce8978b8226f2eff67f77ad96eb4f9406f9c77dd8f0f053948ffa39a
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 29 Apr 2020 16:59:00 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
43746
x-amz-server-side-encryption
AES256
status
200
x-amz-replication-status
COMPLETED
x-amz-request-id
C0F68FFD2BD361B6
x-amz-id-2
VbbI/Oesc5Fd6aji5SFoABODMDRn+m3Yc3HLJH6nnTMTOR57f9h21Q+FuCSRd2cDXmD46or7Xtw=
last-modified
Wed, 29 Apr 2020 04:38:06 GMT
server
cloudflare
etag
W/"c33b19d2d0f4023d86e2570f6422f818"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
ViG9BKSuDBYmHl7grGkoVUXoJoNabXrY
cf-request-id
026879b0eb0000cc4eb78ed200000001
cf-ray
58ba922e49a4cc4e-ZRH
expires
Thu, 29 Apr 2021 04:38:05 GMT
identity.js
connect.facebook.net/signals/plugins/ 		42 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/plugins/identity.js?v=2.9.15
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2d1ebc88e56ceb0aa1d93c5e7f46539110c25d1d07a1bab71a8dc3afa5d07cb8
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://secure.mycnote.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-27=":443"; ma=3600
content-length
10620
x-xss-protection
0
pragma
public
x-fb-debug
zxHYPaNqg2BAbxW4tTB7E5tHaODKqQv/XOquWDttzIkcbNwrQ7L2ILdEel/YU7AdCH5Wughn+JcOHkxG9Gdfgw==
x-fb-trip-id
1850256238
x-frame-options
DENY
date
Wed, 29 Apr 2020 16:59:00 GMT, Wed, 29 Apr 2020 16:59:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
1242902119103410
connect.facebook.net/signals/config/ 		100 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1242902119103410?v=2.9.15&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b71beafd9c3cebf77852c109fc7dd42fe2ebc9b28dd05f79e74eeac01e61f7e2
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;report-uri https://www.facebook.com/csp/reporting/
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://secure.mycnote.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-27=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
k3/2rnsfhh8VENUX+7ZCATmd8Im3GQhEHvigXW9KLMdthsJ6m1dA+hH1jprJwL7IBtFC134omzXgDMTd9dSa9A==
x-fb-trip-id
1850256238
x-frame-options
DENY
date
Wed, 29 Apr 2020 16:59:00 GMT, Wed, 29 Apr 2020 16:59:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;report-uri https://www.facebook.com/csp/reporting/
expires
Sat, 01 Jan 2000 00:00:00 GMT
box-469cf41adb11dc78be68c1ae7f9457a4.html
vars.hotjar.com/ Frame BC59 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-495218.js?sv=6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.102.203 Central, Hong Kong, ASN54825 (PACKET, US),
Reverse DNS
pkt-ams-k2-shared-ingress3
Software
/
Resource Hash

Request headers

:method
GET
:authority
vars.hotjar.com
:scheme
https
:path
/box-469cf41adb11dc78be68c1ae7f9457a4.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://secure.mycnote.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://secure.mycnote.com/

Response headers

status
200
date
Wed, 29 Apr 2020 16:59:00 GMT
content-type
text/html
content-length
851
last-modified
Wed, 25 Mar 2020 15:18:29 GMT
etag
"d594f1d4c3e5dbd6b556c60d34e0daea"
cache-control
max-age=31536000
content-encoding
br
section-io-origin-status
200
section-io-origin-time-seconds
0.092
section-origin-responded
true
age
2978928
vary
Accept-Encoding
section-io-cache
Hit
accept-ranges
bytes
section-io-id
b4c305fdc75f61a081ef8d06caaef442
logo.js
secure.mycnote.com/iojs/5.3.0/tm1cry07Wg8CtLY792Ij-IwJ2C8wyyG-hIhq8L0VR8M/ 		477 B
615 B 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.mycnote.com/iojs/5.3.0/tm1cry07Wg8CtLY792Ij-IwJ2C8wyyG-hIhq8L0VR8M/logo.js
Requested by
Host: secure.mycnote.com
URL: https://secure.mycnote.com/iojs/general5/tm1cry07Wg8CtLY792Ij-IwJ2C8wyyG-hIhq8L0VR8M/static_wdp.js?loaderVer=5.1.0&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.43.6.166 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-43-6-166.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
653e01bf5a8bf92064e6b1897a0aea438c446f7735b05044b11c866b674d0992

Request headers

Referer
https://secure.mycnote.com/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 29 Apr 2020 16:59:00 GMT
content-encoding
gzip
last-modified
Tue, 06 May 2014 00:01:40 GMT
server
nginx
p3p
CP="NON DSP COR CURa"
status
200
cache-control
private
content-type
text/javascript; charset=utf-8
expires
Thu, 29 Apr 2021 16:59:00 GMT
config
mycnote.zendesk.com/embeddable/ 		396 B
972 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mycnote.zendesk.com/embeddable/config
Requested by
Host: secure.mycnote.com
URL: https://secure.mycnote.com/bundle/login.bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.53.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21a7a588bde2e11eb7797cddef38f52b922e36e3d5473d96fbc3cc0995414cdc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.mycnote.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 29 Apr 2020 16:59:00 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
status
200
strict-transport-security
max-age=31536000;
vary
Origin, Accept-Encoding
cf-request-id
026879b15a0000cc3ecf986200000001
x-request-id
58ba922efe10cc3e-SEA
x-runtime
0.027508
server
cloudflare
etag
W/"21a7a588bde2e11eb7797cddef38f52b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
1728000
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
cache-control
public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
x-zendesk-origin-server
embeddable-app-server-598798f67c-6btxc
cf-ray
58ba922efe10cc3e-ZRH
/
www.facebook.com/tr/ 		44 B
249 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1242902119103410&ev=PageView&dl=https%3A%2F%2Fsecure.mycnote.com%2Flogin&rl=&if=false&ts=1588179540272&sw=1600&sh=1200&v=2.9.15&r=stable&ec=0&o=28&fbp=fb.1.1588179540269.1742300981&it=1588179540203&coo=false&rqm=GET
Requested by
Host: secure.mycnote.com
URL: https://secure.mycnote.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://secure.mycnote.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 29 Apr 2020 16:59:00 GMT, Wed, 29 Apr 2020 16:59:00 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-27=":443"; ma=3600
content-length
44
expires
Wed, 29 Apr 2020 16:59:00 GMT
embeddable_blip
mycnote.zendesk.com/ Frame A275 		0
261 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mycnote.zendesk.com/embeddable_blip?type=settings&data=eyJzZXR0aW5ncyI6eyJ3ZWJXaWRnZXQiOnsiY29sb3IiOnsidGhlbWUiOiIjMzI5ODlCIiwibGF1bmNoZXJUZXh0IjoiI0ZGRkZGRiJ9fX0sImJ1aWQiOiIxMTk0OWUwZjQ5YWY3M2E4ZWRlMTY5MzNkZjI4NDY1ZCIsInN1aWQiOiJkZTBmMDYzNjgyNmNiOTM2OGUzMDg3ZTRmNGU3YzllOSIsInZlcnNpb24iOiJmMThmNGEzMzAiLCJ0aW1lc3RhbXAiOiIyMDIwLTA0LTI5VDE2OjU5OjAwLjY2N1oiLCJ1cmwiOiJodHRwczovL3NlY3VyZS5teWNub3RlLmNvbS9sb2dpbiJ9
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/vendors~web_widget.5f9455b566eeeb5e7324.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.53.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 29 Apr 2020 16:59:00 GMT
cf-cache-status
MISS
server
cloudflare
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html; charset=utf-8
access-control-allow-origin
https://secure.mycnote.com
cache-control
no-store, no-cache, must-revalidate
accept-ranges
bytes
cf-ray
58ba92314a81cc3e-ZRH
content-length
0
cf-request-id
026879b2c80000cc3ecf9b0200000001
en-us.39cd5e9a02de31b5bebb.js
static.zdassets.com/web_widget/latest/locales/ Frame A275 		24 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/latest/locales/en-us.39cd5e9a02de31b5bebb.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/vendors~web_widget.5f9455b566eeeb5e7324.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9ccd92da0f2945598b58ab70a3f546117b05134fbda7a6880c8f75f4525e96a
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 29 Apr 2020 16:59:00 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
43742
x-amz-server-side-encryption
AES256
status
200
x-amz-replication-status
COMPLETED
x-amz-request-id
7C713D7C1167AD50
x-amz-id-2
YAliy4tmjNjQ99yvdfjFT9lrwCoQXV78NRBmYR+vRPwWt+SYJaHcDLgfy/pyngjn04NqFa5/I6o=
last-modified
Wed, 29 Apr 2020 04:38:24 GMT
server
cloudflare
etag
W/"39cd5e9a02de31b5bebb818a773ec707"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
w7N7RGUMCBxoUZdHWjTMqTJAE5H7VQOz
cf-request-id
026879b2c80000cc4eb7900200000001
cf-ray
58ba92314878cc4e-ZRH
expires
Thu, 29 Apr 2021 04:38:23 GMT
ticket_fields
mycnote.zendesk.com/embeddable/ Frame A275 		238 B
358 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mycnote.zendesk.com/embeddable/ticket_fields?locale=en-US
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/vendors~web_widget.5f9455b566eeeb5e7324.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.53.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8dab2ea25cb0b748d8b8cbdf3774d250492c41b1544bb6b395c2658cc2f29822
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US
Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 29 Apr 2020 16:59:01 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
status
200
strict-transport-security
max-age=31536000;
vary
Origin, Accept-Encoding
cf-request-id
026879b3150000cc3ecf9be200000001
x-request-id
58ba9231bb74cc3e-ZRH
x-runtime
0.126152
server
cloudflare
etag
W/"8dab2ea25cb0b748d8b8cbdf3774d250"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
1728000
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=600, public
x-zendesk-origin-server
embeddable-app-server-598798f67c-6sx2s
cf-ray
58ba9231bb74cc3e-ZRH
embeddable_blip
mycnote.zendesk.com/ Frame A275 		0
184 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mycnote.zendesk.com/embeddable_blip?type=pageView&data=eyJwYWdlVmlldyI6eyJyZWZlcnJlciI6Imh0dHBzOi8vc2VjdXJlLm15Y25vdGUuY29tL2xvZ2luIiwidGltZSI6MjM2LCJsb2FkVGltZSI6NDguODg0OTk5MDA2OTg2NjIsIm5hdmlnYXRvckxhbmd1YWdlIjoiZW4tVVMiLCJwYWdlVGl0bGUiOiJTZWN1cmUgQ05vdGUgQWNjb3VudCBMb2cgSW4uIiwidXNlckFnZW50IjoiTW96aWxsYS81LjAgKE1hY2ludG9zaDsgSW50ZWwgTWFjIE9TIFggMTBfMTRfNSkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzc0LjAuMzcyOS4xNjkgU2FmYXJpLzUzNy4zNiIsImlzTW9iaWxlIjpmYWxzZSwiaXNSZXNwb25zaXZlIjp0cnVlLCJ2aWV3cG9ydE1ldGEiOiJ3aWR0aD1kZXZpY2Utd2lkdGgsIGluaXRpYWwtc2NhbGU9MSwgbWF4aW11bS1zY2FsZT0xIiwiaGVscENlbnRlckRlZHVwIjpmYWxzZX0sImJ1aWQiOiJhZTYwMTUyY2NlN2Q5NjA5NjNkYzI4ZDliMDU4ZDUyMCIsInN1aWQiOiJhOGQ4NmYwM2Q4YTU0MjlmMzkwMDZkODM3NDYwNmRjOSIsInZlcnNpb24iOiJmMThmNGEzMzAiLCJ0aW1lc3RhbXAiOiIyMDIwLTA0LTI5VDE2OjU5OjAwLjg5NFoiLCJ1cmwiOiJodHRwczovL3NlY3VyZS5teWNub3RlLmNvbS9sb2dpbiJ9
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/vendors~web_widget.5f9455b566eeeb5e7324.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.53.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 29 Apr 2020 16:59:01 GMT
cf-cache-status
MISS
server
cloudflare
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html; charset=utf-8
access-control-allow-origin
https://secure.mycnote.com
cache-control
no-store, no-cache, must-revalidate
accept-ranges
bytes
cf-ray
58ba9232ad34cc3e-ZRH
content-length
0
cf-request-id
026879b3a80000cc3ecf9cc200000001

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.google.com
URL
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-87944362-1&cid=150927189.1588179540&jid=1446153449&_v=j81&z=1231319027
Domain
www.google.de
URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-87944362-1&cid=150927189.1588179540&jid=1446153449&_v=j81&z=1231319027&slf_rd=1&random=1480769198

Verdicts & Comments Add Verdict or Comment

34 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate string| GoogleAnalyticsObject function| ga function| hj object| _hjSettings string| io_global_object_name object| IGLOO object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| zEWebpackACJsonp function| setImmediate function| clearImmediate function| zE function| zEmbed object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| zESettings boolean| zEACLoaded object| __core-js_shared__ object| core object| regeneratorRuntime boolean| _babelPolyfill object| scCGSHMRCache object| html function| html_sanitize object| __SENTRY__ function| fbq function| _fbq string| CNOTE_VERSION function| $zopim

7 Cookies

Domain/Path Name / Value
.mycnote.com/ Name: _fbp
Value: fb.1.1588179540269.1742300981
.mycnote.com/ Name: _gid
Value: GA1.2.2119062215.1588179540
.mycnote.com/ Name: _ga
Value: GA1.2.150927189.1588179540
.mycnote.com/ Name: _hjid
Value: 729d13d3-fc58-478a-9aee-ea902d3cbdda
secure.mycnote.com/ Name: fp_token_7c6a6574-f011-4c9a-abdd-9894a102ccef
Value: KgRXTf/WXuUOxJeGiMmBh+4SSX7bbVD/WyXKOPKcCmo=
.mycnote.com/ Name: _gat
Value: 1
secure.mycnote.com/ Name: connect.sid
Value: s%3A2GELjGwN-yie2h2Iod-Exse6ErsSr6MW.ZAUMeytkWjRCcmvKkAav%2FZ9kc9tTXIsaCbgAWW9muu4

1 Console Messages

Source Level URL
Text
console-api warning URL: https://secure.mycnote.com/bundle/login.bundle.js(Line 2)
Message:
[Facebook Pixel] - Call to "fbq('set', 'autoConfig', Boolean, Number);" with parameter "pixel_id" has an invalid value of "Number"

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com https://fonts.googleapis.com optimize.google.com https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/slick.min.css https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/slick-theme.min.css https://unpkg.com/react-select@1.2.1/dist/react-select.css https://secure.mycnote.com/widget/calculator/style.css https://content.mycnote.com https://www.dwolla.com; script-src 'self' cdn.dwolla.com ekr.zdassets.com static.zdassets.com www.google-analytics.com *.hotjar.com www.googleadservices.com googleads.g.doubleclick.net connect.facebook.net mpsnare.iesnare.com https://secure.mycnote.com/widget/calculator/bundle.js; font-src 'self' fonts.googleapis.com https://fonts.gstatic.com maxcdn.bootstrapcdn.com *.hotjar.com data: https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/fonts/slick.ttf https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/fonts/slick.woff https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/fonts/slick.eot https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/fonts/slick.svg; img-src 'self' content.mycnote.com mk0mycnoteej5y7x45qo.kinstacdn.com www.google-analytics.com stats.g.doubleclick.net www.google.com www.facebook.com *.hotjar.com data: cdn.mycnote.com; connect-src 'self' mycnote.zendesk.com ekr.zdassets.com www.google-analytics.com stats.g.doubleclick.net sentry.io wss://*.hotjar.com *.hotjar.com:* vc.hotjar.io wss://mpsnare.iesnare.com; frame-src 'self' *.hotjar.com www.dwolla.com https://secure.mycnote.com/widget/calculator/; frame-ancestors 'none'; media-src content.mycnote.com mk0mycnoteej5y7x45qo.kinstacdn.com mpsnare.iesnare.com; base-uri *.mycnote.com; upgrade-insecure-requests; report-uri https://sentry.io/api/231850/security/?sentry_key=e8829be5535f4d43bbfa156a887ef030&sentry_environment=production&sentry_release=0.0.1582
Strict-Transport-Security max-age=108864000000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
connect.facebook.net
content.mycnote.com
ekr.zdassets.com
fonts.googleapis.com
fonts.gstatic.com
maxcdn.bootstrapcdn.com
mpsnare.iesnare.com
mycnote.zendesk.com
script.hotjar.com
secure.mycnote.com
sentry.io
static.hotjar.com
static.zdassets.com
unpkg.com
vars.hotjar.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.google.com
www.google.de
104.16.53.111
104.18.70.113
104.18.71.113
13.35.253.113
147.75.100.69
147.75.102.13
147.75.102.203
2001:4de0:ac19::1:b:3a
2606:4700::6810:7eaf
2606:4700::6810:84e5
2a00:1450:4001:801::2003
2a00:1450:4001:81c::200e
2a00:1450:4001:821::200a
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
35.188.42.15
52.129.74.12
52.43.6.166
02422e2c906c6da0b77504e3deb6babf742bbb2bdb6d96aca439d38dd046fd43
03ad20dbca1ec66ce5fe85edbd024ca1f4f4de08bf960a4d718d6ecc2a98f212
0a9f5faf37e5f424f9397b41acffc22b01967491ece7439c6db44236a78d503e
0e16c1755f809d290b0c5e746654f10169af40c580767e0765bdd43fc542dfce
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
21a7a588bde2e11eb7797cddef38f52b922e36e3d5473d96fbc3cc0995414cdc
2c271c4a665faddbe0cc0775cffff81a985f7ee272e43b346d81cb0dc4fda652
2d1ebc88e56ceb0aa1d93c5e7f46539110c25d1d07a1bab71a8dc3afa5d07cb8
332bf73fb2583537904f076eb92dd769f3952f85619b8380115aee4074e5ecfd
443be5afce8978b8226f2eff67f77ad96eb4f9406f9c77dd8f0f053948ffa39a
44a947b84d612dfbb0031de1b59f60bb6ba538445ae478cf4e0835ae856498c3
51139173f96578b41c6544782053d2158ee95b6555fea2fa7a2c9ea3809dac8b
512bc8cc0479e9d32adfd8bcead01f39407afbcd9e07660ca7db65ae11a31ba6
555c478b66daf5e75bf14a7d087eeab2f1e5e00cc7b85ade52e507fd6d7cdb90
5a684227c1eef599cf45d875e0f906a73e0fb247aca49c0de70c1a14e7ef818f
5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685
653e01bf5a8bf92064e6b1897a0aea438c446f7735b05044b11c866b674d0992
7f114720c0e5a75aa76b5cd318726e1f3a699d85740d5b7d0335eb0a042341bb
830805872206eae14968a7d088c604e3a5dcb73f2e05d73115bca58f05bfee89
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8dab2ea25cb0b748d8b8cbdf3774d250492c41b1544bb6b395c2658cc2f29822
8f24862077717aa659bc9f521e03cd8dbb013fcae88a3eff5a3824a064c92029
935d4bfb2f4ee54774b809787f7911ec5d5a7afa03ac619c025b69ceffec31eb
ab0c17e126740941d90b4b107e8d8a4921098aae1c270c56431632df58b7ae8d
ad50e0a14e698560816e4e7651b3ec00030a6762f0cd1e7d65129d35d57dd0ee
b1d7819f48bf3ee51ed168f9004eb536e92fc70f849927abd51b956e4f3b46b5
b71beafd9c3cebf77852c109fc7dd42fe2ebc9b28dd05f79e74eeac01e61f7e2
b9ccd92da0f2945598b58ab70a3f546117b05134fbda7a6880c8f75f4525e96a
c36a417cd81b93954db0f22246e38502fd43161cd85998517b4fccdcdcd3d491
cbe488c1964ec69fdde236cfedaea189f06458473379151bb3906d82a0ad0dcb
cc94a1b751b15f858cb9db1584c0c8f6d8748d91c1a25110aff5a9c03612dca7
cd4416cba3945c6b99eea4f97a429f8bf6c9c36ef7b0f3d0b4ec18fdbf3e6d0e
cde73a6baae636441a6822dde4a7609d26d76f3d07e172b73e1e88be9f3adff4
d2266622a43270473575ee45cf3b4f7d8d6643fb0734479f85dbc3ae5bbe41ba
d27c8b441cfe7e57d1c74f5ce1c9b00aec8001cb70d34248ec4a2db1cb411b21
dd35a1d6460bc4880c26dbdf7d3bfe216e54d3d84f660e64d73f32d714344803
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
eb4b7a1be5f80c37ac74daa6f20b193b24414f23da856ad2560a0053e65a2cb7
ee54fa5d44125f5804d6a7fcf7930a43c8f9dc18fb63243206d5251bf32dfd0f
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c