notes.io Open in urlscan Pro
2606:4700:3030::ac43:b188 Public Scan

URL:
https://notes.io/XxC7
Submission: On July 19 via manual (July 19th 2021, 5:57:20 am UTC) from VN

Summary HTTP 70 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 24 IPs in 4 countries across 12 domains to perform 70 HTTP transactions. The main IP is 2606:4700:3030::ac43:b188, located in United States and belongs to CLOUDFLARENET, US. The main domain is notes.io.
TLS certificate: Issued by R3 on July 6th 2021. Valid for: 3 months.

This is the only time notes.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
33	2606:4700:303... 2606:4700:3030::ac43:b188	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:a723	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:400c:c08::9c	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
3	185.29.133.223 185.29.133.223	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1	136.243.149.243 136.243.149.243	24940 (HETZNER-AS) (HETZNER-AS)
1	2.18.233.201 2.18.233.201	16625 (AKAMAI-AS) (AKAMAI-AS)
1 4	138.201.84.252 138.201.84.252	24940 (HETZNER-AS) (HETZNER-AS)
1 2	142.250.186.70 142.250.186.70	15169 (GOOGLE) (GOOGLE)
2	85.114.131.234 85.114.131.234	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
70	24

33 2606:4700:3030::ac43:b188 (United States)

ASN13335 (CLOUDFLARENET, US)

notes.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:a723 (United States)

ASN13335 (CLOUDFLARENET, US)

ajax.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9c (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.29.133.223 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)

tags.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 136.243.149.243 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.243.149.243.136.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.233.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 138.201.84.252 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.252.84.201.138.clients.your-server.de

hal900024.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.70 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f6.1e100.net

8019191.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 85.114.131.234 (Schopfheim, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: srv21038.dus4.fastwebserver.de

cdn.contentspread.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
33	notes.io notes.io	269 KB
11	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	178 KB
8	doubleclick.net 2 redirects googleads.g.doubleclick.net stats.g.doubleclick.net 8019191.fls.doubleclick.net	12 KB
5	redintelligence.net 1 redirects hal9000.redintelligence.net hal900024.redintelligence.net	9 KB
4	mathtag.com tags.mathtag.com pixel.mathtag.com	3 KB
4	google.com 1 redirects www.google.com adservice.google.com	937 B
2	contentspread.net cdn.contentspread.net	25 KB
2	googletagservices.com www.googletagservices.com	65 KB
2	google.de www.google.de adservice.google.de	272 B
2	google-analytics.com 1 redirects ssl.google-analytics.com	17 KB
1	googleadservices.com partner.googleadservices.com	655 B
1	cloudflare.com ajax.cloudflare.com	4 KB
70	12

	Domain	Requested by
33	notes.io	notes.io ajax.cloudflare.com
7	pagead2.googlesyndication.com	ajax.cloudflare.com pagead2.googlesyndication.com tpc.googlesyndication.com
5	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
4	hal900024.redintelligence.net	1 redirects googleads.g.doubleclick.net hal900024.redintelligence.net
4	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net
3	tags.mathtag.com	googleads.g.doubleclick.net tags.mathtag.com
2	cdn.contentspread.net	hal900024.redintelligence.net
2	8019191.fls.doubleclick.net	1 redirects notes.io
2	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com 8019191.fls.doubleclick.net
2	www.google.com	1 redirects tpc.googlesyndication.com
2	ssl.google-analytics.com	1 redirects notes.io
1	pixel.mathtag.com	tags.mathtag.com
1	hal9000.redintelligence.net	notes.io
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.google.de
1	stats.g.doubleclick.net	1 redirects
1	ajax.cloudflare.com	notes.io
70	19

This site contains links to these domains. Also see Links.

Domain
directmessage.xyz
www.metromedya.com

Subject Issuer	Validity	Valid
*.notes.io R3	`2021-07-06` - `2021-10-04`	3 months	crt.sh
ajax.cloudflare.com DigiCert ECC Secure Server CA	`2020-08-11` - `2022-08-16`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.mathtag.com DigiCert SHA2 Secure Server CA	`2020-04-15` - `2022-04-22`	2 years	crt.sh
redintelligence.net R3	`2021-06-21` - `2021-09-19`	3 months	crt.sh
pixel.mathtag.com DigiCert SHA2 Secure Server CA	`2021-06-29` - `2022-07-07`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
contentspread.net R3	`2021-06-04` - `2021-09-02`	3 months	crt.sh

This page contains 9 frames:

Primary Page: https://notes.io/XxC7
Frame ID: 154FFBFB977862C6417C9A87DFE4D1A4
Requests: 47 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210712/r20190131/zrt_lookup.html
Frame ID: 90C16D9F8B99D32B9E5D3333DC2307D8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4070502493653474&output=html&h=200&slotname=3868234696&adk=549409105&adf=954533980&pi=t.ma~as.3868234696&w=1200&fwrn=4&lmt=1626674223&rafmt=11&psa=0&format=1200x200&url=https%3A%2F%2Fnotes.io%2FXxC7&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626674223307&bpp=4&bdt=163&idt=112&shv=r20210712&ptt=9&saldr=aa&abxe=1&correlator=6928118977816&frm=20&pv=2&ga_vid=161772118.1626674223&ga_sid=1626674223&ga_hid=955784576&ga_fc=1&rplot=4&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=194&ady=121&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060974%2C31061746&oid=3&pvsid=2986519487515151&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CoeE%7Cp&abl=XS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=oYmpaGumZW&p=https%3A//notes.io&dtd=128
Frame ID: EA6282CF51FD0610516B21B22151D707
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4070502493653474&output=html&h=90&adk=3669304273&adf=1363183586&w=728&lmt=1626674223&psa=0&format=728x90&url=https%3A%2F%2Fnotes.io%2FXxC7&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626674223311&bpp=1&bdt=167&idt=130&shv=r20210712&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x200&correlator=6928118977816&frm=20&pv=1&ga_vid=161772118.1626674223&ga_sid=1626674223&ga_hid=955784576&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=430&ady=1335&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060974%2C31061746&oid=3&pvsid=2986519487515151&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CoeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=XrsYK90wKe&p=https%3A//notes.io&dtd=133
Frame ID: BD9B3C9CDAA21913EBD8CCC8E6CBFC61
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4070502493653474&output=html&adk=1812271804&adf=3025194257&lmt=1626674223&plat=1%3A16809992%2C2%3A16809992%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fnotes.io%2FXxC7&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626674223332&bpp=1&bdt=188&idt=114&shv=r20210712&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x200%2C728x90&nras=1&correlator=6928118977816&frm=20&pv=1&ga_vid=161772118.1626674223&ga_sid=1626674223&ga_hid=955784576&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060974%2C31061746&oid=3&pvsid=2986519487515151&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=118
Frame ID: 48BC9E86F6C87B514A89EDE5ACD97024
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 86E90E52F7E1AC0650EA9B5F1A4BFB8A
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 600534BFC9A874C16F8469117CEA9799
Requests: 1 HTTP requests in this frame

Frame: https://8019191.fls.doubleclick.net/activityi;dc_pre=CO-epNq57vECFVYr4AodsBcMTQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8233090933723.837
Frame ID: C3C5ED0247FBD1BE1E3AE84630562E68
Requests: 2 HTTP requests in this frame

Frame: https://hal900024.redintelligence.net/request_content.php?s=37756700023257700951389011660024&a=da1e7f2d
Frame ID: C764AF8D3C928D04E11EF4E4DD0FB155
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

70
Requests

100 %
HTTPS

72 %
IPv6

12
Domains

19
Subdomains

24
IPs

4
Countries

581 kB
Transfer

1116 kB
Size

1
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: http://directmessage.xyz/
Title:

Search URL Search Domain Scan URL

URL: http://www.metromedya.com/en
Title: Metromedya

Search URL Search Domain Scan URL

URL: http://www.metromedya.com/tr/hizmetlerimiz/ios-uygulama-gelistirme.html
Title: ios uygulama geliştirme

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 37

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1561580327&utmhn=notes.io&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Set%20Kem%20Tr%E1%BB%8B%20N%C3%A1m&utmhid=955784576&utmr=-&utmp=%2FXxC7&utmht=1626674223412&utmac=UA-18039671-1&utmcc=__utma%3D225778053.161772118.1626674223.1626674223.1626674223.1%3B%2B__utmz%3D225778053.1626674223.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1911739031&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-18039671-1&cid=161772118.1626674223&jid=1911739031&_v=5.7.2&z=1561580327 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-18039671-1&cid=161772118.1626674223&jid=1911739031&_v=5.7.2&z=1561580327 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-18039671-1&cid=161772118.1626674223&jid=1911739031&_v=5.7.2&z=1561580327&slf_rd=1&random=3829134629

Request Chain 62

https://hal900024.redintelligence.net/request.php?zone=ajk4xlebn4mw&nw=20&renderingType=javascript&namespace=24c5fc1cc0&subid=&uid=e0911de075dd4578&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=BAAAAAAAAAAAAAAAAAluAA%2F%2F%2F%2F%2F%2F%2BABgCeAJ4Ang&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D1564958194106604084%26mt_id%3D6622332%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D6b1b60f5-142f-4001-a0b0-6b58e2b9cb2b%26mt_cid%3D6b1b60f5-142f-4001-a0b0-6b58e2b9cb2b%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DC7NHmLxT1YKqHHMaz-gaz1JG4DM-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItNDA3MDUwMjQ5MzY1MzQ3NMgBCagDAaoEqAFP0B-DkY7VUCMFwGWwO0CKcp5T6rAzPZ9lzP_I6foi6bKU12KQ91hvL9R3j0ezeQxec7y463tA6JN8vu7cH6W6MNbF8-1x3CetHCJTx2qXswls0c9zyVeRO9ZCjNO6z3J_bBPoUflBW1o3J6nUl6Ic3icqW1RoTXwQqXwpQOkUcMCHhyn3oB8XgfeXM_gc2ETudRPnkY_hBXWqJHz40MjZA40UCyijuY-ABsrr6dDusIOqiQGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0gLWKK3aLhLGI9h9GLHlQXSyapnA%2526client%253Dca-pub-4070502493653474%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fnotes.io%2F&ancestorOrigins=https%3A%2F%2Fnotes.io&random=5127343488226&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal900024.redintelligence.net/request.php?zone=ajk4xlebn4mw&nw=20&renderingType=javascript&namespace=24c5fc1cc0&subid=&uid=e0911de075dd4578&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=BAAAAAAAAAAAAAAAAAluAA%2F%2F%2F%2F%2F%2F%2BABgCeAJ4Ang&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D1564958194106604084%26mt_id%3D6622332%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D6b1b60f5-142f-4001-a0b0-6b58e2b9cb2b%26mt_cid%3D6b1b60f5-142f-4001-a0b0-6b58e2b9cb2b%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DC7NHmLxT1YKqHHMaz-gaz1JG4DM-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItNDA3MDUwMjQ5MzY1MzQ3NMgBCagDAaoEqAFP0B-DkY7VUCMFwGWwO0CKcp5T6rAzPZ9lzP_I6foi6bKU12KQ91hvL9R3j0ezeQxec7y463tA6JN8vu7cH6W6MNbF8-1x3CetHCJTx2qXswls0c9zyVeRO9ZCjNO6z3J_bBPoUflBW1o3J6nUl6Ic3icqW1RoTXwQqXwpQOkUcMCHhyn3oB8XgfeXM_gc2ETudRPnkY_hBXWqJHz40MjZA40UCyijuY-ABsrr6dDusIOqiQGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0gLWKK3aLhLGI9h9GLHlQXSyapnA%2526client%253Dca-pub-4070502493653474%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fnotes.io%2F&ancestorOrigins=https%3A%2F%2Fnotes.io&random=5127343488226&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 63

https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8233090933723.837 HTTP 302
https://8019191.fls.doubleclick.net/activityi;dc_pre=CO-epNq57vECFVYr4AodsBcMTQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8233090933723.837

70 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request XxC7 Show response
notes.io/ 13 KB
5 KB 213ms
152ms Document
text/html 2606:4700:3030::ac43:b188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://notes.io/XxC7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:b188 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.3.20

Resource Hash

543bc5bfa2be2fbfa562f1883e14d73235ca89bf39969296f433d9a2794d4c9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

:method: GET
:authority: notes.io
:scheme: https
:path: /XxC7
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 05:57:03 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.3.20
set-cookie: PHPSESSID=j0amsdb3ae8k3k01npfvfo830f; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
strict-transport-security: max-age=63072000
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wYYjMoxBNgslBVBVhTP4X8pUJhCB632AULasG2Yjek773Noi31fDpuRsTpB%2Foz1FMFv%2BBVz68SM9tgsTK5cSlguq8zkJQD7NxJkybfKJvKqAptH8WP%2BR%2BN1MipNpVniAstnPb8a06g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6711b5c5aab764df-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29 200 notes.min.css
notes.io/theme/styles/ 12 KB
4 KB 58ms
45ms Stylesheet
text/css 2606:4700:3030::ac43:b188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://notes.io/theme/styles/notes.min.css?id=426400214
Requested by: Host: notes.io
URL: https://notes.io/XxC7
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:b188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41fb5e4b3f3c89d790b0421abe2100d6f2ca3260040541dcc965a9d376eff7fb

Request headers

:path: /theme/styles/notes.min.css?id=426400214
pragma: no-cache
cookie: PHPSESSID=j0amsdb3ae8k3k01npfvfo830f
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: notes.io
referer: https://notes.io/XxC7
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://notes.io/XxC7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 05:57:03 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Mon, 10 May 2021 22:52:36 GMT
server: cloudflare
etag: W/"6099b934-2e85"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oorT%2Be58mqqq8ZvQYYjw5aDtl4sufNCnKbH6xy6FXr7rDQjRHdh9BsqV4q%2Bz%2BxDPggSpsuTrWNpZMR6EihguXnVQPDuySPUc9cJ7vqM5R82KYnuWwWAyV4mIkIZucQa4Sv%2BUiN66Mg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000, no-transform
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 6711b5c6bf3705f5-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
expires: Tue, 19 Jul 2022 05:57:03 GMT

GET
H3-29 200 whatisnotesio.png
notes.io/theme/images/ 2 KB
3 KB 26ms
13ms Image
image/png 2606:4700:3030::ac43:b188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://notes.io/theme/images/whatisnotesio.png
Requested by: Host: notes.io
URL: https://notes.io/XxC7
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:b188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 158f11817e30926c37f49be07c92f1135b1c01c44da92cdf6f8255a93304b75c

Request headers

:path: /theme/images/whatisnotesio.png
pragma: no-cache
cookie: PHPSESSID=j0amsdb3ae8k3k01npfvfo830f
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: notes.io
referer: https://notes.io/XxC7
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://notes.io/XxC7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 05:57:03 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2564357
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 2110
last-modified: Fri, 21 Feb 2020 23:16:01 GMT
server: cloudflare
etag: "5e5064b1-83e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BvsclOfEENJ4YZ3mVoOHknYLou4zQPi0hwQceDe0ZRUSrKdqZkgwvLfaN5oQgNvK7587jkAHg%2FH2coA0SCvQjhFQhzdzb%2FzVdHfRzG05IjNpFtCIhR4CqNpetKVZzPT89gkAKu%2FoJA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000, no-transform
accept-ranges: bytes
cf-ray: 6711b5c6bf2905f5-FRA
expires: Sun, 19 Jun 2022 13:37:46 GMT

GET
H3-29 200 logo.png
notes.io/theme/images/ 7 KB
8 KB 24ms
12ms Image
image/png 2606:4700:3030::ac43:b188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://notes.io/theme/images/logo.png
Requested by: Host: notes.io
URL: https://notes.io/XxC7
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:b188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 77958bf68663ac66add06e72ec2e94521f8d709fda64ebe3b8fa60fb22e46b7f

Request headers

:path: /theme/images/logo.png
pragma: no-cache
cookie: PHPSESSID=j0amsdb3ae8k3k01npfvfo830f
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: notes.io
referer: https://notes.io/XxC7
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://notes.io/XxC7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 05:57:03 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2564357
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 7639
last-modified: Fri, 21 Feb 2020 23:11:38 GMT
server: cloudflare
etag: "5e5063aa-1dd7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P6rki3XldPu4sbaBeq6K9i0NZig2zZ70Sg44NSkCh9oG3B1F03rRa2sSmK6ddhspgOxPF0KU8%2BY0RxwqcX2WRCaMYW7FDXy6Mm2oqOcV5CHMDJpOXwbN0xrQAgKFh2Ya9pmf44IQUg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000, no-transform
accept-ranges: bytes
cf-ray: 6711b5c6bf2d05f5-FRA
expires: Sun, 19 Jun 2022 13:37:46 GMT

GET
H3-29 200 fastEasyShort.png
notes.io/theme/images/ 1 KB
2 KB 43ms
32ms Image
image/png 2606:4700:3030::ac43:b188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://notes.io/theme/images/fastEasyShort.png
Requested by: Host: notes.io
URL: https://notes.io/XxC7
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:b188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db07a0f9d2bfd471742e819ccd161fb39a71cf278bf7c8e8e28a874986cf7ed3

Request headers

:path: /theme/images/fastEasyShort.png
pragma: no-cache
cookie: PHPSESSID=j0amsdb3ae8k3k01npfvfo830f
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: notes.io
referer: https://notes.io/XxC7
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://notes.io/XxC7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 05:57:03 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2564357
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 1353
last-modified: Mon, 24 Feb 2020 22:01:03 GMT
server: cloudflare
etag: "5e54479f-549"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pxSBvUt62AD2sey0K05AHV%2Bh66gz%2Fli5QvM4NoZLSlDEPJLu6Sxd3KP1pYNcLquU27YK4GU15H%2B%2FKzIYOnM1B95HOmGH8IWsS2LEQ%2F1PUtKm2U0dq0Gq%2FA%2BEbJZl6EQRpnlfqbcFXA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000, no-transform
accept-ranges: bytes
cf-ray: 6711b5c6bf3205f5-FRA
expires: Sun, 19 Jun 2022 13:37:46 GMT

GET
H3-29 200 background.jpg
notes.io/theme/images/ 96 KB
97 KB 27ms
16ms Image
image/jpeg 2606:4700:3030::ac43:b188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://notes.io/theme/images/background.jpg
Requested by: Host: notes.io
URL: https://notes.io/XxC7
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:b188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2c7700b4f17c98726894ffd50bbb33856f758fc61f90ad86829ce84db18e1b10

Request headers

:path: /theme/images/background.jpg
pragma: no-cache
cookie: PHPSESSID=j0amsdb3ae8k3k01npfvfo830f
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: notes.io
referer: https://notes.io/XxC7
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://notes.io/XxC7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 05:57:03 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2564357
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 98299
last-modified: Fri, 21 Feb 2020 23:11:10 GMT
server: cloudflare
etag: "5e50638e-17ffb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r694PnKr2RYp1bi7P9azqv%2BkJ07cTvxKa76eht9JbuITjGoJbsSgq%2B%2BpuxEAU%2FfhnyqZapWUht6B8MZRo8fsUbBisnQ4VLbi3O%2FnU7THBFP4Oi0uD7EFsUZ31xm2exWCiJ3OW5C6WA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000, no-transform
accept-ranges: bytes
cf-ray: 6711b5c6bf3105f5-FRA
expires: Sun, 19 Jun 2022 13:37:46 GMT

GET
H3-29 200 ajax-loader.gif
notes.io/theme/images/ 2 KB
2 KB 44ms
32ms Image
image/gif 2606:4700:3030::ac43:b188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://notes.io/theme/images/ajax-loader.gif
Requested by: Host: notes.io
URL: https://notes.io/XxC7
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:b188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db2ba4889dd6b787459213e432032ea294061cedf2b335b423c93e923d36472a

Request headers

:path: /theme/images/ajax-loader.gif
pragma: no-cache
cookie: PHPSESSID=j0amsdb3ae8k3k01npfvfo830f
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: notes.io
referer: https://notes.io/XxC7
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://notes.io/XxC7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 05:57:03 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2564357
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 1785
last-modified: Fri, 21 Feb 2020 23:16:02 GMT
server: cloudflare
etag: "5e5064b2-6f9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E1YoSWlhTIlagaX1fmGp6XYgmF0BYq162LP%2FkKJZ7ydP8cJl3a0G3%2Bxbzfh%2BMerlYhqB8TA7y8txRWtV4M9ujuhSh3RxZzxsK%2Fj6rL9fDkGfBtOiX7uAbYwpLsC2DMDx1Dn7PcdqSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=31536000, no-transform
accept-ranges: bytes
cf-ray: 6711b5c6bf3305f5-FRA
expires: Sun, 19 Jun 2022 13:37:46 GMT

GET
H3-29 200 directMessageBanner.jpg
notes.io/theme/banners/ 61 KB
62 KB 30ms
19ms Image
image/jpeg 2606:4700:3030::ac43:b188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://notes.io/theme/banners/directMessageBanner.jpg
Requested by: Host: notes.io
URL: https://notes.io/XxC7
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:b188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 98f55ac24900e07eacb9ba779ad017a5120824c93b3b9788ae44d49b395c3542

Request headers

:path: /theme/banners/directMessageBanner.jpg
pragma: no-cache
cookie: PHPSESSID=j0amsdb3ae8k3k01npfvfo830f
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: notes.io
referer: https://notes.io/XxC7
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://notes.io/XxC7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 05:57:03 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2564357
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 62530
last-modified: Thu, 06 May 2021 21:23:20 GMT
server: cloudflare
etag: "60945e48-f442"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xEkmKcUoTzGwcJb0rYDt8fy3UN6LhioxcY%2FWgD3erqETKBsxFhm4XU0ruqIMiJSe3mBZrQidsCKZmHJD8zn12c0Bdrm%2F2st8IXywG%2FmTbKHsbgaLBrqNf2ftW4sPtT6HXyHeBmR9lQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000, no-transform
accept-ranges: bytes
cf-ray: 6711b5c6bf3405f5-FRA
expires: Sun, 19 Jun 2022 13:37:46 GMT

GET
H3-29 200 email-decode.min.js Show response
notes.io/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 22ms
10ms Script
application/javascript 2606:4700:3030::ac43:b188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://notes.io/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: notes.io
URL: https://notes.io/XxC7

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:b188 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

:path: /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
pragma: no-cache
cookie: PHPSESSID=j0amsdb3ae8k3k01npfvfo830f
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: notes.io
referer: https://notes.io/XxC7
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://notes.io/XxC7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 05:57:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to":"cf-nel","max_age":604800}
cf-request-id: 0b5eeff037000005f50d832000000001
last-modified: Tue, 13 Jul 2021 12:14:54 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"60ed83be-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YPbNYuKYx53jkfKYhnUQMu8PmMEkhyKw%2BVDdXcSdz3dJGvLhdZcuL5m86KwldpI7TZyMMyeEtz7GFdR%2BLR9HEFMJWGnloVSsfSclE2eBGhhZHbFkLGxj5zxb2lXcrYKHCC%2Blm3Of5w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800 public
cf-ray: 6711b5c6bf2f05f5-FRA
expires: Wed, 21 Jul 2021 05:57:03 GMT

GET
H2 200 rocket-loader.min.js Show response
ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 32ms
16ms Script
application/javascript 2606:4700::6810:a723
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: notes.io
URL: https://notes.io/XxC7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:a723 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://notes.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 05:57:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-request-id: 0b5eeff03c00004aaa6f923000000001
last-modified: Tue, 13 Jul 2021 12:14:54 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"60ed83be-302c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1ToqDiZwo4XFgahxRQvt36GFDbqkTyGT9SOth25wtxBMSPPoxuDLSkc%2BUWcUvM8mYIB4UIWlqy%2BCnCsMFV2vBAJ0MKgjfUWlffpFamYtMehNLeLd7%2B%2BCnJ%2BeEkQj2Hgyuu3d1nEmFgY14l9A3%2BIqY%2FM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 6711b5c6c8084aaa-FRA
expires: Wed, 21 Jul 2021 05:57:03 GMT

GET
H3-29 200 notes.min.js Show response
notes.io/theme/scripts/ 6 KB
6 KB 18ms
17ms Script
application/javascript 2606:4700:3030::ac43:b188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://notes.io/theme/scripts/notes.min.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:b188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 210ce18fc43f351e1779820524493a298b577ff52fbcf977c89e16c40c6b5174

Request headers

:path: /theme/scripts/notes.min.js
pragma: no-cache
cookie: PHPSESSID=j0amsdb3ae8k3k01npfvfo830f
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: notes.io
referer: https://notes.io/XxC7
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://notes.io/XxC7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 05:57:03 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2564356
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 5783
last-modified: Wed, 29 Apr 2020 19:15:23 GMT
server: cloudflare
etag: "5ea9d24b-1697"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EA6ubiKhf0CnaEr7fezYlko9veeEChZmXUP7WabRYE7x2Gl73fEgkLgUWr5XSaut6qSBD7UJJ6ZA2cQhJR3FETNau0yL%2Bygx8D%2FZOG6GfqsxmVu%2B7LT%2F7Jro%2BPtYou7WIwiiEkuIEg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000, no-transform
accept-ranges: bytes
cf-ray: 6711b5c71fcd05f5-FRA
expires: Sun, 19 Jun 2022 13:37:47 GMT

GET
H3-29 200 jquery.min.js Show response
notes.io/theme/scripts/ 95 KB
39 KB 19ms
18ms Script
application/javascript 2606:4700:3030::ac43:b188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://notes.io/theme/scripts/jquery.min.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:b188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Request headers

:path: /theme/scripts/jquery.min.js
pragma: no-cache
cookie: PHPSESSID=j0amsdb3ae8k3k01npfvfo830f
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: notes.io
referer: https://notes.io/XxC7
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://notes.io/XxC7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 05:57:03 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2564356
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Sun, 26 Apr 2020 11:31:24 GMT
server: cloudflare
etag: W/"5ea5710c-17b8b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OkhJE%2B31YIAntsdDg5Y3wuJgGIvI%2F5AdBd1EJngozw%2BqGKQasfYobv81z5UMJN6%2FyDv%2Btqd3SKo9P008Mi2%2BoaWl%2FJMm7%2FxN%2BtvR0fjrNMdLeW2ZPhspwCWjSwWLg%2FwQ1oHt%2FmwoFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000, no-transform
cf-ray: 6711b5c71fd105f5-FRA
expires: Sun, 19 Jun 2022 13:37:47 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 134 KB
47 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d913d2d33b32c6160975927f9e93f810f92893e70771aefc39fbb9b3cdcf4629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://notes.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 05:57:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48400
x-xss-protection: 0
server: cafe
etag: 844313424305932230
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 19 Jul 2021 05:57:03 GMT

GET
H3-29 200 barsol.png
notes.io/theme/images/ 264 B
883 B 15ms
14ms Image
image/png 2606:4700:3030::ac43:b188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://notes.io/theme/images/barsol.png
Requested by: Host: notes.io
URL: https://notes.io/theme/styles/notes.min.css?id=426400214
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:b188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 57aceb6d03b2c079e742658b4e52b8ecd9ba903302c4c43a661b071941b01c4c

Request headers

:path: /theme/images/barsol.png
pragma: no-cache
cookie: PHPSESSID=j0amsdb3ae8k3k01npfvfo830f
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: notes.io
referer: https://notes.io/theme/styles/notes.min.css?id=426400214
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://notes.io/theme/styles/notes.min.css?id=426400214
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 05:57:03 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2564356
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 264
last-modified: Fri, 21 Feb 2020 23:28:32 GMT
server: cloudflare
etag: "5e5067a0-108"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uQFOv39rpSxBek0DZbJcEohUmzx6QivL9PJXUjE7CSvq9kkfD%2F0tg2Z7pP0vWbHBKj9D%2F3v3JClHzAoFIYZfSHZABXQ4BdvDV6q85TEpQ0BYopLmlSgfjbPwrwcbZzMMjz09XMwyAA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000, no-transform
accept-ranges: bytes
cf-ray: 6711b5c71fd505f5-FRA
expires: Sun, 19 Jun 2022 13:37:47 GMT

GET
H3-29 200 barback.png
notes.io/theme/images/ 133 B
758 B 15ms
15ms Image
image/png 2606:4700:3030::ac43:b188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://notes.io/theme/images/barback.png
Requested by: Host: notes.io
URL: https://notes.io/theme/styles/notes.min.css?id=426400214
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:b188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd1e65fd03eb5e219a3ea73711a044bbdba580de75e7d0108bc2ce2a99fd73fe

Request headers

:path: /theme/images/barback.png
pragma: no-cache
cookie: PHPSESSID=j0amsdb3ae8k3k01npfvfo830f
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: notes.io
referer: https://notes.io/theme/styles/notes.min.css?id=426400214
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://notes.io/theme/styles/notes.min.css?id=426400214
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 05:57:03 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2564356
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 133
last-modified: Fri, 21 Feb 2020 23:28:32 GMT
server: cloudflare
etag: "5e5067a0-85"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RBbZdFbLzHe5USHt2MvOjHOPdhlLQk2JYEykwhaTWO1TTmQsafIFovFyev6GM4bCeMTVIsDWJlshvX%2Fhn0xKb3X6Ul8pBU%2B%2FXpQE1%2FOQltmBWLyW%2FJebg%2FqYQWzOy%2F676szyBHcbRg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000, no-transform
accept-ranges: bytes
cf-ray: 6711b5c71fd705f5-FRA
expires: Sun, 19 Jun 2022 13:37:47 GMT

GET
H3-29 200 share.png
notes.io/theme/images/ 4 KB
5 KB 13ms
13ms Image
image/png 2606:4700:3030::ac43:b188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://notes.io/theme/images/share.png
Requested by: Host: notes.io
URL: https://notes.io/theme/styles/notes.min.css?id=426400214
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:b188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3147c480445ad3bf877b6e076da47127603baee9a754095cc854f1a281ca6b2e

Request headers

:path: /theme/images/share.png
pragma: no-cache
cookie: PHPSESSID=j0amsdb3ae8k3k01npfvfo830f
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: notes.io
referer: https://notes.io/theme/styles/notes.min.css?id=426400214
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://notes.io/theme/styles/notes.min.css?id=426400214
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 05:57:03 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2563966
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 4346
last-modified: Fri, 21 Feb 2020 23:15:56 GMT
server: cloudflare
etag: "5e5064ac-10fa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6dEM9mDsWxI0oOyLmL9mewAwSkogf4LtqMpGOjepLEPhCKvxyCZ%2Ff8EAjvZQl%2Bo3KL37C%2FhXjJTG2FjYNdR%2F1MTwXGR0rY0lVtDb5fUddFPtjVI0GcG%2Fn%2BeNyeysdCn%2BQ8ZW%2Btfwqg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000, no-transform
accept-ranges: bytes
cf-ray: 6711b5c71fda05f5-FRA
expires: Sun, 19 Jun 2022 13:44:17 GMT

GET
H3-29 200 comingsoon.png
notes.io/theme/images/ 9 KB
9 KB 20ms
18ms Image
image/png 2606:4700:3030::ac43:b188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://notes.io/theme/images/comingsoon.png
Requested by: Host: notes.io
URL: https://notes.io/theme/styles/notes.min.css?id=426400214
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:b188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b90953c3a08c054df1002a0fca03d4492ea719aac257f000706550a0a2011b7e

Request headers

:path: /theme/images/comingsoon.png
pragma: no-cache
cookie: PHPSESSID=j0amsdb3ae8k3k01npfvfo830f
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: notes.io
referer: https://notes.io/theme/styles/notes.min.css?id=426400214
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://notes.io/theme/styles/notes.min.css?id=426400214
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 05:57:03 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2564356
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 8972
last-modified: Fri, 21 Feb 2020 23:15:55 GMT
server: cloudflare
etag: "5e5064ab-230c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=22sx94W8L8MFHIpS1NMYYDxJrR3gsbU8M13rj5cwgSySFsiMs3DdONrSrDE%2FCzLnDTYJ9%2B9WsTVSjzIfqC0ZwftEYpqy%2BQK1%2F2af%2BIHgkr1LvsLZm12pWJxGoE8ha6h7xTdu5CL4Lg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000, no-transform
accept-ranges: bytes
cf-ray: 6711b5c71fe905f5-FRA
expires: Sun, 19 Jun 2022 13:37:47 GMT

GET
H3-29 200 account.png
notes.io/theme/images/ 4 KB
5 KB 17ms
15ms Image
image/png 2606:4700:3030::ac43:b188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://notes.io/theme/images/account.png
Requested by: Host: notes.io
URL: https://notes.io/theme/styles/notes.min.css?id=426400214
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:b188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a895770cc52fa3e5f4a67694a21f9c6eb0809e4b95b769d0d8237c0f424c42f

Request headers

:path: /theme/images/account.png
pragma: no-cache
cookie: PHPSESSID=j0amsdb3ae8k3k01npfvfo830f
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: notes.io
referer: https://notes.io/theme/styles/notes.min.css?id=426400214
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://notes.io/theme/styles/notes.min.css?id=426400214
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 05:57:03 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2564356
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 4421
last-modified: Fri, 21 Feb 2020 23:15:56 GMT
server: cloudflare
etag: "5e5064ac-1145"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0KjdeD%2F7DOogT%2FxeRSyAfmTQ0nboHOZRLaiOphgt2Q3QUMFsQlBTREjd9Q9MEX2QXL%2BHu3lv3BZQTxyJpVcfPfTMDsiX5L5awX%2Bt%2Bvh5NJuw89N4vtAFynC7VjJMfMPcD%2BYtXIMLjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000, no-transform
accept-ranges: bytes
cf-ray: 6711b5c71fec05f5-FRA
expires: Sun, 19 Jun 2022 13:37:47 GMT

GET
H3-29 200 myNotes.png
notes.io/theme/images/ 5 KB
5 KB 16ms
14ms Image
image/png 2606:4700:3030::ac43:b188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://notes.io/theme/images/myNotes.png
Requested by: Host: notes.io
URL: https://notes.io/theme/styles/notes.min.css?id=426400214
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:b188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 789882a15d9931a084d417b8ee65bfc323cd64013ef79a781aaea66ec07dee2f

Request headers

:path: /theme/images/myNotes.png
pragma: no-cache
cookie: PHPSESSID=j0amsdb3ae8k3k01npfvfo830f
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: notes.io
referer: https://notes.io/theme/styles/notes.min.css?id=426400214
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://notes.io/theme/styles/notes.min.css?id=426400214
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 05:57:03 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2564356
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 5012
last-modified: Fri, 21 Feb 2020 23:15:56 GMT
server: cloudflare
etag: "5e5064ac-1394"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cyPGxkxnYdqtSUIMqu7uk54wih2gO0WC4smFD3CkFvTsHBmx2xbMf6b%2BNjtjiZ3aVOEj6sPkM6qb1XVgZoJYOjtP7IJ26I8hYEiHHzZfwA5Ox7OcBWUmzSww4q7z1k1aKM1cWW%2FgTw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000, no-transform
accept-ranges: bytes
cf-ray: 6711b5c71fee05f5-FRA
expires: Sun, 19 Jun 2022 13:37:47 GMT

GET
H3-29 200 barsag.png
notes.io/theme/images/ 281 B
899 B 18ms
16ms Image
image/png 2606:4700:3030::ac43:b188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://notes.io/theme/images/barsag.png
Requested by: Host: notes.io
URL: https://notes.io/theme/styles/notes.min.css?id=426400214
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:b188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42ae8ff6ab42a1788012299b4be64fa1571d1eab8c6d66be656d02ff10d4285e

Request headers

:path: /theme/images/barsag.png
pragma: no-cache
cookie: PHPSESSID=j0amsdb3ae8k3k01npfvfo830f
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: notes.io
referer: https://notes.io/theme/styles/notes.min.css?id=426400214
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://notes.io/theme/styles/notes.min.css?id=426400214
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 05:57:03 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2564356
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 281
last-modified: Fri, 21 Feb 2020 23:28:32 GMT
server: cloudflare
etag: "5e5067a0-119"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gGlMwnqKFJyfKuIMRaYCw%2BW%2B0GOjRl7IC58v9rWQDVZZ9xeAiNo0TiJX3v0UpCBNixYfnoUDUNP%2BXB8IXK2XEFWEruL8YPuZ2BAHi5IT0bmcbHVLAHlkcLpSANtf9j9dHyJ6yZ5cvg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000, no-transform
accept-ranges: bytes
cf-ray: 6711b5c71ff005f5-FRA
expires: Sun, 19 Jun 2022 13:37:47 GMT

GET
H3-29 200 notespageback.png
notes.io/theme/images/ 94 B
714 B 19ms
17ms Image
image/png 2606:4700:3030::ac43:b188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://notes.io/theme/images/notespageback.png
Requested by: Host: notes.io
URL: https://notes.io/theme/styles/notes.min.css?id=426400214
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:b188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afb2ca57a17df4ec594641ffa0ed6410fb85d072e8105affb26f03811edaafb3

Request headers

:path: /theme/images/notespageback.png
pragma: no-cache
cookie: PHPSESSID=j0amsdb3ae8k3k01npfvfo830f
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: notes.io
referer: https://notes.io/theme/styles/notes.min.css?id=426400214
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://notes.io/theme/styles/notes.min.css?id=426400214
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 05:57:03 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2564356
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 94
last-modified: Fri, 21 Feb 2020 23:28:32 GMT
server: cloudflare
etag: "5e5067a0-5e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M7sq0flEaK0R2RB%2F5aeXNGmRYeR2NjtYTgJTu7ieUvfRKxlQhXr5VSrN%2BMmGdDaM1ILlJY8fc7%2FiSOXsfPYx1rIDA%2FhY40GuB4%2BwhjecGable3Zx%2Boa4sNRq62vURqWlRtUSuOBujA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000, no-transform
accept-ranges: bytes
cf-ray: 6711b5c71ff205f5-FRA
expires: Sun, 19 Jun 2022 13:37:47 GMT

GET
H3-29 200 notesline.png
notes.io/theme/images/ 157 B
772 B 17ms
15ms Image
image/png 2606:4700:3030::ac43:b188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://notes.io/theme/images/notesline.png
Requested by: Host: notes.io
URL: https://notes.io/theme/styles/notes.min.css?id=426400214
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:b188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 242ed9a2483dd9ea5f4173423d8a721d1951f2e69d88d53bb6f6da4c3b003468

Request headers

:path: /theme/images/notesline.png
pragma: no-cache
cookie: PHPSESSID=j0amsdb3ae8k3k01npfvfo830f
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: notes.io
referer: https://notes.io/theme/styles/notes.min.css?id=426400214
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://notes.io/theme/styles/notes.min.css?id=426400214
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 05:57:03 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2564356
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 157
last-modified: Fri, 21 Feb 2020 23:28:32 GMT
server: cloudflare
etag: "5e5067a0-9d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UXcEgtM4WcesyTQPAGT2vxG5Qa1XhOnDhaaeL3bDIPU4KpxxxUqPZ%2BVoTGOOVAdpsnLseGmZpJe5aZueBad1g0nQVheCRWGoDQgcFg1lkWR2LEqWIY7GFtYDKCTiDVWDbZdfpEZxrw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000, no-transform
accept-ranges: bytes
cf-ray: 6711b5c71ff305f5-FRA
expires: Sun, 19 Jun 2022 13:37:47 GMT

GET
H3-29 200 notespagebottom1.png
notes.io/theme/images/ 371 B
991 B 16ms
14ms Image
image/png 2606:4700:3030::ac43:b188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://notes.io/theme/images/notespagebottom1.png
Requested by: Host: notes.io
URL: https://notes.io/theme/styles/notes.min.css?id=426400214
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:b188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df720775feafe2fbda5ed706fa3a22baaadb1f49a20089426426ee159dfda16e

Request headers

:path: /theme/images/notespagebottom1.png
pragma: no-cache
cookie: PHPSESSID=j0amsdb3ae8k3k01npfvfo830f
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: notes.io
referer: https://notes.io/theme/styles/notes.min.css?id=426400214
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://notes.io/theme/styles/notes.min.css?id=426400214
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 05:57:03 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2564356
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 371
last-modified: Fri, 21 Feb 2020 23:28:50 GMT
server: cloudflare
etag: "5e5067b2-173"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LqEnlGCdQZN4Vg28idykl6gCYCq%2BdMQ%2FclewLhPmlqvv75lecu%2BYlWVaxyu37J2Dc6zyjVwEE13N2CXQvEDpE5pK2LaCjWkb0a0I6iyYJr8uPjw%2BEUblWRZuMhQGbNRDcrZwjKz7lA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000, no-transform
accept-ranges: bytes
cf-ray: 6711b5c71ff505f5-FRA
expires: Sun, 19 Jun 2022 13:37:47 GMT

GET
H3-29 200 notespagebottom2.png
notes.io/theme/images/ 91 B
705 B 19ms
18ms Image
image/png 2606:4700:3030::ac43:b188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://notes.io/theme/images/notespagebottom2.png
Requested by: Host: notes.io
URL: https://notes.io/theme/styles/notes.min.css?id=426400214
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:b188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a88d92e2876436beeb002b35dd4161535db42e6dd90ebd024ee57e96133fee01

Request headers

:path: /theme/images/notespagebottom2.png
pragma: no-cache
cookie: PHPSESSID=j0amsdb3ae8k3k01npfvfo830f
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: notes.io
referer: https://notes.io/theme/styles/notes.min.css?id=426400214
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://notes.io/theme/styles/notes.min.css?id=426400214
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 05:57:03 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2564356
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 91
last-modified: Fri, 21 Feb 2020 23:28:32 GMT
server: cloudflare
etag: "5e5067a0-5b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ssl6TMqOL6iaUjSl%2F7TePq4mMXmxI%2FFZX2r0rysRIkMnbO582RnBpjqwzY96xGkR1hUk1ESi6Scuqw%2F07LSCstTcb48fetQsY02y2srP3VioPsJ5Zd6IbopFXtAhotgNbgTzBMOdpA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000, no-transform
accept-ranges: bytes
cf-ray: 6711b5c71ff705f5-FRA
expires: Sun, 19 Jun 2022 13:37:47 GMT

GET
H3-29 200 notespagebottom3.png
notes.io/theme/images/ 304 B
928 B 16ms
15ms Image
image/png 2606:4700:3030::ac43:b188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://notes.io/theme/images/notespagebottom3.png
Requested by: Host: notes.io
URL: https://notes.io/theme/styles/notes.min.css?id=426400214
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:b188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75913336756871c8e107493ce476f32784b526d5431dca6cddd8a9c4eb383006

Request headers

:path: /theme/images/notespagebottom3.png
pragma: no-cache
cookie: PHPSESSID=j0amsdb3ae8k3k01npfvfo830f
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: notes.io
referer: https://notes.io/theme/styles/notes.min.css?id=426400214
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://notes.io/theme/styles/notes.min.css?id=426400214
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 05:57:03 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2564356
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 304
last-modified: Fri, 21 Feb 2020 23:28:50 GMT
server: cloudflare
etag: "5e5067b2-130"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xoDV7ml11FpZ%2FjT0Jkw7lhfZX%2Fa4R6GDQ%2FnUW6JrY%2BkUlvDOkZEach2%2FZaYPPQvNYzjEJtZysW9t95tDAZbLevJ9kSGCietKLV9HybMW7QaCTIAaFyY4VP6ONWVH6eO66C%2FFOdPVIA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000, no-transform
accept-ranges: bytes
cf-ray: 6711b5c71ff905f5-FRA
expires: Sun, 19 Jun 2022 13:37:47 GMT

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210712/r20190131/ 244 KB
90 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210712/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4070502493653474&plah=notes.io&amaexp=1&bust=exp%3D31061746

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e5ecfcec3e27fe9897118aabcbd06b14a055e27fdff3fbfd82e4b35336c3f7fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://notes.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 05:57:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 92395
x-xss-protection: 0
server: cafe
etag: 7826786853314341384
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 19 Jul 2021 05:57:03 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210712/r20190131/ Frame 90C1 10 KB
5 KB 6ms
5ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210712/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

20b3bad1427e2212dd847357841f993f025b5061c4af1d382dcc727e102cc1e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210712/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://notes.io/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://notes.io/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 19 Jul 2021 03:29:55 GMT
expires: Mon, 02 Aug 2021 03:29:55 GMT
content-type: text/html; charset=UTF-8
etag: 15579341980913220427
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4579
x-xss-protection: 0
age: 8828
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 31ms
4ms Script
text/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: notes.io
URL: https://notes.io/XxC7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://notes.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Jun 2021 17:36:57 GMT
server: Golfe2
age: 4509
date: Mon, 19 Jul 2021 04:41:54 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Mon, 19 Jul 2021 06:41:54 GMT

GET
H3-29 200 1.png
notes.io/theme/images/messagebox/ 210 B
833 B 14ms
13ms Image
image/png 2606:4700:3030::ac43:b188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://notes.io/theme/images/messagebox/1.png
Requested by: Host: notes.io
URL: https://notes.io/theme/styles/notes.min.css?id=426400214
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:b188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f5eb697ffa5c4ba8a2c5badd8ab713a612934c1e0e54f57e082b3ba736a83f51

Request headers

:path: /theme/images/messagebox/1.png
pragma: no-cache
cookie: PHPSESSID=j0amsdb3ae8k3k01npfvfo830f
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: notes.io
referer: https://notes.io/theme/styles/notes.min.css?id=426400214
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://notes.io/theme/styles/notes.min.css?id=426400214
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 05:57:03 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2564355
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 210
last-modified: Fri, 21 Feb 2020 23:15:11 GMT
server: cloudflare
etag: "5e50647f-d2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jy%2B0IBllkLAlLNCHein01tFnIFe%2BHyRbMLhzjF%2Bwq8ixCzNv3hZaN5xLJ5xZwQrVc5rBlW5%2BNwjlxqA2nkuYZe5qDiE7yXrVrM9HsvvVW0wmgZo7ArwHHIYrfrGYDA5I%2Fyt%2BxXyYPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000, no-transform
accept-ranges: bytes
cf-ray: 6711b5c7d97d05f5-FRA
expires: Sun, 19 Jun 2022 13:37:48 GMT

GET
H3-29 200 2.png
notes.io/theme/images/messagebox/ 84 B
696 B 15ms
15ms Image
image/png 2606:4700:3030::ac43:b188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://notes.io/theme/images/messagebox/2.png
Requested by: Host: notes.io
URL: https://notes.io/theme/styles/notes.min.css?id=426400214
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:b188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b90937bdac082504869f2e7f5ab0cdae955ca4081694733ffd27a521e90dbaf

Request headers

:path: /theme/images/messagebox/2.png
pragma: no-cache
cookie: PHPSESSID=j0amsdb3ae8k3k01npfvfo830f
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: notes.io
referer: https://notes.io/theme/styles/notes.min.css?id=426400214
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://notes.io/theme/styles/notes.min.css?id=426400214
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 05:57:03 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2564355
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 84
last-modified: Fri, 21 Feb 2020 23:15:12 GMT
server: cloudflare
etag: "5e506480-54"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HHIpJdWFSLQIuZd9cNc1NGIve4ATW6hFUpQcYrqTgRBkJ3Q2wAKuuSO3ggmH78a0q5Qf2N6bZJn09IGgFzrFwORbLO0naMa34GhvbprqGNZqBd4KP37tJ6y69TyjptwwRnsSz2R48A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000, no-transform
accept-ranges: bytes
cf-ray: 6711b5c7d97e05f5-FRA
expires: Sun, 19 Jun 2022 13:37:48 GMT

GET
H3-29 200 closeBTN.png
notes.io/theme/images/messagebox/ 925 B
2 KB 12ms
12ms Image
image/png 2606:4700:3030::ac43:b188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://notes.io/theme/images/messagebox/closeBTN.png
Requested by: Host: notes.io
URL: https://notes.io/theme/styles/notes.min.css?id=426400214
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:b188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53e69dacf2d972a15757ffbc6d4079e8a0279bdc7b688e48ff1149f32bcaea0f

Request headers

:path: /theme/images/messagebox/closeBTN.png
pragma: no-cache
cookie: PHPSESSID=j0amsdb3ae8k3k01npfvfo830f
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: notes.io
referer: https://notes.io/theme/styles/notes.min.css?id=426400214
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://notes.io/theme/styles/notes.min.css?id=426400214
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 05:57:03 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2564355
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 925
last-modified: Fri, 21 Feb 2020 23:15:13 GMT
server: cloudflare
etag: "5e506481-39d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hg1triKFKJvpUau43wb11%2BSzW82WPX3%2FQIE1OnhQeOe0Sku7hzErfaty48vqqvGQuRJu10mzvvJyxOOYca6Z59ie7ogCpujLm12Dcil2VrX20btFEYbifneTysM1p%2F7ZqQSN9yAVIg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000, no-transform
accept-ranges: bytes
cf-ray: 6711b5c7d97f05f5-FRA
expires: Sun, 19 Jun 2022 13:37:48 GMT

GET
H3-29 200 3.png
notes.io/theme/images/messagebox/ 216 B
838 B 14ms
13ms Image
image/png 2606:4700:3030::ac43:b188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://notes.io/theme/images/messagebox/3.png
Requested by: Host: notes.io
URL: https://notes.io/theme/styles/notes.min.css?id=426400214
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:b188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb00fe51694e9a062bdd78d55e256b8b9b512907f1f886c952b1e6184fa4f3f4

Request headers

:path: /theme/images/messagebox/3.png
pragma: no-cache
cookie: PHPSESSID=j0amsdb3ae8k3k01npfvfo830f
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: notes.io
referer: https://notes.io/theme/styles/notes.min.css?id=426400214
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://notes.io/theme/styles/notes.min.css?id=426400214
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 05:57:03 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2564355
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 216
last-modified: Fri, 21 Feb 2020 23:15:12 GMT
server: cloudflare
etag: "5e506480-d8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YDS%2BuZ1m0TCApzmMniJ1OVFWuWqhc8NuhZhNgJ3S8wSPLFwmhwBNgAwqpV5c8Nm2Sz%2F9cf8%2BdF0tob4KkmrZ%2BVIF3ow31%2BddbWMn3nTEL1n%2B2OXKWxS5J83PY9u%2FRcUuACGbU5zfPA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000, no-transform
accept-ranges: bytes
cf-ray: 6711b5c7d98305f5-FRA
expires: Sun, 19 Jun 2022 13:37:48 GMT

GET
H3-29 200 4.png
notes.io/theme/images/messagebox/ 80 B
701 B 15ms
14ms Image
image/png 2606:4700:3030::ac43:b188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://notes.io/theme/images/messagebox/4.png
Requested by: Host: notes.io
URL: https://notes.io/theme/styles/notes.min.css?id=426400214
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:b188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd43d486434121095a1a87b10d00af75be9b3876da1b100cabdad4fc1ec08699

Request headers

:path: /theme/images/messagebox/4.png
pragma: no-cache
cookie: PHPSESSID=j0amsdb3ae8k3k01npfvfo830f
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: notes.io
referer: https://notes.io/theme/styles/notes.min.css?id=426400214
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://notes.io/theme/styles/notes.min.css?id=426400214
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 05:57:03 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2564355
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 80
last-modified: Fri, 21 Feb 2020 23:15:11 GMT
server: cloudflare
etag: "5e50647f-50"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gEOW9PJR7DPNffjJOP%2ByvqGQYyqZ2WYzr94Gl9KMoYsR63j8q3tk0%2B1woGpkGSdyXblOnZvvPY0Vs6vPu3fY9T6z29mx%2FRQFgxkoIotDF4NxpX52NQigPPlq95NwpF%2Bu%2FGzX1LevQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000, no-transform
accept-ranges: bytes
cf-ray: 6711b5c7d98505f5-FRA
expires: Sun, 19 Jun 2022 13:37:48 GMT

GET
H3-29 200 5.png
notes.io/theme/images/messagebox/ 81 B
694 B 13ms
12ms Image
image/png 2606:4700:3030::ac43:b188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://notes.io/theme/images/messagebox/5.png
Requested by: Host: notes.io
URL: https://notes.io/theme/styles/notes.min.css?id=426400214
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:b188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a2e6f4e3b47708f456723686f7229139f65c9590fd610ad4483aa37ab623100e

Request headers

:path: /theme/images/messagebox/5.png
pragma: no-cache
cookie: PHPSESSID=j0amsdb3ae8k3k01npfvfo830f
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: notes.io
referer: https://notes.io/theme/styles/notes.min.css?id=426400214
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://notes.io/theme/styles/notes.min.css?id=426400214
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 05:57:03 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2564355
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 81
last-modified: Fri, 21 Feb 2020 23:15:12 GMT
server: cloudflare
etag: "5e506480-51"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DnWgrSot8d8JpWI0jbmNrytyp1Dy%2FOL6fEEr8qEWwRvy7Ke6XKC8pHXeeKWrn1UMXe1g118nHsUpl5qQomSr3BSC2frLyzosk1o3cKSY1SnYXaFb%2FA1xBprmm9O8SD6l7psTpcpDvg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000, no-transform
accept-ranges: bytes
cf-ray: 6711b5c7d98605f5-FRA
expires: Sun, 19 Jun 2022 13:37:48 GMT

GET
H3-29 200 6.png
notes.io/theme/images/messagebox/ 190 B
810 B 18ms
17ms Image
image/png 2606:4700:3030::ac43:b188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://notes.io/theme/images/messagebox/6.png
Requested by: Host: notes.io
URL: https://notes.io/theme/styles/notes.min.css?id=426400214
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:b188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 67fd821b8cbf7173173b93ab14e85ec18d6a244a7f5d9389e8048f5d9c38fbdc

Request headers

:path: /theme/images/messagebox/6.png
pragma: no-cache
cookie: PHPSESSID=j0amsdb3ae8k3k01npfvfo830f
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: notes.io
referer: https://notes.io/theme/styles/notes.min.css?id=426400214
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://notes.io/theme/styles/notes.min.css?id=426400214
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 05:57:03 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2564355
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 190
last-modified: Fri, 21 Feb 2020 23:15:12 GMT
server: cloudflare
etag: "5e506480-be"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BeDj8FKm%2BQHqw%2Frg4FGiSz0w9mn8eoI1Fx%2BTXkSbaF0jg3J6IO5EAztUBIJT%2F4vRgM0sYJt4%2FSPx3iEa1ENoBBKVrxnaQJFkvCpx1C1bj30Y1h4yaTNUZJn8GmcU3UieIffy%2FC6qqg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000, no-transform
accept-ranges: bytes
cf-ray: 6711b5c7d98905f5-FRA
expires: Sun, 19 Jun 2022 13:37:48 GMT

GET
H3-29 200 7.png
notes.io/theme/images/messagebox/ 84 B
701 B 13ms
13ms Image
image/png 2606:4700:3030::ac43:b188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://notes.io/theme/images/messagebox/7.png
Requested by: Host: notes.io
URL: https://notes.io/theme/styles/notes.min.css?id=426400214
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:b188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e3483b903087992179e337c5b50d3d1768181543b2615915bb53529190fabee

Request headers

:path: /theme/images/messagebox/7.png
pragma: no-cache
cookie: PHPSESSID=j0amsdb3ae8k3k01npfvfo830f
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: notes.io
referer: https://notes.io/theme/styles/notes.min.css?id=426400214
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://notes.io/theme/styles/notes.min.css?id=426400214
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 05:57:03 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2564355
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 84
last-modified: Fri, 21 Feb 2020 23:15:12 GMT
server: cloudflare
etag: "5e506480-54"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zzo0laye%2FUSGRi7awHrCZ6cqTAeSObNJzFrZHJSqzs6KUQv0fjwlmMHj3zEnXB8k%2BXj6Hx4ftei3aJ0SIVNOGKZRaFQoaTVOEStYtjzORuN%2FHUOm0WsYpxYE6CbmCIIStAane3OuzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000, no-transform
accept-ranges: bytes
cf-ray: 6711b5c7d98a05f5-FRA
expires: Sun, 19 Jun 2022 13:37:48 GMT

GET
H3-29 200 8.png
notes.io/theme/images/messagebox/ 195 B
813 B 14ms
13ms Image
image/png 2606:4700:3030::ac43:b188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://notes.io/theme/images/messagebox/8.png
Requested by: Host: notes.io
URL: https://notes.io/theme/styles/notes.min.css?id=426400214
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:b188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46d72aae9d4a3d95505f41765ef9f541d3bde5b21ddfa63ca2ac5b9b2fed6003

Request headers

:path: /theme/images/messagebox/8.png
pragma: no-cache
cookie: PHPSESSID=j0amsdb3ae8k3k01npfvfo830f
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: notes.io
referer: https://notes.io/theme/styles/notes.min.css?id=426400214
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://notes.io/theme/styles/notes.min.css?id=426400214
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 05:57:03 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2564355
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 195
last-modified: Fri, 21 Feb 2020 23:15:13 GMT
server: cloudflare
etag: "5e506481-c3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Eamuud%2B50iyj%2FqTp3K17s4q94IO0nNtdKyHp%2Brsl3LSm9esX1SATT1P3k3sWU%2F6B13SsyWXbdJZ4q8Kx2c1uugXpF1pZjR1J5vpk3SBBPkQ6dQ2ZVfSMn4k8uKG4qDqUvtz4yAbUaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000, no-transform
accept-ranges: bytes
cf-ray: 6711b5c7d98b05f5-FRA
expires: Sun, 19 Jun 2022 13:37:48 GMT

GET
H3-29 200 closeBtn.png
notes.io/theme/images/ 884 B
1 KB 23ms
20ms Image
image/png 2606:4700:3030::ac43:b188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://notes.io/theme/images/closeBtn.png
Requested by: Host: notes.io
URL: https://notes.io/theme/styles/notes.min.css?id=426400214
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:b188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8cacfa400f8759f593f2f89f7984d412c8a2b68c4066108dd0b9e35ec9d22782

Request headers

:path: /theme/images/closeBtn.png
pragma: no-cache
cookie: PHPSESSID=j0amsdb3ae8k3k01npfvfo830f
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: notes.io
referer: https://notes.io/theme/styles/notes.min.css?id=426400214
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://notes.io/theme/styles/notes.min.css?id=426400214
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 05:57:03 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2564355
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 884
last-modified: Fri, 21 Feb 2020 23:28:50 GMT
server: cloudflare
etag: "5e5067b2-374"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YR7zC20%2FuwagZgLFgAyLtNjLydkuCJPlwhRPL3sKu%2FrmUrSIJyQ2HEBlYBYPQkwbl6GmbG7YDfsKuxlnbNjycWwQM21y4j%2BlrUjzCWLpTAh64GIQoDfK87KLou2nEi6i4SrSD3GjwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000, no-transform
accept-ranges: bytes
cf-ray: 6711b5c7f9b605f5-FRA
expires: Sun, 19 Jun 2022 13:37:48 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1561580327&utmhn=notes.io&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Set%20Kem%2...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-18039671-1&cid=161772118.1626674223&jid=1911739031&_v=5.7.2&z=1561580327
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-18039671-1&cid=161772118.1626674223&jid=1911739031&_v=5.7.2&z=1561580327
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-18039671-1&cid=161772118.1626674223&jid=1911739031&_v=5.7.2&z=1561580327&slf_rd=1&random=3829134629

42 B
107 B

19ms
18ms

Image
image/gif

2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-18039671-1&cid=161772118.1626674223&jid=1911739031&_v=5.7.2&z=1561580327&slf_rd=1&random=3829134629

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://notes.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Jul 2021 05:57:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 19 Jul 2021 05:57:03 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-18039671-1&cid=161772118.1626674223&jid=1911739031&_v=5.7.2&z=1561580327&slf_rd=1&random=3829134629
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 198 B
655 B 38ms
15ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=notes.io&callback=_gfp_s_&client=ca-pub-4070502493653474

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210712/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4070502493653474&plah=notes.io&amaexp=1&bust=exp%3D31061746

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

681cae5c55150b5d838157676ff454912fbdea5b9e8c50cc8b225e5256ba3c4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://notes.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 05:57:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 189
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 14ms
14ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=notes.io

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://notes.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 19 Jul 2021 05:57:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 15ms
15ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=notes.io

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://notes.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 19 Jul 2021 05:57:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame EA62 430 B
230 B 105ms
103ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4070502493653474&output=html&h=200&slotname=3868234696&adk=549409105&adf=954533980&pi=t.ma~as.3868234696&w=1200&fwrn=4&lmt=1626674223&rafmt=11&psa=0&format=1200x200&url=https%3A%2F%2Fnotes.io%2FXxC7&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626674223307&bpp=4&bdt=163&idt=112&shv=r20210712&ptt=9&saldr=aa&abxe=1&correlator=6928118977816&frm=20&pv=2&ga_vid=161772118.1626674223&ga_sid=1626674223&ga_hid=955784576&ga_fc=1&rplot=4&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=194&ady=121&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060974%2C31061746&oid=3&pvsid=2986519487515151&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CoeE%7Cp&abl=XS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=oYmpaGumZW&p=https%3A//notes.io&dtd=128

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

30d824b75df9c7f0c81b3708ef12d2792aee07f9074adb24a09de58191a3cfe4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4070502493653474&output=html&h=200&slotname=3868234696&adk=549409105&adf=954533980&pi=t.ma~as.3868234696&w=1200&fwrn=4&lmt=1626674223&rafmt=11&psa=0&format=1200x200&url=https%3A%2F%2Fnotes.io%2FXxC7&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626674223307&bpp=4&bdt=163&idt=112&shv=r20210712&ptt=9&saldr=aa&abxe=1&correlator=6928118977816&frm=20&pv=2&ga_vid=161772118.1626674223&ga_sid=1626674223&ga_hid=955784576&ga_fc=1&rplot=4&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=194&ady=121&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060974%2C31061746&oid=3&pvsid=2986519487515151&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CoeE%7Cp&abl=XS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=oYmpaGumZW&p=https%3A//notes.io&dtd=128
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://notes.io/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://notes.io/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 19 Jul 2021 05:57:03 GMT
server: cafe
content-length: 207
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 19-Jul-2021 06:12:03 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 19 Jul 2021 05:57:03 GMT
cache-control: private

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 33ms
33ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210712&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a2d8b60bb224bcc3223cab505b515f93ae1f369b4d7bc4f193678dda44a8aa6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://notes.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 19 Jul 2021 05:57:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8503
x-xss-protection: 0

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
27 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee07009e9fe79b9909bafdb282106c95dac83f905c6ac665e1257ac862ed50e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://notes.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 05:57:03 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1626434913869424"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28061
x-xss-protection: 0
expires: Mon, 19 Jul 2021 05:57:03 GMT

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame BD9B 11 KB
5 KB 138ms
137ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4070502493653474&output=html&h=90&adk=3669304273&adf=1363183586&w=728&lmt=1626674223&psa=0&format=728x90&url=https%3A%2F%2Fnotes.io%2FXxC7&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626674223311&bpp=1&bdt=167&idt=130&shv=r20210712&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x200&correlator=6928118977816&frm=20&pv=1&ga_vid=161772118.1626674223&ga_sid=1626674223&ga_hid=955784576&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=430&ady=1335&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060974%2C31061746&oid=3&pvsid=2986519487515151&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CoeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=XrsYK90wKe&p=https%3A//notes.io&dtd=133

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a647d8c02d3b6a1fa82f0b50b631ef432082cd9ff1ab584778851ce7f5d0a26d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4070502493653474&output=html&h=90&adk=3669304273&adf=1363183586&w=728&lmt=1626674223&psa=0&format=728x90&url=https%3A%2F%2Fnotes.io%2FXxC7&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626674223311&bpp=1&bdt=167&idt=130&shv=r20210712&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x200&correlator=6928118977816&frm=20&pv=1&ga_vid=161772118.1626674223&ga_sid=1626674223&ga_hid=955784576&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=430&ady=1335&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060974%2C31061746&oid=3&pvsid=2986519487515151&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CoeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=XrsYK90wKe&p=https%3A//notes.io&dtd=133
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://notes.io/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://notes.io/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 19 Jul 2021 05:57:03 GMT
server: cafe
content-length: 5521
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 19-Jul-2021 06:12:03 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 19 Jul 2021 05:57:03 GMT
cache-control: private

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 14ms
14ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fnotes.io%2FXxC7&tn=IMG&cls=bg&ign=false&pw=1600&ph=1200&x=0&y=1060.8

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://notes.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Jul 2021 05:57:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 14ms
14ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fnotes.io%2FXxC7&tn=IMG&cls=bg&ign=false&pw=1600&ph=1200&x=0&y=69.6

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://notes.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Jul 2021 05:57:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 48BC 1 KB
428 B 84ms
84ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4070502493653474&output=html&adk=1812271804&adf=3025194257&lmt=1626674223&plat=1%3A16809992%2C2%3A16809992%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fnotes.io%2FXxC7&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626674223332&bpp=1&bdt=188&idt=114&shv=r20210712&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x200%2C728x90&nras=1&correlator=6928118977816&frm=20&pv=1&ga_vid=161772118.1626674223&ga_sid=1626674223&ga_hid=955784576&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060974%2C31061746&oid=3&pvsid=2986519487515151&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=118

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

73cd89689be960bb735058fd993ad51ae1f49b061fa000a88fe7ce3b4b671124

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4070502493653474&output=html&adk=1812271804&adf=3025194257&lmt=1626674223&plat=1%3A16809992%2C2%3A16809992%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fnotes.io%2FXxC7&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626674223332&bpp=1&bdt=188&idt=114&shv=r20210712&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x200%2C728x90&nras=1&correlator=6928118977816&frm=20&pv=1&ga_vid=161772118.1626674223&ga_sid=1626674223&ga_hid=955784576&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060974%2C31061746&oid=3&pvsid=2986519487515151&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=118
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://notes.io/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://notes.io/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 19 Jul 2021 05:57:03 GMT
server: cafe
content-length: 405
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 19-Jul-2021 06:12:03 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 19 Jul 2021 05:57:03 GMT
cache-control: private

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://notes.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 05:57:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Mon, 19 Jul 2021 05:57:03 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 86E9 12 KB
5 KB 15ms
13ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://notes.io/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://notes.io/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Mon, 19 Jul 2021 00:20:46 GMT
expires: Tue, 19 Jul 2022 00:20:46 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 20177
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 6005 783 B
530 B 25ms
24ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

539c52ba73b61fcd68a4265787489c14307b853d0d1d6c38b36ce5315611b9bf

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-cdkWrssFCLRFp7GSBJOdsA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://notes.io/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://notes.io/

Response headers

expires: Mon, 19 Jul 2021 05:57:03 GMT
date: Mon, 19 Jul 2021 05:57:03 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-cdkWrssFCLRFp7GSBJOdsA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 511
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 exkW1aWpcEgyfnSxaN04_gBnrAbbgfV_chCPI0EM_3k.js Show response
pagead2.googlesyndication.com/bg/ Frame 86E9 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/exkW1aWpcEgyfnSxaN04_gBnrAbbgfV_chCPI0EM_3k.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b1916d5a5a97048327e74b168dd38fe0067ac06db81f57f72108f23410cff79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 15:04:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53581
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13308
x-xss-protection: 0
last-modified: Tue, 06 Jul 2021 09:28:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 18 Jul 2022 15:04:02 GMT

GET
H/1.1 200
OK js Show response
tags.mathtag.com/notify/ Frame BD9B 2 KB
2 KB 138ms
49ms Script
application/x-javascript 185.29.133.223
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTURCbVptWTVNRFV0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzE1NjQ5NTgxOTQxMDY2MDQwODQvNjYyMjMzMi80NTYyMzA2LzQvZ0NDcTVFME8wbnZLWWRybXZBNHpGNUpYSXFQZUZEV0JTcEFsZmhiVFNpMC8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC8xNTY0OTU4MTk0MTA2NjA0MDg0L2Ftcy8wLzgwLzMzLzk5OS82Ni8yYTAxOjRmODoxMDA6Oi8wLjAwMC8xNjI2Njc0MjIzLzE2MjY2ODY4MjMvNC9wdWItNDA3MDUwMjQ5MzY1MzQ3NC8/tmGRr2wZkj3juJhJ9gtKn7bo0RU&nodeid=124&group=eu&auctionid=1564958194106604084&shardkey=1564958194106604084&sid=4562306&cid=6622332&bp=a_bdhgdj&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.133.236&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7NHmLxT1YKqHHMaz-gaz1JG4DM-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItNDA3MDUwMjQ5MzY1MzQ3NMgBCagDAaoEqAFP0B-DkY7VUCMFwGWwO0CKcp5T6rAzPZ9lzP_I6foi6bKU12KQ91hvL9R3j0ezeQxec7y463tA6JN8vu7cH6W6MNbF8-1x3CetHCJTx2qXswls0c9zyVeRO9ZCjNO6z3J_bBPoUflBW1o3J6nUl6Ic3icqW1RoTXwQqXwpQOkUcMCHhyn3oB8XgfeXM_gc2ETudRPnkY_hBXWqJHz40MjZA40UCyijuY-ABsrr6dDusIOqiQGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0gLWKK3aLhLGI9h9GLHlQXSyapnA%26client%3Dca-pub-4070502493653474%26adurl%3D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4070502493653474&output=html&h=90&adk=3669304273&adf=1363183586&w=728&lmt=1626674223&psa=0&format=728x90&url=https%3A%2F%2Fnotes.io%2FXxC7&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626674223311&bpp=1&bdt=167&idt=130&shv=r20210712&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x200&correlator=6928118977816&frm=20&pv=1&ga_vid=161772118.1626674223&ga_sid=1626674223&ga_hid=955784576&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=430&ady=1335&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060974%2C31061746&oid=3&pvsid=2986519487515151&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CoeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=XrsYK90wKe&p=https%3A//notes.io&dtd=133
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.133.223 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.202.0 /
Resource Hash: 1965e80c92918a1a60f31223692c1239f514f5d1d2ee96647994a768aed9a9d7

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 19 Jul 2021 05:57:00 GMT
Content-Encoding: gzip
x-mm-bid-request-time: 1626674223
Last-Modified: Mon, 19 Jul 2021 05:57:03 GMT
Server: MMBD/3.202.0
x-mm-latency: 23 (1)
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
x-mm-dbg: Count
Cache-Control: no-cache
x-mm-host: zrh-router-x71, cdg-bidder-x15
Connection: close
Content-Type: application/x-javascript; charset=UTF-8
Expires: Mon, 19 Jul 2021 05:56:59 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210712/r20110914/client/ Frame BD9B 2 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210712/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4070502493653474&output=html&h=90&adk=3669304273&adf=1363183586&w=728&lmt=1626674223&psa=0&format=728x90&url=https%3A%2F%2Fnotes.io%2FXxC7&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626674223311&bpp=1&bdt=167&idt=130&shv=r20210712&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x200&correlator=6928118977816&frm=20&pv=1&ga_vid=161772118.1626674223&ga_sid=1626674223&ga_hid=955784576&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=430&ady=1335&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060974%2C31061746&oid=3&pvsid=2986519487515151&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CoeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=XrsYK90wKe&p=https%3A//notes.io&dtd=133

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 05:45:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 672
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 Aug 2021 05:45:51 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BD9B 124 KB
37 KB 30ms
15ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

743c8064e2b1f38a1b44de4d4ac3a99bb9c11a69a16360433076b5d93b815181

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 05:57:03 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1626434926419779"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38153
x-xss-protection: 0
expires: Mon, 19 Jul 2021 05:57:03 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210712/r20110914/client/ Frame BD9B 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210712/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6904dd3786abf2a13d9e3eebc371d27f65ffa4bae3d23ce1aa3f69b8b4962a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 05:43:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 805
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6221
x-xss-protection: 0
server: cafe
etag: 7452675974595557415
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 Aug 2021 05:43:38 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame BD9B 0
0 17ms
16ms Fetch
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CUcNULxT1YKqHHMaz-gaz1JG4DM-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItNDA3MDUwMjQ5MzY1MzQ3NMgBCagDAaoEpQFP0B-DkY7VUCMFwGWwO0CKcp5T6rAzPZ9lzP_I6foi6bKU12KQ91hvL9R3j0ezeQxec7y463tA6JN8vu7cH6W6MNbF8-1x3CetHCJTx2qXswls0c9zyVeRO9ZCjNO6z3J_bBPoUflBW1o3J6nUl6Ic3icqW1RoTXwQqXwpQOkUcMCHhyn3oB8XgfeXM_gc2ETudROlk4JzqeUOI_FcmGMBQyLkFjyABsrr6dDusIOqiQGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAYAKAfoLAggBgAwB0BUBgBcBshcYChYSFHB1Yi00MDcwNTAyNDkzNjUzNDc0&sigh=j7AFdko6rw8&tpd=AGWhJmvn-xruJiuF53Mhz2cAhXTNdGCVjUi9RnR-vcc2scmB4licbFUJFzT2VsBuJeD1_KKTy3yfjzBGodD8F4qMUFpk__J410bO96RSnCTpenFbKE1ocj6VVRp3EW3qIsQJUwdpeXyRVyzG-EBsIT_DngIVAt-_ykX5inPC4dLN1kBJOOM2mwA9fw8BjQtTQqKjZz7WOt4hPqgYHRfS73IxeWPB_TKXb-WfHn4sFgUKJwTG7kGYIhGiXp1bEO871Y2rvaMZ3UtvJbJXmyD4fW13dve2j8WjhCreoTFAWoNTbcFPbmgvWvdsVmSZY08BQp0D0wpWCa6m8b5wE25JafwZ09MbqmeAmLjs-WQsWZ0sf5XJRy9hX2EVpmMpkHZ0bsPMVobpf361yOK5ahNCpsx50mfNYcPatH2G-k7GiOGquyY8IaslR8StI5bMUh_7bNJbNFAyZ-OUns4mqvu5hS38H1aJBKOgcK_Z_NshKhFkwr9j39NKtwQ7w54-cKwdZadFRSbB_Il5dTb4yv8XO0JFxlitPnsQJe97o7cBIozd-Q0tfcTEMs8wBTgwpqi1Cx1hljuU1nKfqK_trH2pBr90LfakdHuRAEKH2UbEIUYKG2WUjKtAPwEntxsv0mfaGhPROEUiOnyDgTFE65tJ2MSBR3jC4UiMQQa2tO_EUxoqJ0mRmaQcXb8eDqusslo0l-1ytKtbkWXmj5d0lP1YVoz4ffekJF32SO9Lot5hMghYzo9Mc_752NAFJAcw_VDNGA97sEpDskfS5oK01cXrp9h3MDnUZbDNglzsy54p-EV9AUVT9r0OJJmlLtMUVXOXajjHYWLfjj2mxJDAQm9eZpOx3YypzUIA5WWWCSWtt1WHYVCbGR7EAi14_IlGtXcRH-B0hEsqoKW_5195KS6gfTYB2Y8SergPh9T9XQtYcXexD_joLWctV16Vil9mIbej2aP0aCpJwuXbgkusnrtj33gQJzp9HB_g4QUebhCbFR2WphaBZfUHDNQpJvB0LDt2hI6SbgyatDYObnPenVd33S5d8I8Cbvn5S0psOu8xIOQV6bhQYCEWySwCYObvwnua8VT0

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4070502493653474&output=html&h=90&adk=3669304273&adf=1363183586&w=728&lmt=1626674223&psa=0&format=728x90&url=https%3A%2F%2Fnotes.io%2FXxC7&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626674223311&bpp=1&bdt=167&idt=130&shv=r20210712&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x200&correlator=6928118977816&frm=20&pv=1&ga_vid=161772118.1626674223&ga_sid=1626674223&ga_hid=955784576&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=430&ady=1335&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060974%2C31061746&oid=3&pvsid=2986519487515151&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CoeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=XrsYK90wKe&p=https%3A//notes.io&dtd=133
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 19 Jul 2021 05:57:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 19 Jul 2021 05:57:03 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 16ms
16ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210712&jk=2986519487515151&bg=!wMOlw4fNAAZjFomlYxY7ACkAdvg8WpILWTUaQQJC0_qNWnhIxY1YQLL3_4Lxz8X6g3MmttEymVodFwIAAABVUgAAAApoAQcKAQdS-6ibvw7cnJvucC8b7qULTh8ar1IzdNyfXp5-ZtoutTppVWbvcgqDCsYfodhHyIxp-vg51NfMsbPSwNhL2FVDKZPgdg_2JrDALwJJoKaatJl8_EYwXtdE2oSMhZzeiSGX97H4l6f4G9wxyel5lPN2aZcVKBsf78AFX77EVFFDrkbjLozjo7pPz1mM_nY7cCtRMHNBJHTsDCvtTDv1RrgrizVZvqrUoTQ2y7XC0cWm2DXpMTZdGS9HQM8oID7tqNtzo9s6WpFKzWDzf04f3pQgeci0Inn1XImckXeRgyGJsX-QnWRB4TcR4C1RvCxOA_FFZ_nhGBV-xgCmflQU4lakFQPuNX8ea5kCe5-09wd_YA6Hl9Mbb7FWAC_CDZ3khVruyS2NLiZF-BzPZRI7tG4WQ4myf0cbRrIB6LZHiHU_t53HuYVSTGHj83ToJQDn9MLjLcYbNUACRpfBaBzbkVXekKI8MQRqfSfp5CyCCLSKRIzpBdZLSaMtQ40CSrzBPwe1IKIHCh94_UTFboxtjiCkhzPmo66Dllk0k8yJUGs2imGKQDzJaLZGnBu5S3H-maRypQLEIVjyp9eu_f-gafnWNSMQ2gczQ9_cnoVc9iOF-kBPjW6NgeO1W3_YWtPFbfzhNsSD2G9JpZYfDAcvE5buvjiemB3MXbVmA2KHssCEyalc5IzDu_vyrvt7Y3qEohsbh8HTzSfWwJYS-Xcqt9yJkaBc7Z0hL_IvkzOIbc8m5XrK8jVerKyM4wT2UFJlDRyCrvLqa0uHsyxacN_XsYlN17odGBrCJXLRSNvbH2QG98-lQJoYMjIqGyA3w67PrmNBAl0Y-shZjkhBlnAxDqT7cAPEyXNFriVrS1nedK2mJaeAsfNmt6ZkfwLXZF4hG2eLHe6u3yvl76UpsUiLzWoiYJRitpGBi0bY_Bvo-_DeGeWlW05FsukkcHJA2LZpHEMSMsqfXCLckmUer56enjj96OCcsqHa4SoEe8TP7p9nj_vPKM_5wylNjXfB0PNaZBudgMIEShvcy1DByqMp4tLXA19tnfR24-FC-RNOzgjDGRZuN7ASJR7MbQ4fJvjamBC6ONNq7BJVxapp8xDaSaoHF03Bn0guBBanjKXQgaf27NOQDl7TY6P-YbyrEXwveEf55M_nT_7jz7m2DQ3R7Gw8HOk00gDuRbJoqTfWmrsBNJn_Z_Ka

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://notes.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Jul 2021 05:57:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK ajk4xlebn4mw Show response
hal9000.redintelligence.net/zone/ Frame BD9B 11 KB
3 KB 44ms
14ms Script
text/html 136.243.149.243
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/ajk4xlebn4mw?subid=&gdpr=1&gdpr_consent=BAAAAAAAAAAAAAAAAAluAA%2F%2F%2F%2F%2F%2F%2BABgCeAJ4Ang&rnd=1564958194106604084&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:adx&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D1564958194106604084%26mt_id%3D6622332%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D6b1b60f5-142f-4001-a0b0-6b58e2b9cb2b%26mt_cid%3D6b1b60f5-142f-4001-a0b0-6b58e2b9cb2b%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DC7NHmLxT1YKqHHMaz-gaz1JG4DM-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItNDA3MDUwMjQ5MzY1MzQ3NMgBCagDAaoEqAFP0B-DkY7VUCMFwGWwO0CKcp5T6rAzPZ9lzP_I6foi6bKU12KQ91hvL9R3j0ezeQxec7y463tA6JN8vu7cH6W6MNbF8-1x3CetHCJTx2qXswls0c9zyVeRO9ZCjNO6z3J_bBPoUflBW1o3J6nUl6Ic3icqW1RoTXwQqXwpQOkUcMCHhyn3oB8XgfeXM_gc2ETudRPnkY_hBXWqJHz40MjZA40UCyijuY-ABsrr6dDusIOqiQGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0gLWKK3aLhLGI9h9GLHlQXSyapnA%2526client%253Dca-pub-4070502493653474%2526adurl%253D%26redirect%3D
Requested by: Host: notes.io
URL: https://notes.io/XxC7
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.149.243 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.243.149.243.136.clients.your-server.de
Software: Apache /
Resource Hash: 6ff089bcfcb26707452665559b17eb926a412d9dd3f2f810616c55a07b51cdc6

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 19 Jul 2021 05:57:03 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3381
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK ck-confirm
tags.mathtag.com/ Frame BD9B 49 B
329 B 98ms
42ms Image
image/gif 185.29.133.223
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/ck-confirm?bid_id=1564958194106604084&node_id=124&exch_id=4
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTURCbVptWTVNRFV0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzE1NjQ5NTgxOTQxMDY2MDQwODQvNjYyMjMzMi80NTYyMzA2LzQvZ0NDcTVFME8wbnZLWWRybXZBNHpGNUpYSXFQZUZEV0JTcEFsZmhiVFNpMC8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC8xNTY0OTU4MTk0MTA2NjA0MDg0L2Ftcy8wLzgwLzMzLzk5OS82Ni8yYTAxOjRmODoxMDA6Oi8wLjAwMC8xNjI2Njc0MjIzLzE2MjY2ODY4MjMvNC9wdWItNDA3MDUwMjQ5MzY1MzQ3NC8/tmGRr2wZkj3juJhJ9gtKn7bo0RU&nodeid=124&group=eu&auctionid=1564958194106604084&shardkey=1564958194106604084&sid=4562306&cid=6622332&bp=a_bdhgdj&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.133.236&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7NHmLxT1YKqHHMaz-gaz1JG4DM-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItNDA3MDUwMjQ5MzY1MzQ3NMgBCagDAaoEqAFP0B-DkY7VUCMFwGWwO0CKcp5T6rAzPZ9lzP_I6foi6bKU12KQ91hvL9R3j0ezeQxec7y463tA6JN8vu7cH6W6MNbF8-1x3CetHCJTx2qXswls0c9zyVeRO9ZCjNO6z3J_bBPoUflBW1o3J6nUl6Ic3icqW1RoTXwQqXwpQOkUcMCHhyn3oB8XgfeXM_gc2ETudRPnkY_hBXWqJHz40MjZA40UCyijuY-ABsrr6dDusIOqiQGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0gLWKK3aLhLGI9h9GLHlQXSyapnA%26client%3Dca-pub-4070502493653474%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.133.223 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.202.0 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 19 Jul 2021 05:57:00 GMT
Server: MMBD/3.202.0
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: zrh-router-x73, cdg-bidder-x15
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Mon, 19 Jul 2021 05:56:59 GMT

GET
H/1.1 200
OK img
pixel.mathtag.com/event/ Frame BD9B 43 B
360 B 73ms
35ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=4&v2=1564958194106604084&v3=651871&v4=4562306&v5=6622332&mt_nsync=1&no_attr=1
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTURCbVptWTVNRFV0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzE1NjQ5NTgxOTQxMDY2MDQwODQvNjYyMjMzMi80NTYyMzA2LzQvZ0NDcTVFME8wbnZLWWRybXZBNHpGNUpYSXFQZUZEV0JTcEFsZmhiVFNpMC8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC8xNTY0OTU4MTk0MTA2NjA0MDg0L2Ftcy8wLzgwLzMzLzk5OS82Ni8yYTAxOjRmODoxMDA6Oi8wLjAwMC8xNjI2Njc0MjIzLzE2MjY2ODY4MjMvNC9wdWItNDA3MDUwMjQ5MzY1MzQ3NC8/tmGRr2wZkj3juJhJ9gtKn7bo0RU&nodeid=124&group=eu&auctionid=1564958194106604084&shardkey=1564958194106604084&sid=4562306&cid=6622332&bp=a_bdhgdj&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.133.236&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7NHmLxT1YKqHHMaz-gaz1JG4DM-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItNDA3MDUwMjQ5MzY1MzQ3NMgBCagDAaoEqAFP0B-DkY7VUCMFwGWwO0CKcp5T6rAzPZ9lzP_I6foi6bKU12KQ91hvL9R3j0ezeQxec7y463tA6JN8vu7cH6W6MNbF8-1x3CetHCJTx2qXswls0c9zyVeRO9ZCjNO6z3J_bBPoUflBW1o3J6nUl6Ic3icqW1RoTXwQqXwpQOkUcMCHhyn3oB8XgfeXM_gc2ETudRPnkY_hBXWqJHz40MjZA40UCyijuY-ABsrr6dDusIOqiQGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0gLWKK3aLhLGI9h9GLHlQXSyapnA%26client%3Dca-pub-4070502493653474%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 3810 5cb7d7e master cdg-pixel-x28 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 19 Jul 2021 05:57:03 GMT
Server: MT3 3810 5cb7d7e master cdg-pixel-x28
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 19 Jul 2021 05:56:24 GMT

GET
H/1.1 200
OK img
tags.mathtag.com/event/ Frame BD9B 49 B
329 B 94ms
39ms Image
image/gif 185.29.133.223
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/event/img?type=mmImpTrack&exch=adx&bid=1564958194106604084&st=4562306&time=1626674223&nodeid=124
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTURCbVptWTVNRFV0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzE1NjQ5NTgxOTQxMDY2MDQwODQvNjYyMjMzMi80NTYyMzA2LzQvZ0NDcTVFME8wbnZLWWRybXZBNHpGNUpYSXFQZUZEV0JTcEFsZmhiVFNpMC8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC8xNTY0OTU4MTk0MTA2NjA0MDg0L2Ftcy8wLzgwLzMzLzk5OS82Ni8yYTAxOjRmODoxMDA6Oi8wLjAwMC8xNjI2Njc0MjIzLzE2MjY2ODY4MjMvNC9wdWItNDA3MDUwMjQ5MzY1MzQ3NC8/tmGRr2wZkj3juJhJ9gtKn7bo0RU&nodeid=124&group=eu&auctionid=1564958194106604084&shardkey=1564958194106604084&sid=4562306&cid=6622332&bp=a_bdhgdj&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.133.236&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7NHmLxT1YKqHHMaz-gaz1JG4DM-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItNDA3MDUwMjQ5MzY1MzQ3NMgBCagDAaoEqAFP0B-DkY7VUCMFwGWwO0CKcp5T6rAzPZ9lzP_I6foi6bKU12KQ91hvL9R3j0ezeQxec7y463tA6JN8vu7cH6W6MNbF8-1x3CetHCJTx2qXswls0c9zyVeRO9ZCjNO6z3J_bBPoUflBW1o3J6nUl6Ic3icqW1RoTXwQqXwpQOkUcMCHhyn3oB8XgfeXM_gc2ETudRPnkY_hBXWqJHz40MjZA40UCyijuY-ABsrr6dDusIOqiQGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0gLWKK3aLhLGI9h9GLHlQXSyapnA%26client%3Dca-pub-4070502493653474%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.133.223 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.202.0 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 19 Jul 2021 05:57:00 GMT
Server: MMBD/3.202.0
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: zrh-router-x75, cdg-bidder-x15
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Mon, 19 Jul 2021 05:56:59 GMT

GET
H/1.1

200
OK

request.php Show response
hal900024.redintelligence.net/ Frame BD9B
Redirect Chain

https://hal900024.redintelligence.net/request.php?zone=ajk4xlebn4mw&nw=20&renderingType=javascript&namespace=24c5fc1cc0&subid=&uid=e0911de075dd4578&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900024.redintelligence.net/request.php?zone=ajk4xlebn4mw&nw=20&renderingType=javascript&namespace=24c5fc1cc0&subid=&uid=e0911de075dd4578&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

2 KB
1 KB

95ms
73ms

Script
application/x-javascript

138.201.84.252
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900024.redintelligence.net/request.php?zone=ajk4xlebn4mw&nw=20&renderingType=javascript&namespace=24c5fc1cc0&subid=&uid=e0911de075dd4578&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=BAAAAAAAAAAAAAAAAAluAA%2F%2F%2F%2F%2F%2F%2BABgCeAJ4Ang&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D1564958194106604084%26mt_id%3D6622332%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D6b1b60f5-142f-4001-a0b0-6b58e2b9cb2b%26mt_cid%3D6b1b60f5-142f-4001-a0b0-6b58e2b9cb2b%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DC7NHmLxT1YKqHHMaz-gaz1JG4DM-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItNDA3MDUwMjQ5MzY1MzQ3NMgBCagDAaoEqAFP0B-DkY7VUCMFwGWwO0CKcp5T6rAzPZ9lzP_I6foi6bKU12KQ91hvL9R3j0ezeQxec7y463tA6JN8vu7cH6W6MNbF8-1x3CetHCJTx2qXswls0c9zyVeRO9ZCjNO6z3J_bBPoUflBW1o3J6nUl6Ic3icqW1RoTXwQqXwpQOkUcMCHhyn3oB8XgfeXM_gc2ETudRPnkY_hBXWqJHz40MjZA40UCyijuY-ABsrr6dDusIOqiQGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0gLWKK3aLhLGI9h9GLHlQXSyapnA%2526client%253Dca-pub-4070502493653474%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fnotes.io%2F&ancestorOrigins=https%3A%2F%2Fnotes.io&random=5127343488226&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4070502493653474&output=html&h=90&adk=3669304273&adf=1363183586&w=728&lmt=1626674223&psa=0&format=728x90&url=https%3A%2F%2Fnotes.io%2FXxC7&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626674223311&bpp=1&bdt=167&idt=130&shv=r20210712&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x200&correlator=6928118977816&frm=20&pv=1&ga_vid=161772118.1626674223&ga_sid=1626674223&ga_hid=955784576&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=430&ady=1335&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060974%2C31061746&oid=3&pvsid=2986519487515151&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CoeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=XrsYK90wKe&p=https%3A//notes.io&dtd=133
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.252 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.252.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 38d957a0a795de46c56609bcb815c3f256ab0aca9f05d68addc63d723745a06d

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 19 Jul 2021 05:57:03 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 37756700023257700951389011660024
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 892
Expires: Mon, 19 Jul 2021 06:57:03 +0200

Redirect headers

Pragma: no-cache
Date: Mon, 19 Jul 2021 05:57:03 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=ajk4xlebn4mw&nw=20&renderingType=javascript&namespace=24c5fc1cc0&subid=&uid=e0911de075dd4578&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=BAAAAAAAAAAAAAAAAAluAA%2F%2F%2F%2F%2F%2F%2BABgCeAJ4Ang&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D1564958194106604084%26mt_id%3D6622332%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D6b1b60f5-142f-4001-a0b0-6b58e2b9cb2b%26mt_cid%3D6b1b60f5-142f-4001-a0b0-6b58e2b9cb2b%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DC7NHmLxT1YKqHHMaz-gaz1JG4DM-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItNDA3MDUwMjQ5MzY1MzQ3NMgBCagDAaoEqAFP0B-DkY7VUCMFwGWwO0CKcp5T6rAzPZ9lzP_I6foi6bKU12KQ91hvL9R3j0ezeQxec7y463tA6JN8vu7cH6W6MNbF8-1x3CetHCJTx2qXswls0c9zyVeRO9ZCjNO6z3J_bBPoUflBW1o3J6nUl6Ic3icqW1RoTXwQqXwpQOkUcMCHhyn3oB8XgfeXM_gc2ETudRPnkY_hBXWqJHz40MjZA40UCyijuY-ABsrr6dDusIOqiQGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0gLWKK3aLhLGI9h9GLHlQXSyapnA%2526client%253Dca-pub-4070502493653474%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fnotes.io%2F&ancestorOrigins=https%3A%2F%2Fnotes.io&random=5127343488226&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Expires: Mon, 19 Jul 2021 06:57:03 +0200

GET
H3-29

200

activityi;dc_pre=CO-epNq57vECFVYr4AodsBcMTQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8233090933723.837 Show response
8019191.fls.doubleclick.net/ Frame C3C5
Redirect Chain

https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8233090933723.837?
https://8019191.fls.doubleclick.net/activityi;dc_pre=CO-epNq57vECFVYr4AodsBcMTQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8233090933723.837?

391 B
346 B

70ms
55ms

Document
text/html

142.250.186.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8019191.fls.doubleclick.net/activityi;dc_pre=CO-epNq57vECFVYr4AodsBcMTQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8233090933723.837?

Requested by

Host: notes.io
URL: https://notes.io/XxC7

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f6.1e100.net

Software

cafe /

Resource Hash

d9e92c95f688fe7310e77e5c20054a8e03a44a6307fcba8b41376cbbf00c1c32

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 8019191.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CO-epNq57vECFVYr4AodsBcMTQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8233090933723.837?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUn2H8c8RfvEwKmdaqZ8gEiBk0ShIxua2YG_QotCSo8XZfUaX4HAbSYpbYh5KMo
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 19 Jul 2021 05:57:04 GMT
expires: Mon, 19 Jul 2021 05:57:04 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 323
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 19 Jul 2021 05:57:03 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://8019191.fls.doubleclick.net/activityi;dc_pre=CO-epNq57vECFVYr4AodsBcMTQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8233090933723.837?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK request_content.php Show response
hal900024.redintelligence.net/ Frame C764 4 KB
2 KB 34ms
12ms Document
text/html 138.201.84.252
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900024.redintelligence.net/request_content.php?s=37756700023257700951389011660024&a=da1e7f2d
Requested by: Host: hal900024.redintelligence.net
URL: https://hal900024.redintelligence.net/request.php?zone=ajk4xlebn4mw&nw=20&renderingType=javascript&namespace=24c5fc1cc0&subid=&uid=e0911de075dd4578&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=BAAAAAAAAAAAAAAAAAluAA%2F%2F%2F%2F%2F%2F%2BABgCeAJ4Ang&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D1564958194106604084%26mt_id%3D6622332%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D6b1b60f5-142f-4001-a0b0-6b58e2b9cb2b%26mt_cid%3D6b1b60f5-142f-4001-a0b0-6b58e2b9cb2b%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DC7NHmLxT1YKqHHMaz-gaz1JG4DM-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItNDA3MDUwMjQ5MzY1MzQ3NMgBCagDAaoEqAFP0B-DkY7VUCMFwGWwO0CKcp5T6rAzPZ9lzP_I6foi6bKU12KQ91hvL9R3j0ezeQxec7y463tA6JN8vu7cH6W6MNbF8-1x3CetHCJTx2qXswls0c9zyVeRO9ZCjNO6z3J_bBPoUflBW1o3J6nUl6Ic3icqW1RoTXwQqXwpQOkUcMCHhyn3oB8XgfeXM_gc2ETudRPnkY_hBXWqJHz40MjZA40UCyijuY-ABsrr6dDusIOqiQGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0gLWKK3aLhLGI9h9GLHlQXSyapnA%2526client%253Dca-pub-4070502493653474%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fnotes.io%2F&ancestorOrigins=https%3A%2F%2Fnotes.io&random=5127343488226&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.252 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.252.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 04f470114558348d6e2e8d6dd890f626c5f6c06040061d4f2173319ad9baa832

Request headers

Host: hal900024.redintelligence.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: 8lcfmzhxc8d6_uid=9c28e9f2c6248064
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

Date: Mon, 19 Jul 2021 05:57:03 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Mon, 19 Jul 2021 06:57:03 +0200
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1499
Connection: close
Content-Type: text/html; charset=utf-8

GET
DATA 200
OK truncated
/ Frame BD9B 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 77b9e876a393847b38fc0945399141595eb430056ace2f224ae2c6c55cdabbc0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK S-728x90.gif
cdn.contentspread.net/24i/content/soberfb/DE/ Frame C764 24 KB
24 KB 52ms
16ms Image
image/gif 85.114.131.234
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.contentspread.net/24i/content/soberfb/DE/S-728x90.gif
Requested by: Host: hal900024.redintelligence.net
URL: https://hal900024.redintelligence.net/request_content.php?s=37756700023257700951389011660024&a=da1e7f2d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 85.114.131.234 Schopfheim, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: srv21038.dus4.fastwebserver.de
Software: nginx /
Resource Hash: 7c67dc1e9ecce0d3757d97792fd606effaa6fe799ebe7423aff81e26e07900a1

Request headers

Referer: https://hal900024.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 19 Jul 2021 05:57:04 GMT
Last-Modified: Mon, 23 Jul 2018 15:19:29 GMT
Server: nginx
ETag: "5b55f201-5f90"
Content-Type: image/gif
Connection: close
Accept-Ranges: bytes
Content-Length: 24464

GET
H/1.1 200
OK viewability Show response
hal900024.redintelligence.net/ Frame C764 0
150 B 36ms
14ms Script
text/html 138.201.84.252
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900024.redintelligence.net/viewability?s=37756700023257700951389011660024&a=527065bd&vb=m
Requested by: Host: hal900024.redintelligence.net
URL: https://hal900024.redintelligence.net/request_content.php?s=37756700023257700951389011660024&a=da1e7f2d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.252 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.252.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hal900024.redintelligence.net/request_content.php?s=37756700023257700951389011660024&a=da1e7f2d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 19 Jul 2021 05:57:04 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
DATA 200
OK truncated
/ Frame C764 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK addDoubleBorder.js Show response
cdn.contentspread.net/24i/tools/js/ Frame C764 851 B
1 KB 44ms
10ms Script
application/javascript 85.114.131.234
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.contentspread.net/24i/tools/js/addDoubleBorder.js
Requested by: Host: hal900024.redintelligence.net
URL: https://hal900024.redintelligence.net/request_content.php?s=37756700023257700951389011660024&a=da1e7f2d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 85.114.131.234 Schopfheim, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: srv21038.dus4.fastwebserver.de
Software: nginx /
Resource Hash: abaa484421865309a7781e540844f1b5260ed131080f8dd9f083d8f18beea107

Request headers

Referer: https://hal900024.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 19 Jul 2021 05:57:04 GMT
Last-Modified: Tue, 03 May 2016 20:54:50 GMT
Server: nginx
ETag: "5729101a-353"
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 851

GET
H3-29 200 dc_pre=CO-epNq57vECFVYr4AodsBcMTQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8233090933723.837
adservice.google.com/ddm/fls/z/ Frame C3C5 42 B
63 B 30ms
16ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CO-epNq57vECFVYr4AodsBcMTQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8233090933723.837

Requested by

Host: 8019191.fls.doubleclick.net
URL: https://8019191.fls.doubleclick.net/activityi;dc_pre=CO-epNq57vECFVYr4AodsBcMTQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8233090933723.837?

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8019191.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Jul 2021 05:57:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

69 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			notes.io/	1969-12-31 23:59:59	Name: PHPSESSID Value: j0amsdb3ae8k3k01npfvfo830f

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8019191.fls.doubleclick.net
adservice.google.com
adservice.google.de
ajax.cloudflare.com
cdn.contentspread.net
googleads.g.doubleclick.net
hal9000.redintelligence.net
hal900024.redintelligence.net
notes.io
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.mathtag.com
ssl.google-analytics.com
stats.g.doubleclick.net
tags.mathtag.com
tpc.googlesyndication.com
www.google.com
www.google.de
www.googletagservices.com
136.243.149.243
138.201.84.252
142.250.184.226
142.250.186.70
185.29.133.223
2.18.233.201
2606:4700:3030::ac43:b188
2606:4700::6810:a723
2a00:1450:4001:801::2001
2a00:1450:4001:802::2002
2a00:1450:4001:808::2002
2a00:1450:4001:810::2002
2a00:1450:4001:810::2003
2a00:1450:4001:812::2002
2a00:1450:4001:813::2002
2a00:1450:4001:813::2004
2a00:1450:4001:827::2002
2a00:1450:4001:828::2002
2a00:1450:4001:828::2004
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2008
2a00:1450:4001:830::2001
2a00:1450:4001:831::2002
2a00:1450:400c:c08::9c
85.114.131.234
04f470114558348d6e2e8d6dd890f626c5f6c06040061d4f2173319ad9baa832
0a895770cc52fa3e5f4a67694a21f9c6eb0809e4b95b769d0d8237c0f424c42f
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
158f11817e30926c37f49be07c92f1135b1c01c44da92cdf6f8255a93304b75c
1965e80c92918a1a60f31223692c1239f514f5d1d2ee96647994a768aed9a9d7
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
20b3bad1427e2212dd847357841f993f025b5061c4af1d382dcc727e102cc1e4
210ce18fc43f351e1779820524493a298b577ff52fbcf977c89e16c40c6b5174
242ed9a2483dd9ea5f4173423d8a721d1951f2e69d88d53bb6f6da4c3b003468
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2c7700b4f17c98726894ffd50bbb33856f758fc61f90ad86829ce84db18e1b10
30d824b75df9c7f0c81b3708ef12d2792aee07f9074adb24a09de58191a3cfe4
3147c480445ad3bf877b6e076da47127603baee9a754095cc854f1a281ca6b2e
38d957a0a795de46c56609bcb815c3f256ab0aca9f05d68addc63d723745a06d
3a2d8b60bb224bcc3223cab505b515f93ae1f369b4d7bc4f193678dda44a8aa6
41fb5e4b3f3c89d790b0421abe2100d6f2ca3260040541dcc965a9d376eff7fb
42ae8ff6ab42a1788012299b4be64fa1571d1eab8c6d66be656d02ff10d4285e
46d72aae9d4a3d95505f41765ef9f541d3bde5b21ddfa63ca2ac5b9b2fed6003
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
539c52ba73b61fcd68a4265787489c14307b853d0d1d6c38b36ce5315611b9bf
53e69dacf2d972a15757ffbc6d4079e8a0279bdc7b688e48ff1149f32bcaea0f
543bc5bfa2be2fbfa562f1883e14d73235ca89bf39969296f433d9a2794d4c9a
57aceb6d03b2c079e742658b4e52b8ecd9ba903302c4c43a661b071941b01c4c
5e3483b903087992179e337c5b50d3d1768181543b2615915bb53529190fabee
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
67fd821b8cbf7173173b93ab14e85ec18d6a244a7f5d9389e8048f5d9c38fbdc
681cae5c55150b5d838157676ff454912fbdea5b9e8c50cc8b225e5256ba3c4c
6ff089bcfcb26707452665559b17eb926a412d9dd3f2f810616c55a07b51cdc6
73cd89689be960bb735058fd993ad51ae1f49b061fa000a88fe7ce3b4b671124
743c8064e2b1f38a1b44de4d4ac3a99bb9c11a69a16360433076b5d93b815181
75913336756871c8e107493ce476f32784b526d5431dca6cddd8a9c4eb383006
77958bf68663ac66add06e72ec2e94521f8d709fda64ebe3b8fa60fb22e46b7f
77b9e876a393847b38fc0945399141595eb430056ace2f224ae2c6c55cdabbc0
789882a15d9931a084d417b8ee65bfc323cd64013ef79a781aaea66ec07dee2f
7b1916d5a5a97048327e74b168dd38fe0067ac06db81f57f72108f23410cff79
7c67dc1e9ecce0d3757d97792fd606effaa6fe799ebe7423aff81e26e07900a1
8cacfa400f8759f593f2f89f7984d412c8a2b68c4066108dd0b9e35ec9d22782
98f55ac24900e07eacb9ba779ad017a5120824c93b3b9788ae44d49b395c3542
9b90937bdac082504869f2e7f5ab0cdae955ca4081694733ffd27a521e90dbaf
a2e6f4e3b47708f456723686f7229139f65c9590fd610ad4483aa37ab623100e
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a647d8c02d3b6a1fa82f0b50b631ef432082cd9ff1ab584778851ce7f5d0a26d
a88d92e2876436beeb002b35dd4161535db42e6dd90ebd024ee57e96133fee01
abaa484421865309a7781e540844f1b5260ed131080f8dd9f083d8f18beea107
afb2ca57a17df4ec594641ffa0ed6410fb85d072e8105affb26f03811edaafb3
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b6904dd3786abf2a13d9e3eebc371d27f65ffa4bae3d23ce1aa3f69b8b4962a9
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
b90953c3a08c054df1002a0fca03d4492ea719aac257f000706550a0a2011b7e
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cd1e65fd03eb5e219a3ea73711a044bbdba580de75e7d0108bc2ce2a99fd73fe
d913d2d33b32c6160975927f9e93f810f92893e70771aefc39fbb9b3cdcf4629
d9e92c95f688fe7310e77e5c20054a8e03a44a6307fcba8b41376cbbf00c1c32
db07a0f9d2bfd471742e819ccd161fb39a71cf278bf7c8e8e28a874986cf7ed3
db2ba4889dd6b787459213e432032ea294061cedf2b335b423c93e923d36472a
dd43d486434121095a1a87b10d00af75be9b3876da1b100cabdad4fc1ec08699
df720775feafe2fbda5ed706fa3a22baaadb1f49a20089426426ee159dfda16e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5ecfcec3e27fe9897118aabcbd06b14a055e27fdff3fbfd82e4b35336c3f7fe
ee07009e9fe79b9909bafdb282106c95dac83f905c6ac665e1257ac862ed50e1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5eb697ffa5c4ba8a2c5badd8ab713a612934c1e0e54f57e082b3ba736a83f51
fb00fe51694e9a062bdd78d55e256b8b9b512907f1f886c952b1e6184fa4f3f4

notes.io Open in urlscan Pro 2606:4700:3030::ac43:b188 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

70 Requests

100 %HTTPS

72 %IPv6

12 Domains

19 Subdomains

24 IPs

4 Countries

581 kBTransfer

1116 kBSize

1 Cookies

3 Outgoing links

Redirected requests

70 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

notes.io Open in urlscan Pro
2606:4700:3030::ac43:b188 Public Scan

Screenshot
Live screenshot

Full Image

70
Requests

100 %
HTTPS

72 %
IPv6

12
Domains

19
Subdomains

24
IPs

4
Countries

581 kB
Transfer

1116 kB
Size

1
Cookies

70 HTTP transactions
2 data transactions