notes.io Open in urlscan Pro
2606:4700:3030::ac43:b188 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://notes.io/JaMr
Submission: On September 23 via manual (September 23rd 2021, 9:22:12 am UTC) from US — Scanned from DE

Summary HTTP 92 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 24 IPs in 6 countries across 23 domains to perform 92 HTTP transactions. The main IP is 2606:4700:3030::ac43:b188, located in United States and belongs to CLOUDFLARENET, US. The main domain is notes.io.
TLS certificate: Issued by R3 on September 3rd 2021. Valid for: 3 months.

This is the only time notes.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
34	2606:4700:303... 2606:4700:3030::ac43:b188	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:400c:c01::9c	15169 (GOOGLE) (GOOGLE)
1 3	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
3	185.29.134.245 185.29.134.245	30419 (MEDIAMATH...) (MEDIAMATH-INC)
4	144.76.104.53 144.76.104.53	24940 (HETZNER-AS) (HETZNER-AS)
1	2.18.233.201 2.18.233.201	16625 (AKAMAI-AS) (AKAMAI-AS)
3	176.9.26.250 176.9.26.250	24940 (HETZNER-AS) (HETZNER-AS)
2 2	145.239.193.130 145.239.193.130	16276 (OVH) (OVH)
1	88.198.250.30 88.198.250.30	24940 (HETZNER-AS) (HETZNER-AS)
1 2	2a01:4f8:d0a:... 2a01:4f8:d0a:2321::2	24940 (HETZNER-AS) (HETZNER-AS)
1	167.233.14.134 167.233.14.134	24940 (HETZNER-AS) (HETZNER-AS)
1 2	142.250.186.134 142.250.186.134	15169 (GOOGLE) (GOOGLE)
1 1	94.23.99.218 94.23.99.218	16276 (OVH) (OVH)
1	54.76.176.197 54.76.176.197	16509 (AMAZON-02) (AMAZON-02)
1	104.111.239.217 104.111.239.217	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
1 1	63.32.201.39 63.32.201.39	16509 (AMAZON-02) (AMAZON-02)
6	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
2 2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
2 2	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
1 1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	79.137.68.187 79.137.68.187	16276 (OVH) (OVH)
92	24

34 2606:4700:3030::ac43:b188 (United States)

ASN13335 (CLOUDFLARENET, US)

notes.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c01::9c (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.29.134.245 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)

tags.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 144.76.104.53 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.53.104.76.144.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.233.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 176.9.26.250 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.250.26.9.176.clients.your-server.de

hal900014.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 145.239.193.130 (France) 2 redirects

ASN16276 (OVH, FR)

pv.medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.198.250.30 (Schwaig, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88-198-250-30.clients.your-server.de

pb.media01.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a01:4f8:d0a:2321::2 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)

cdn.retailads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 167.233.14.134 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: lb-2.futalis.de

futalis.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.134 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f6.1e100.net

8019191.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.23.99.218 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip218.ip-94-23-99.eu

medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.76.176.197 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-176-197.eu-west-1.compute.amazonaws.com

ad-server.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.239.217 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-239-217.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.32.201.39 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-63-32-201-39.eu-west-1.compute.amazonaws.com

pixel.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.253.211 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 79.137.68.187 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: gcm9.host.hit.gemius.pl

googlecm.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
34	notes.io notes.io	266 KB
16	doubleclick.net 2 redirects googleads.g.doubleclick.net stats.g.doubleclick.net 8019191.fls.doubleclick.net cm.g.doubleclick.net	25 KB
14	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	187 KB
7	redintelligence.net hal9000.redintelligence.net hal900014.redintelligence.net	53 KB
6	google.com 1 redirects www.google.com adservice.google.com	3 KB
4	mathtag.com tags.mathtag.com pixel.mathtag.com	3 KB
3	medialead.de 3 redirects pv.medialead.de medialead.de	2 KB
3	google.de www.google.de adservice.google.de	2 KB
2	openx.net 2 redirects rtb.openx.net	762 B
2	rlcdn.com 2 redirects id.rlcdn.com	887 B
2	retailads.net 1 redirects cdn.retailads.net	5 KB
2	googletagservices.com www.googletagservices.com	67 KB
2	google-analytics.com 1 redirects ssl.google-analytics.com	17 KB
1	gemius.pl 1 redirects googlecm.hit.gemius.pl	338 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com	457 B
1	everesttech.net 1 redirects pixel.everesttech.net	376 B
1	googleapis.com fonts.googleapis.com	904 B
1	awin1.com www.awin1.com	704 B
1	ad-server.eu ad-server.eu	312 B
1	futalis.de futalis.de	409 B
1	media01.eu pb.media01.eu	629 B
1	googleadservices.com partner.googleadservices.com	655 B
0	quantserve.com Failed cms.quantserve.com Failed
92	23

	Domain	Requested by
34	notes.io	notes.io
10	pagead2.googlesyndication.com	notes.io pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net
7	googleads.g.doubleclick.net	pagead2.googlesyndication.com notes.io
6	cm.g.doubleclick.net	googleads.g.doubleclick.net
4	hal9000.redintelligence.net	notes.io hal900014.redintelligence.net
4	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net
3	hal900014.redintelligence.net	hal9000.redintelligence.net hal900014.redintelligence.net
3	tags.mathtag.com	googleads.g.doubleclick.net tags.mathtag.com
3	adservice.google.com	pagead2.googlesyndication.com 8019191.fls.doubleclick.net
3	www.google.com	1 redirects tpc.googlesyndication.com googleads.g.doubleclick.net
2	rtb.openx.net	2 redirects
2	id.rlcdn.com	2 redirects
2	8019191.fls.doubleclick.net	1 redirects notes.io
2	cdn.retailads.net	1 redirects futalis.de
2	pv.medialead.de	2 redirects
2	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
2	adservice.google.de	pagead2.googlesyndication.com
2	ssl.google-analytics.com	1 redirects notes.io
1	googlecm.hit.gemius.pl	1 redirects
1	pixel.rubiconproject.com	1 redirects
1	pixel.everesttech.net	1 redirects
1	fonts.googleapis.com	hal900014.redintelligence.net
1	www.awin1.com	googleads.g.doubleclick.net
1	ad-server.eu	googleads.g.doubleclick.net
1	medialead.de	1 redirects
1	futalis.de	hal900014.redintelligence.net
1	pb.media01.eu	hal900014.redintelligence.net
1	pixel.mathtag.com	tags.mathtag.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.google.de
1	stats.g.doubleclick.net	1 redirects
0	cms.quantserve.com Failed	googleads.g.doubleclick.net
92	32

This site contains links to these domains. Also see Links.

Domain
directmessage.xyz
www.metromedya.com

Subject Issuer	Validity	Valid
*.notes.io R3	`2021-09-03` - `2021-12-02`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.mathtag.com DigiCert SHA2 Secure Server CA	`2020-04-15` - `2022-04-22`	2 years	crt.sh
redintelligence.net R3	`2021-08-20` - `2021-11-18`	3 months	crt.sh
pixel.mathtag.com DigiCert SHA2 Secure Server CA	`2021-06-29` - `2022-07-07`	a year	crt.sh
*.media01.eu RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-05-27` - `2022-05-27`	a year	crt.sh
futalis.de R3	`2021-09-10` - `2021-12-09`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
ad-server.eu R3	`2021-08-17` - `2021-11-15`	3 months	crt.sh
www.awin1.com DigiCert SHA2 Secure Server CA	`2021-06-11` - `2022-06-16`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-08-30` - `2021-11-22`	3 months	crt.sh
cdn.retailads.net Encryption Everywhere DV TLS CA - G1	`2021-07-17` - `2022-07-17`	a year	crt.sh

This page contains 15 frames:

Primary Page: https://notes.io/JaMr
Frame ID: 6EF07C35E986563F2DF7163557329EF8
Requests: 50 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210921/r20190131/zrt_lookup.html
Frame ID: EB5BB76B5D67B7951C7634A63DE5D860
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4070502493653474&output=html&h=200&slotname=3868234696&adk=549409105&adf=954533980&pi=t.ma~as.3868234696&w=1200&fwrn=4&lmt=1632388928&rafmt=11&psa=0&format=1200x200&url=https%3A%2F%2Fnotes.io%2FJaMr&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632388927996&bpp=4&bdt=186&idt=69&shv=r20210921&mjsv=m202109210101&ptt=9&saldr=aa&abxe=1&correlator=7993603270140&frm=20&pv=2&ga_vid=678837858.1632388928&ga_sid=1632388928&ga_hid=924834711&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=194&ady=121&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530887%2C31062896%2C21065724&oid=3&pvsid=2131072436534809&pem=426&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CoeE%7Cp&abl=XS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=TCPy1Std0c&p=https%3A//notes.io&dtd=80
Frame ID: 2734DC8DA3D87815BBDBFC31CD0A6BD7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4070502493653474&output=html&h=90&adk=3669304273&adf=1363183586&w=728&lmt=1632388928&psa=0&format=728x90&url=https%3A%2F%2Fnotes.io%2FJaMr&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632388928000&bpp=1&bdt=191&idt=82&shv=r20210921&mjsv=m202109210101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x200&correlator=7993603270140&frm=20&pv=1&ga_vid=678837858.1632388928&ga_sid=1632388928&ga_hid=924834711&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=430&ady=1647&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530887%2C31062896%2C21065724&oid=3&pvsid=2131072436534809&pem=426&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CoeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=CSYy2mqKKi&p=https%3A//notes.io&dtd=84
Frame ID: 7A00159DFF87B4D9A2D2C7CDB0F22F2D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4070502493653474&output=html&adk=1812271804&adf=3025194257&lmt=1632388928&plat=1%3A16777216%2C2%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fnotes.io%2FJaMr&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632388928009&bpp=1&bdt=199&idt=77&shv=r20210921&mjsv=m202109210101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x200%2C728x90&nras=1&correlator=7993603270140&frm=20&pv=1&ga_vid=678837858.1632388928&ga_sid=1632388928&ga_hid=924834711&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530887%2C31062896%2C21065724&oid=3&pvsid=2131072436534809&pem=426&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=81
Frame ID: 6DCF166B11CA6E9D39205EA81764FE6D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 703C170F57B6AA0DF20EE21DD080A806
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 77015F5406ECBF58348332E906AE4933
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4070502493653474&output=html&h=280&adk=1660337510&adf=3767030899&pi=t.aa~a.179182922~i.10~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1632388928&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7194745760&psa=1&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fnotes.io%2FJaMr&flash=0&fwr=0&pra=3&rh=200&rw=1488&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632388928228&bpp=2&bdt=418&idt=-M&shv=r20210921&mjsv=m202109210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6cd3a180b7c31af1-2225373fc1cb00a3%3AT%3D1632388928%3ART%3D1632388928%3AS%3DALNI_MZaOPNpKFDM5fRh8scQ96xlL5vEUw&prev_fmts=1200x200%2C728x90%2C0x0&nras=2&correlator=7993603270140&frm=20&pv=1&ga_vid=678837858.1632388928&ga_sid=1632388928&ga_hid=924834711&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=194&ady=1140&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530887%2C31062896%2C21065724&oid=3&pvsid=2131072436534809&pem=426&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=3vBaw2Z1FI&p=https%3A//notes.io&dtd=8
Frame ID: 4279E76934FD2E2C26202F4B87E56521
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4070502493653474&output=html&h=90&adk=225959210&adf=2234306316&pi=t.aa~a.4127630865~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1632388928&rafmt=1&to=qs&pwprc=7194745760&psa=1&format=1200x90&url=https%3A%2F%2Fnotes.io%2FJaMr&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632388928228&bpp=1&bdt=418&idt=1&shv=r20210921&mjsv=m202109210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6cd3a180b7c31af1-2225373fc1cb00a3%3AT%3D1632388928%3ART%3D1632388928%3AS%3DALNI_MZaOPNpKFDM5fRh8scQ96xlL5vEUw&prev_fmts=1200x200%2C728x90%2C0x0%2C1200x280&nras=3&correlator=7993603270140&frm=20&pv=1&ga_vid=678837858.1632388928&ga_sid=1632388928&ga_hid=924834711&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=194&ady=2080&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530887%2C31062896%2C21065724&oid=3&pvsid=2131072436534809&pem=426&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=RZFjrINWiB&p=https%3A//notes.io&dtd=11
Frame ID: CBAA2CF5113C28956EB2BE581A1F7058
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=C1ZxLQEdMYcjjD6aM7_UPq4mL-AvPh46bXMCG2YLGAsCNtwEQASAAYJWSk4KgB4IBF2NhLXB1Yi00MDcwNTAyNDkzNjUzNDc0yAEJqAMBqgSnAU_Q7SJBXFjUxbMIHtbrwkOXH-yCv6VmZAJztYW44pdiEG3k4UlVhTpwS6lZDmxnqcTLaxt06o00PEPHbk_F4q6BNz2XqH6gBWP9EdftQKpfgVeKSEyA5uHxlOCOScfsmZmS2t76JrHDfeG77Y5uBPzd5DC5pn-z5uLNFYH4sOy2wHZgpXQp4cS6k14dhuFvXnucepPm18WSZZADc0wZj3ZvLgfRlRgUgAbK6-nQ7rCDqokBoAYhqAemvhuoB_DZG6gH8tkbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBABgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTQwNzA1MDI0OTM2NTM0NzQYAA&sigh=OhvyC396S6U&tpd=AGWhJmv89cFghP04deSFyPny4HuGxABP9Xzhd-4g4SKb1zl8SqYxsYqB9wzVRHBirYTbevYPJe6ybaDFRDa1M79s1XdJTw0oeFAmBGUZ1B5ubUj6JX7cgKOQ3FIxEX_TLT7M8Z8Pya-5XAOfDzApozbqDIzSCeE0fzBoS_PElNNGt0_IeqNvtsbusHclzEIMW5jIg5NrVqVtgUzf48qulFDQZ39FNytO8hrKml7ZrK2jdUG2QxTTpHIyBoTHgCF4Aiy78TAH2tZ-a9KzdHkGyywnudR7ZNApt_ukn_hIVM0czAl4Ody8vGYdI6pI595asfFnMWc13SG0DoeodVezIQ52KEVuQBH9B_5ahS_bk57rn8cmCK9a8ah6wYg2-23IgGQPZwFVhhljKvEqMP4JxsEmYr_GRVE7COC7quqMZInRXJpwVKwjKikIAZWQ_cSPyZ6R1mbClSEamxiAEs7mmkOnc3jfMjoELSAThY_PDMCnK8oZCzj2EUErlJ3lf6JV6QXrNA2AlP7Z14f0UxlisjWUIzCelmgRXPI3ONHWVOUd3aBRfbXcpE8uJi_oqg3nE5bMH8Cf6t4LplgXlttcYkFr_5haAgyRhJYhd8F-ux9SIYgE9MestE9aBzrDaJmR4FYPj_XCveGUb31A2b38Vr0zXkFllEMjx358BLOEWQauYu9ef8ChOsnjxmAFiritoMVPADzFlGDDeKuyGaQkXAcNwXrCuuR0PrM1s1axg8SlPqkx8JKNEmkZqr7L2UU6zq-K3ldDZoqvejc_QhDq0kcFKIM9Jerrx3MDcihLGA6Q30gO1Ydf829xtjR549jG1AVT2_eBauGkYdxQNNYsx6rx6NV-A8a7iNozRltiiP1TpW1cIGy-6Gtec9101wSeYk9AFhI4xQqDzqZRZlPYe9vx4nNOalLczjDFIoF7Pcz6kG4FmNmKo2RrBpmaswU2QyDOpdYeOCA83nChEQtgWVo8y6M2wccDebfXpzgvpkaHV_MVxvSuzcoybuph8BHxAXtGDKfumEXckqXYZKlwoqzdGDdkzsjjy84vjaPh0iJbVccyPXVJI3D-c7_r-A
Frame ID: 1CB24D3380AE1036A8FFD2D5367CEC1C
Requests: 14 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=23567200065022400951389011726014&actionid=879111&produktid=ratenkredit&dt_url=
Frame ID: 57B0AE1BD18FF00A451B66E2CABB67C1
Requests: 1 HTTP requests in this frame

Frame: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=887443219
Frame ID: 9C600215662C189C5DDB0ACF99F2C956
Requests: 2 HTTP requests in this frame

Frame: https://8019191.fls.doubleclick.net/activityi;dc_pre=CJuf8dHilPMCFdiDhQod0BQPtA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2499830314467.728
Frame ID: 3479CADE494EC5EAEB925BAEEC73DB2A
Requests: 2 HTTP requests in this frame

Frame: https://hal900014.redintelligence.net/request_content.php?s=23567200065022400951389011726014&a=b685c7b7
Frame ID: EBAA54512AD8F2E79AD59AF2778C7665
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 6B4CD2501532E8077A1A0E40CD23B236
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Wenn Sie für ein

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

92
Requests

99 %
HTTPS

42 %
IPv6

23
Domains

32
Subdomains

24
IPs

6
Countries

629 kB
Transfer

1195 kB
Size

19
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: http://directmessage.xyz/

Search URL Search Domain Scan URL

URL: http://www.metromedya.com/en
Title: Metromedya

Search URL Search Domain Scan URL

URL: http://www.metromedya.com/tr/hizmetlerimiz/ios-uygulama-gelistirme.html
Title: ios uygulama geliştirme

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 37

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1636827750&utmhn=notes.io&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Wenn%20Sie%20f%C3%BCr%20ein&utmhid=924834711&utmr=-&utmp=%2FJaMr&utmht=1632388928024&utmac=UA-18039671-1&utmcc=__utma%3D225778053.678837858.1632388928.1632388928.1632388928.1%3B%2B__utmz%3D225778053.1632388928.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1710308589&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-18039671-1&cid=678837858.1632388928&jid=1710308589&_v=5.7.2&z=1636827750 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-18039671-1&cid=678837858.1632388928&jid=1710308589&_v=5.7.2&z=1636827750 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-18039671-1&cid=678837858.1632388928&jid=1710308589&_v=5.7.2&z=1636827750&slf_rd=1&random=1939909742

Request Chain 69

https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=23567200065022400951389011726014&t=htlp HTTP 301
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=23567200065022400951389011726014&actionid=879111&produktid=ratenkredit&dt_url=

Request Chain 70

https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=23567200065022400951389011726014 HTTP 302
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=887443219

Request Chain 71

https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2499830314467.728 HTTP 302
https://8019191.fls.doubleclick.net/activityi;dc_pre=CJuf8dHilPMCFdiDhQod0BQPtA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2499830314467.728

Request Chain 73

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=23567200065022400951389011726014 HTTP 302
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=23567200065022400951389011726014 HTTP 301
https://ad-server.eu/wm/pb/native.png

Request Chain 82

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPLJ92MW74MCbjE2XLvS5zLL-aXunz-CR03njsjAKNyc80_VabP9tR7kJIGMixrGn69IuV1kwii8LTJu1OmvW27EWBeEJduV&google_gid=CAESENGJwQLsq3l3e6m9GS0NU2k&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVV4SFFBQUFBRjNER0hSTQ&google_push=AYg5qPLJ92MW74MCbjE2XLvS5zLL-aXunz-CR03njsjAKNyc80_VabP9tR7kJIGMixrGn69IuV1kwii8LTJu1OmvW27EWBeEJduV

Request Chain 83

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPL2QyHBPTJYa-qQeA7Vr-MTvfJR5AEyNK91xre82mFmjjD3PegSvK6SWp6YgZP4mY8ASyRwoNvimFXOgHQhgZI4kJ9u0G9w&google_gid=CAESEGbhgiBhIUH2ZJNeZXxAO7E&google_cver=1 HTTP 307
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCMCOsYoGEgUI6AcQAEIASnBnb29nbGVfcHVzaD1BWWc1cVBMMlF5SEJQVEpZYS1xUWVBN1ZyLU1UdmZKUjVBRXlOSzkxeHJlODJtRm1qakQzUGVnU3ZLNlNXcDZZZ1pQNG1ZOEFTeVJ3b052aW1GWE9nSFFoZ1pJNGtKOXUwRzl3 HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwM3JsWEJWRGZ6djBaelRYV1Y2NVhSdm5oOTktWGo0ZGRlbzh1RmMzd29TQQ==&google_push

Request Chain 84

https://rtb.openx.net/sync/dds?google_gid=CAESEP8aGHubdnj4MO0hCf9p_ys&google_cver=1&google_push=AYg5qPKyH86EwzXomRqbwnokda9hcEeWsZn-QUFIKID82Cns2XDJJiH1mbrQsPTTG7-n-cVfUll8zNxd5fwHjg_koljufgLFPybx HTTP 302
https://rtb.openx.net/sync/dds?google_gid=CAESEP8aGHubdnj4MO0hCf9p_ys&google_cver=1&google_push=AYg5qPKyH86EwzXomRqbwnokda9hcEeWsZn-QUFIKID82Cns2XDJJiH1mbrQsPTTG7-n-cVfUll8zNxd5fwHjg_koljufgLFPybx&ox_sc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKyH86EwzXomRqbwnokda9hcEeWsZn-QUFIKID82Cns2XDJJiH1mbrQsPTTG7-n-cVfUll8zNxd5fwHjg_koljufgLFPybx&google_hm=kJxZhJ2gxRYbvXMi9XtQdg==

Request Chain 85

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJ3EtmP6HaaKHdkRBPUKiTQ&google_cver=1&google_push=AYg5qPJl2WWptNifIkM-S-OzOJTNWqrK2SWKnGvi-xJk4GlsO1EyNv4mz0FIfrDbdGL69AOy-bLBXgpfeDRYghtJjhCugsQ2tjqU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1RXUTdZTzgtWC1JNElZ&google_push=AYg5qPJl2WWptNifIkM-S-OzOJTNWqrK2SWKnGvi-xJk4GlsO1EyNv4mz0FIfrDbdGL69AOy-bLBXgpfeDRYghtJjhCugsQ2tjqU

Request Chain 86

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEL9StjR8hHi9I3UdcParRqY&google_cver=1&google_push=AYg5qPKGL4ja7Frw6cx0eVhAWRDjJylcDY7qmgW9achWvz4wNbJoJo4KyeRiLqtXbEUwj3_CIDMOi6XyoDYoJNeq22XCLEA8XaazYA HTTP 301
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPKGL4ja7Frw6cx0eVhAWRDjJylcDY7qmgW9achWvz4wNbJoJo4KyeRiLqtXbEUwj3_CIDMOi6XyoDYoJNeq22XCLEA8XaazYA&google_hm=

92 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request JaMr Show response
notes.io/ 14 KB
6 KB 229ms
208ms Document
text/html 2606:4700:3030::ac43:b188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://notes.io/JaMr

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:b188 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.3.20

Resource Hash

e7f724efe4d77a4100d8833d4d404c3070f6c1e65816901518c56673198eeae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

:method: GET
:authority: notes.io
:scheme: https
:path: /JaMr
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Thu, 23 Sep 2021 09:22:07 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.3.20
set-cookie: PHPSESSID=bo7hc4v6bqm8iltum3n78l6nlg; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
strict-transport-security: max-age=63072000
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wccct6Sy1rC9H5ff7vQ%2BWGfNy5fgxW0zAxeNcSyHwekuuX8i247PcDET857oHyAvSglPG3bX4nQVJVxHJIHN6XQ92ZyYz7ylTemy8J15%2BJaIEe2BL1NhXtVlntS0Unqz99bD7KwnJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6932b4ed8bc34eaf-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 notes.min.css
notes.io/theme/styles/ 12 KB
4 KB 39ms
37ms Stylesheet
text/css 2606:4700:3030::ac43:b188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://notes.io/theme/styles/notes.min.css?id=483170977
Requested by: Host: notes.io
URL: https://notes.io/JaMr
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:b188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41fb5e4b3f3c89d790b0421abe2100d6f2ca3260040541dcc965a9d376eff7fb

Request headers

:path: /theme/styles/notes.min.css?id=483170977
pragma: no-cache
cookie: PHPSESSID=bo7hc4v6bqm8iltum3n78l6nlg
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: notes.io
referer: https://notes.io/JaMr
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://notes.io/JaMr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 09:22:07 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Mon, 10 May 2021 22:52:36 GMT
server: cloudflare
etag: W/"6099b934-2e85"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vJXpDTYY9vRA5DwcpW1KTeQM4tgq1g97sPK82T8zYNKAJBfcq1oiLYYWf57wsjad%2FYLMCjmIYuS7XhKRkcm%2FX2sXWty%2BO5ll34rYLaEJSCAG4AFGQfS5GX%2B29cqJEB4qbJns42Fm3A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000, no-transform
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6932b4eefe674eaf-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Fri, 23 Sep 2022 09:22:07 GMT

GET
H2 200 whatisnotesio.png
notes.io/theme/images/ 2 KB
2 KB 29ms
27ms Image
image/png 2606:4700:3030::ac43:b188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://notes.io/theme/images/whatisnotesio.png
Requested by: Host: notes.io
URL: https://notes.io/JaMr
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:b188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 158f11817e30926c37f49be07c92f1135b1c01c44da92cdf6f8255a93304b75c

Request headers

:path: /theme/images/whatisnotesio.png
pragma: no-cache
cookie: PHPSESSID=bo7hc4v6bqm8iltum3n78l6nlg
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: notes.io
referer: https://notes.io/JaMr
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://notes.io/JaMr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 09:22:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8279061
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 2110
last-modified: Fri, 21 Feb 2020 23:16:01 GMT
server: cloudflare
etag: "5e5064b1-83e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=suJR0pwAGbRqnJ%2FCimdcX63%2B5t9erraPSLRZPlVJ77F%2FGiU1QD0tPIs7qyjbkOxd2pKL8BbPRUrKorwOdNIpyxIOFB8o1MImdRlpdm5TgiEeiif286SNfALezdhK3rwjesuD2kypdw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000, no-transform
accept-ranges: bytes
cf-ray: 6932b4eefe6a4eaf-FRA
expires: Sun, 19 Jun 2022 13:37:46 GMT

GET
H2 200 logo.png
notes.io/theme/images/ 7 KB
8 KB 30ms
28ms Image
image/png 2606:4700:3030::ac43:b188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://notes.io/theme/images/logo.png
Requested by: Host: notes.io
URL: https://notes.io/JaMr
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:b188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 77958bf68663ac66add06e72ec2e94521f8d709fda64ebe3b8fa60fb22e46b7f

Request headers

:path: /theme/images/logo.png
pragma: no-cache
cookie: PHPSESSID=bo7hc4v6bqm8iltum3n78l6nlg
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: notes.io
referer: https://notes.io/JaMr
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://notes.io/JaMr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 09:22:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5366562
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 7639
last-modified: Fri, 21 Feb 2020 23:11:38 GMT
server: cloudflare
etag: "5e5063aa-1dd7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SFaJi7f4dKBoislYPIagqSZIMiKp%2FYkIc1dEwWFLsJtvtAbRVaxvTF0MkWZfxSCUsOrVpwb78vVPIExrnbUhUVvTWp2j%2B0lyeJLYkcKm%2BDchGxWaxmW2dEWXBkGEVDQ8QrfLfx5UmA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000, no-transform
accept-ranges: bytes
cf-ray: 6932b4eefe6e4eaf-FRA
expires: Sat, 23 Jul 2022 06:39:25 GMT

GET
H2 200 fastEasyShort.png
notes.io/theme/images/ 1 KB
2 KB 29ms
27ms Image
image/png 2606:4700:3030::ac43:b188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://notes.io/theme/images/fastEasyShort.png
Requested by: Host: notes.io
URL: https://notes.io/JaMr
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:b188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db07a0f9d2bfd471742e819ccd161fb39a71cf278bf7c8e8e28a874986cf7ed3

Request headers

:path: /theme/images/fastEasyShort.png
pragma: no-cache
cookie: PHPSESSID=bo7hc4v6bqm8iltum3n78l6nlg
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: notes.io
referer: https://notes.io/JaMr
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://notes.io/JaMr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 09:22:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8279061
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1353
last-modified: Mon, 24 Feb 2020 22:01:03 GMT
server: cloudflare
etag: "5e54479f-549"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EreU3wYWO8wcP7p2lOQVJrSaxVcA2i8GJqi%2F4odytU56NWb0%2F9nX1meEpQ%2B%2BtmjGkN0uemJzIFROzPOs8X%2FEQe2YWrXXv1oUx4O3rDD4dtZ3kIfCD%2B3WPpi3RFN4hgrvuiVq91e2jA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000, no-transform
accept-ranges: bytes
cf-ray: 6932b4eefe6f4eaf-FRA
expires: Sun, 19 Jun 2022 13:37:46 GMT

GET
H2 200 background.jpg
notes.io/theme/images/ 96 KB
96 KB 21ms
19ms Image
image/jpeg 2606:4700:3030::ac43:b188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://notes.io/theme/images/background.jpg
Requested by: Host: notes.io
URL: https://notes.io/JaMr
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:b188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2c7700b4f17c98726894ffd50bbb33856f758fc61f90ad86829ce84db18e1b10

Request headers

:path: /theme/images/background.jpg
pragma: no-cache
cookie: PHPSESSID=bo7hc4v6bqm8iltum3n78l6nlg
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: notes.io
referer: https://notes.io/JaMr
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://notes.io/JaMr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 09:22:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8279061
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 98299
last-modified: Fri, 21 Feb 2020 23:11:10 GMT
server: cloudflare
etag: "5e50638e-17ffb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6FxaaMwYobEM9zwjunRQPm9xFMYik1mVGWsKPoq%2FovvV0ddnF1B1n3lmprme%2B75s9iFlZtItuzEKCeglGDYbtmYqdRtPK5lkr5%2BnZWNe2HJ05lbA5tJfDXHzYQJSBtdGTtgxifmNrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000, no-transform
accept-ranges: bytes
cf-ray: 6932b4eefe704eaf-FRA
expires: Sun, 19 Jun 2022 13:37:46 GMT

GET
H2 200 ajax-loader.gif
notes.io/theme/images/ 2 KB
2 KB 28ms
27ms Image
image/gif 2606:4700:3030::ac43:b188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://notes.io/theme/images/ajax-loader.gif
Requested by: Host: notes.io
URL: https://notes.io/JaMr
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:b188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db2ba4889dd6b787459213e432032ea294061cedf2b335b423c93e923d36472a

Request headers

:path: /theme/images/ajax-loader.gif
pragma: no-cache
cookie: PHPSESSID=bo7hc4v6bqm8iltum3n78l6nlg
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: notes.io
referer: https://notes.io/JaMr
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://notes.io/JaMr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 09:22:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8279061
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1785
last-modified: Fri, 21 Feb 2020 23:16:02 GMT
server: cloudflare
etag: "5e5064b2-6f9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fU%2ByZZMPwApOgV1mIw1qNzoQH2ZuiF%2BygjSUcvTMPVP9Z3sS6b%2FVyjMioTDqmogXTDVxbOfH%2BoRHMenQx6ZZeDdFry%2FVC3TJhDclTxnmqeujOZRBD31A7Bk0U5XH7om%2FApW0QPUfCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=31536000, no-transform
accept-ranges: bytes
cf-ray: 6932b4eefe714eaf-FRA
expires: Sun, 19 Jun 2022 13:37:46 GMT

GET
H2 200 directMessageBanner.jpg
notes.io/theme/banners/ 61 KB
61 KB 29ms
28ms Image
image/jpeg 2606:4700:3030::ac43:b188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://notes.io/theme/banners/directMessageBanner.jpg
Requested by: Host: notes.io
URL: https://notes.io/JaMr
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:b188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 98f55ac24900e07eacb9ba779ad017a5120824c93b3b9788ae44d49b395c3542

Request headers

:path: /theme/banners/directMessageBanner.jpg
pragma: no-cache
cookie: PHPSESSID=bo7hc4v6bqm8iltum3n78l6nlg
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: notes.io
referer: https://notes.io/JaMr
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://notes.io/JaMr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 09:22:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8279061
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 62530
last-modified: Thu, 06 May 2021 21:23:20 GMT
server: cloudflare
etag: "60945e48-f442"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NoRlj%2FXB8PG0S%2FHSdemZBXz2oM1WmwcGINYzIApEF5xhWFYsBcDQ5MYBfEL2BWctP5kPf8r0W5gwHHcX1W5MiUMjlSOOMUgIuZ9EBhfc8bMlkjM3jVCzrvlKDl3kPj1hSZTk7nZizg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000, no-transform
accept-ranges: bytes
cf-ray: 6932b4eefe724eaf-FRA
expires: Sun, 19 Jun 2022 13:37:46 GMT

GET
H2 200 email-decode.min.js Show response
notes.io/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 13ms
11ms Script
application/javascript 2606:4700:3030::ac43:b188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://notes.io/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: notes.io
URL: https://notes.io/JaMr

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:b188 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

:path: /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
pragma: no-cache
cookie: PHPSESSID=bo7hc4v6bqm8iltum3n78l6nlg
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: notes.io
referer: https://notes.io/JaMr
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://notes.io/JaMr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 09:22:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 17 Sep 2021 09:29:40 GMT
server: cloudflare
etag: W/"61446004-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4Y6Se1OAVLKrlnF4FkFltGOoHWhTGjysDgv4dT3FHrfSNYM693bVjumBNYoMG5iDo26U9fgpY0hTX5K93fN%2BmbHjUNDp4w6jp28%2FGAfowfAPlmrdowSqNOxNtGqE7iS2Ib9ECiuRTg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800 public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6932b4eefe6c4eaf-FRA
vary: Accept-Encoding
expires: Sat, 25 Sep 2021 09:22:07 GMT

GET
H2 200 rocket-loader.min.js Show response
notes.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 13ms
12ms Script
application/javascript 2606:4700:3030::ac43:b188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://notes.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: notes.io
URL: https://notes.io/JaMr

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:b188 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

:path: /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
pragma: no-cache
cookie: PHPSESSID=bo7hc4v6bqm8iltum3n78l6nlg
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: notes.io
referer: https://notes.io/JaMr
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://notes.io/JaMr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 09:22:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 17 Sep 2021 09:29:40 GMT
server: cloudflare
etag: W/"61446004-302c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HDRKuLUselrpuh4I%2B4B5XpRBaVv5oeLKL2PhUYYV086ntQV0MySHpbhMAXcA3GzWOqR47kiRYB5C53o3tO6J%2Bs%2BVnFT2%2By6D032gNGalQ%2F04z6Df%2BXlC1ZyGATf0Aw40M5laPdWHkA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800 public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6932b4eefe734eaf-FRA
vary: Accept-Encoding
expires: Sat, 25 Sep 2021 09:22:07 GMT

GET
H2 200 barsol.png
notes.io/theme/images/ 264 B
594 B 14ms
13ms Image
image/png 2606:4700:3030::ac43:b188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://notes.io/theme/images/barsol.png
Requested by: Host: notes.io
URL: https://notes.io/theme/styles/notes.min.css?id=483170977
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:b188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 57aceb6d03b2c079e742658b4e52b8ecd9ba903302c4c43a661b071941b01c4c

Request headers

:path: /theme/images/barsol.png
pragma: no-cache
cookie: PHPSESSID=bo7hc4v6bqm8iltum3n78l6nlg
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: notes.io
referer: https://notes.io/theme/styles/notes.min.css?id=483170977
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://notes.io/theme/styles/notes.min.css?id=483170977
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 09:22:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8279060
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 264
last-modified: Fri, 21 Feb 2020 23:28:32 GMT
server: cloudflare
etag: "5e5067a0-108"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VeX750mxpxEToEUOel76uCZOQFgWTX5GVOF1QoiRpWmUncS%2FtpEeQbgL7bEh8vWjAE5AtTpR5DznwgKqdaG5%2FX7Qckb3aBvBqeDt7egHEvKToUHAISHlEpzORtwHNbziOuoRwvgE5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000, no-transform
accept-ranges: bytes
cf-ray: 6932b4ef3ecf4eaf-FRA
expires: Sun, 19 Jun 2022 13:37:47 GMT

GET
H2 200 barback.png
notes.io/theme/images/ 133 B
503 B 13ms
12ms Image
image/png 2606:4700:3030::ac43:b188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://notes.io/theme/images/barback.png
Requested by: Host: notes.io
URL: https://notes.io/theme/styles/notes.min.css?id=483170977
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:b188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd1e65fd03eb5e219a3ea73711a044bbdba580de75e7d0108bc2ce2a99fd73fe

Request headers

:path: /theme/images/barback.png
pragma: no-cache
cookie: PHPSESSID=bo7hc4v6bqm8iltum3n78l6nlg
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: notes.io
referer: https://notes.io/theme/styles/notes.min.css?id=483170977
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://notes.io/theme/styles/notes.min.css?id=483170977
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 09:22:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8279060
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 133
last-modified: Fri, 21 Feb 2020 23:28:32 GMT
server: cloudflare
etag: "5e5067a0-85"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R6MboRuUw%2Frld0CJ5PZVCVD4T8Ny9MPizi1biJGcg9PxeztQ88cLpDf3CpzbjfiZj13nw%2FJsxZdCxOzYiD2PJQF9%2B7dUOiFHmSC8xTDUS%2FrlPZHYjo1nZ5F1pY405%2FxsLVaQEemiGw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000, no-transform
accept-ranges: bytes
cf-ray: 6932b4ef3ed24eaf-FRA
expires: Sun, 19 Jun 2022 13:37:47 GMT

GET
H2 200 share.png
notes.io/theme/images/ 4 KB
5 KB 17ms
16ms Image
image/png 2606:4700:3030::ac43:b188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://notes.io/theme/images/share.png
Requested by: Host: notes.io
URL: https://notes.io/theme/styles/notes.min.css?id=483170977
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:b188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3147c480445ad3bf877b6e076da47127603baee9a754095cc854f1a281ca6b2e

Request headers

:path: /theme/images/share.png
pragma: no-cache
cookie: PHPSESSID=bo7hc4v6bqm8iltum3n78l6nlg
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: notes.io
referer: https://notes.io/theme/styles/notes.min.css?id=483170977
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://notes.io/theme/styles/notes.min.css?id=483170977
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 09:22:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1826396
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 4346
last-modified: Fri, 21 Feb 2020 23:15:56 GMT
server: cloudflare
etag: "5e5064ac-10fa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MRND3nzGPxECJpLpr63FNgrUTXOSG7ZWE3HNGnESEyBDgP%2BOD4Fb6Mcc1HqDRLG8ZqxLzxA%2FqLeYUJ%2BMWY7k%2B61HnX7tV9aBGPVrnKb%2BAXus6wkWJAerUs4R%2By8cCgymN%2Bdzk9B3MQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000, no-transform
accept-ranges: bytes
cf-ray: 6932b4ef3ed44eaf-FRA
expires: Fri, 02 Sep 2022 06:02:11 GMT

GET
H2 200 comingsoon.png
notes.io/theme/images/ 9 KB
9 KB 15ms
13ms Image
image/png 2606:4700:3030::ac43:b188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://notes.io/theme/images/comingsoon.png
Requested by: Host: notes.io
URL: https://notes.io/theme/styles/notes.min.css?id=483170977
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:b188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b90953c3a08c054df1002a0fca03d4492ea719aac257f000706550a0a2011b7e

Request headers

:path: /theme/images/comingsoon.png
pragma: no-cache
cookie: PHPSESSID=bo7hc4v6bqm8iltum3n78l6nlg
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: notes.io
referer: https://notes.io/theme/styles/notes.min.css?id=483170977
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://notes.io/theme/styles/notes.min.css?id=483170977
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 09:22:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 887074
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 8972
last-modified: Fri, 21 Feb 2020 23:15:55 GMT
server: cloudflare
etag: "5e5064ab-230c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mAp765M4t4Fs46iorupW7zMM%2FRw2fHJTsWi7scdbjcilytqHRN%2BNvysvEbGL6B9dlHF1c43qfV4fs95jWmQCE%2F8csJ%2FuGIEk7je8gxq05X%2B3FfrGxwKhPMpebVK%2BCyRGC6B2s0UIaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000, no-transform
accept-ranges: bytes
cf-ray: 6932b4ef3ed54eaf-FRA
expires: Tue, 13 Sep 2022 02:57:33 GMT

GET
H2 200 account.png
notes.io/theme/images/ 4 KB
5 KB 15ms
13ms Image
image/png 2606:4700:3030::ac43:b188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://notes.io/theme/images/account.png
Requested by: Host: notes.io
URL: https://notes.io/theme/styles/notes.min.css?id=483170977
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:b188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a895770cc52fa3e5f4a67694a21f9c6eb0809e4b95b769d0d8237c0f424c42f

Request headers

:path: /theme/images/account.png
pragma: no-cache
cookie: PHPSESSID=bo7hc4v6bqm8iltum3n78l6nlg
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: notes.io
referer: https://notes.io/theme/styles/notes.min.css?id=483170977
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://notes.io/theme/styles/notes.min.css?id=483170977
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 09:22:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8279060
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 4421
last-modified: Fri, 21 Feb 2020 23:15:56 GMT
server: cloudflare
etag: "5e5064ac-1145"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=72aC5XScLsR6CMwqvP4VQ1B852NxLDb8mTPK6GnPnRCSXb11N56sbLKWhi3%2B2E8AyPYSRC1zlLxAWGTjO9cOE5VZMZ1BVZc2PCfDc3ADGAJu1qZNwldGBgtvWz7WIhevMJxr5%2FZ0iA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000, no-transform
accept-ranges: bytes
cf-ray: 6932b4ef3ed74eaf-FRA
expires: Sun, 19 Jun 2022 13:37:47 GMT

GET
H2 200 myNotes.png
notes.io/theme/images/ 5 KB
5 KB 16ms
14ms Image
image/png 2606:4700:3030::ac43:b188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://notes.io/theme/images/myNotes.png
Requested by: Host: notes.io
URL: https://notes.io/theme/styles/notes.min.css?id=483170977
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:b188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 789882a15d9931a084d417b8ee65bfc323cd64013ef79a781aaea66ec07dee2f

Request headers

:path: /theme/images/myNotes.png
pragma: no-cache
cookie: PHPSESSID=bo7hc4v6bqm8iltum3n78l6nlg
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: notes.io
referer: https://notes.io/theme/styles/notes.min.css?id=483170977
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://notes.io/theme/styles/notes.min.css?id=483170977
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 09:22:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8279060
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 5012
last-modified: Fri, 21 Feb 2020 23:15:56 GMT
server: cloudflare
etag: "5e5064ac-1394"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A0o%2F4HcWtuKxOd4%2F%2Bg6VGUNNWIajveiK%2B7DjIIGn761ovJxKEQg2y6VzE5aIadrWKitZPo%2BfT3zEdPerzU%2FGrH%2FJTc5q8vgmwESEkaglVTiAcvWQF84V68gSyXngT6ex6U%2FhCBjZrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000, no-transform
accept-ranges: bytes
cf-ray: 6932b4ef3ed94eaf-FRA
expires: Sun, 19 Jun 2022 13:37:47 GMT

GET
H2 200 barsag.png
notes.io/theme/images/ 281 B
842 B 19ms
17ms Image
image/png 2606:4700:3030::ac43:b188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://notes.io/theme/images/barsag.png
Requested by: Host: notes.io
URL: https://notes.io/theme/styles/notes.min.css?id=483170977
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:b188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42ae8ff6ab42a1788012299b4be64fa1571d1eab8c6d66be656d02ff10d4285e

Request headers

:path: /theme/images/barsag.png
pragma: no-cache
cookie: PHPSESSID=bo7hc4v6bqm8iltum3n78l6nlg
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: notes.io
referer: https://notes.io/theme/styles/notes.min.css?id=483170977
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://notes.io/theme/styles/notes.min.css?id=483170977
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 09:22:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1627616
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 281
last-modified: Fri, 21 Feb 2020 23:28:32 GMT
server: cloudflare
etag: "5e5067a0-119"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GZyRr%2BpL7LAL1%2FC59zWImg0NiLHm4Z9AykpEAi%2FDtRy4q7VxQEIVYMm8HS6c5wF4c0KxwHBIxqro9ocsygh73rX4d3iF5sWAtPVsQ2lbaKiOVhUuVAEUjRRtKMc98ZoeEKzIY61RCw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000, no-transform
accept-ranges: bytes
cf-ray: 6932b4ef3eda4eaf-FRA
expires: Sun, 04 Sep 2022 13:15:11 GMT

GET
H2 200 notespageback.png
notes.io/theme/images/ 94 B
419 B 17ms
15ms Image
image/png 2606:4700:3030::ac43:b188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://notes.io/theme/images/notespageback.png
Requested by: Host: notes.io
URL: https://notes.io/theme/styles/notes.min.css?id=483170977
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:b188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afb2ca57a17df4ec594641ffa0ed6410fb85d072e8105affb26f03811edaafb3

Request headers

:path: /theme/images/notespageback.png
pragma: no-cache
cookie: PHPSESSID=bo7hc4v6bqm8iltum3n78l6nlg
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: notes.io
referer: https://notes.io/theme/styles/notes.min.css?id=483170977
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://notes.io/theme/styles/notes.min.css?id=483170977
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 09:22:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2618412
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 94
last-modified: Fri, 21 Feb 2020 23:28:32 GMT
server: cloudflare
etag: "5e5067a0-5e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qz1Yt39tajbS1EfmsPcpy%2BiAIy50wz4DQM0dQD5FThC%2BTjMhO6an9Ta1K1KNm5fHdksk4mYDqFqKknrlBPh9SIWWm3vtqJtOsJSOPQ0S2%2BqdUcY9%2Fka66wleTJp5F0W7DdJHSwMjWA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000, no-transform
accept-ranges: bytes
cf-ray: 6932b4ef3edb4eaf-FRA
expires: Wed, 24 Aug 2022 02:01:55 GMT

GET
H2 200 notesline.png
notes.io/theme/images/ 157 B
484 B 19ms
18ms Image
image/png 2606:4700:3030::ac43:b188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://notes.io/theme/images/notesline.png
Requested by: Host: notes.io
URL: https://notes.io/theme/styles/notes.min.css?id=483170977
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:b188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 242ed9a2483dd9ea5f4173423d8a721d1951f2e69d88d53bb6f6da4c3b003468

Request headers

:path: /theme/images/notesline.png
pragma: no-cache
cookie: PHPSESSID=bo7hc4v6bqm8iltum3n78l6nlg
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: notes.io
referer: https://notes.io/theme/styles/notes.min.css?id=483170977
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://notes.io/theme/styles/notes.min.css?id=483170977
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 09:22:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 887074
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 157
last-modified: Fri, 21 Feb 2020 23:28:32 GMT
server: cloudflare
etag: "5e5067a0-9d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YUsYHjxcurK8Oue3hSOhes76N7P33PVO674ugtXSquSDexT3xoMEYNNVyUDa5A4piUkkjp8rTIG9%2B5htoYgqbT%2BYmBgtvvegQNq7zbLSxNWZgNa3bgf%2FLDu%2FXwvO1UpylIHn6qfm3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000, no-transform
accept-ranges: bytes
cf-ray: 6932b4ef3edc4eaf-FRA
expires: Tue, 13 Sep 2022 02:57:33 GMT

GET
H2 200 notespagebottom1.png
notes.io/theme/images/ 371 B
733 B 17ms
16ms Image
image/png 2606:4700:3030::ac43:b188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://notes.io/theme/images/notespagebottom1.png
Requested by: Host: notes.io
URL: https://notes.io/theme/styles/notes.min.css?id=483170977
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:b188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df720775feafe2fbda5ed706fa3a22baaadb1f49a20089426426ee159dfda16e

Request headers

:path: /theme/images/notespagebottom1.png
pragma: no-cache
cookie: PHPSESSID=bo7hc4v6bqm8iltum3n78l6nlg
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: notes.io
referer: https://notes.io/theme/styles/notes.min.css?id=483170977
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://notes.io/theme/styles/notes.min.css?id=483170977
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 09:22:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8279060
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 371
last-modified: Fri, 21 Feb 2020 23:28:50 GMT
server: cloudflare
etag: "5e5067b2-173"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZXltoldcqrEk8giRCCq4L095Fnain2IOL1%2BXf%2Buek4tEKo3iceOSr5d9AJybAXX7uSo9AwVAMh7%2FDQ7%2Bo9Ox3glmXq4zGPWQtAuCboDPMns402LI%2B8A4Z4F4DaR5FmEF2edpjtYrAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000, no-transform
accept-ranges: bytes
cf-ray: 6932b4ef3edf4eaf-FRA
expires: Sun, 19 Jun 2022 13:37:47 GMT

GET
H2 200 notespagebottom2.png
notes.io/theme/images/ 91 B
389 B 18ms
17ms Image
image/png 2606:4700:3030::ac43:b188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://notes.io/theme/images/notespagebottom2.png
Requested by: Host: notes.io
URL: https://notes.io/theme/styles/notes.min.css?id=483170977
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:b188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a88d92e2876436beeb002b35dd4161535db42e6dd90ebd024ee57e96133fee01

Request headers

:path: /theme/images/notespagebottom2.png
pragma: no-cache
cookie: PHPSESSID=bo7hc4v6bqm8iltum3n78l6nlg
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: notes.io
referer: https://notes.io/theme/styles/notes.min.css?id=483170977
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://notes.io/theme/styles/notes.min.css?id=483170977
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 09:22:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8279060
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 91
last-modified: Fri, 21 Feb 2020 23:28:32 GMT
server: cloudflare
etag: "5e5067a0-5b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RDNvSFWGDj6GBowSrFPTxrS%2BHHBKD%2Fgs%2FaIgTVBil%2FE0J8wC8X9dfdppaOZjTMppm7pfe7O5dcY68NE8oyt1jQsg2vkpArik6Ey6OR%2BEbhM51n19sVnhedK1cnJ0MB%2F2Dqj10aT6gw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000, no-transform
accept-ranges: bytes
cf-ray: 6932b4ef3ee14eaf-FRA
expires: Sun, 19 Jun 2022 13:37:47 GMT

GET
H2 200 notespagebottom3.png
notes.io/theme/images/ 304 B
653 B 16ms
16ms Image
image/png 2606:4700:3030::ac43:b188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://notes.io/theme/images/notespagebottom3.png
Requested by: Host: notes.io
URL: https://notes.io/theme/styles/notes.min.css?id=483170977
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:b188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75913336756871c8e107493ce476f32784b526d5431dca6cddd8a9c4eb383006

Request headers

:path: /theme/images/notespagebottom3.png
pragma: no-cache
cookie: PHPSESSID=bo7hc4v6bqm8iltum3n78l6nlg
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: notes.io
referer: https://notes.io/theme/styles/notes.min.css?id=483170977
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://notes.io/theme/styles/notes.min.css?id=483170977
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 09:22:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2618412
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 304
last-modified: Fri, 21 Feb 2020 23:28:50 GMT
server: cloudflare
etag: "5e5067b2-130"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F8Hr0tAU%2Fiz7vcMFO3cBuHYH%2BKmEBBOCbuq4558Xrmgg%2BEw1XbmDKt4dmRfTbvfSW%2BC6dbtC3fAI1v14M6Dzx7nEm64N2tRZPmTasKkCOVgQC8DO83ftNm56rF4vWTOgU3p7FMYI8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000, no-transform
accept-ranges: bytes
cf-ray: 6932b4ef3ee34eaf-FRA
expires: Wed, 24 Aug 2022 02:01:55 GMT

GET
H2 200 notes.min.js Show response
notes.io/theme/scripts/ 6 KB
6 KB 19ms
17ms Script
application/javascript 2606:4700:3030::ac43:b188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://notes.io/theme/scripts/notes.min.js
Requested by: Host: notes.io
URL: https://notes.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:b188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 210ce18fc43f351e1779820524493a298b577ff52fbcf977c89e16c40c6b5174

Request headers

:path: /theme/scripts/notes.min.js
pragma: no-cache
cookie: PHPSESSID=bo7hc4v6bqm8iltum3n78l6nlg
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: notes.io
referer: https://notes.io/JaMr
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://notes.io/JaMr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 09:22:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1850480
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 5783
last-modified: Wed, 29 Apr 2020 19:15:23 GMT
server: cloudflare
etag: "5ea9d24b-1697"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PbPV4KdhHIIba6eEMP0YteWNBWrEth0DlpBCvkRoI0Y50CjEbn1ntPassEz5Akz85caQS%2BSPqXeMgFZKgF0xmhAqPenMK9QP2%2FTsV36qxfBk19pCvbUdpInzY7wmI7nknk3lFJzIOw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000, no-transform
accept-ranges: bytes
cf-ray: 6932b4ef5f104eaf-FRA
expires: Thu, 01 Sep 2022 23:20:47 GMT

GET
H2 200 jquery.min.js Show response
notes.io/theme/scripts/ 95 KB
39 KB 15ms
15ms Script
application/javascript 2606:4700:3030::ac43:b188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://notes.io/theme/scripts/jquery.min.js
Requested by: Host: notes.io
URL: https://notes.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:b188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Request headers

:path: /theme/scripts/jquery.min.js
pragma: no-cache
cookie: PHPSESSID=bo7hc4v6bqm8iltum3n78l6nlg
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: notes.io
referer: https://notes.io/JaMr
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://notes.io/JaMr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 09:22:07 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8279060
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Sun, 26 Apr 2020 11:31:24 GMT
server: cloudflare
etag: W/"5ea5710c-17b8b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vt%2Fpmle4c2Tpy%2FWGpUOLKT4JU%2FhQTbxXQevir7EmjX%2BaqjU6eELjrNJPio%2BojnT5sguAs0G%2F0BzKyISkOU%2FqcSiytEq7J3vAK7TDv3Upjv8DK3tpgRhV8wgU9plkSRtnGvR0gPOxDw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000, no-transform
cf-ray: 6932b4ef5f124eaf-FRA
expires: Sun, 19 Jun 2022 13:37:47 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 139 KB
49 KB 62ms
38ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: notes.io
URL: https://notes.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4bf98373dae18262ff43206a277346a0cfaa86c5a8c64e0cf6626f07b5d676da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://notes.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 09:22:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49890
x-xss-protection: 0
server: cafe
etag: 8603642462237437729
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 23 Sep 2021 09:22:07 GMT

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 53ms
8ms Script
text/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: notes.io
URL: https://notes.io/JaMr

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://notes.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 2474
date: Thu, 23 Sep 2021 08:40:53 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Thu, 23 Sep 2021 10:40:53 GMT

GET
H2 200 1.png
notes.io/theme/images/messagebox/ 210 B
541 B 17ms
16ms Image
image/png 2606:4700:3030::ac43:b188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://notes.io/theme/images/messagebox/1.png
Requested by: Host: notes.io
URL: https://notes.io/theme/styles/notes.min.css?id=483170977
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:b188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f5eb697ffa5c4ba8a2c5badd8ab713a612934c1e0e54f57e082b3ba736a83f51

Request headers

:path: /theme/images/messagebox/1.png
pragma: no-cache
cookie: PHPSESSID=bo7hc4v6bqm8iltum3n78l6nlg
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: notes.io
referer: https://notes.io/theme/styles/notes.min.css?id=483170977
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://notes.io/theme/styles/notes.min.css?id=483170977
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 09:22:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8279059
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 210
last-modified: Fri, 21 Feb 2020 23:15:11 GMT
server: cloudflare
etag: "5e50647f-d2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5QwQF%2FZIkMrUAlQo1ZlbzucQ5u0uriGcc9oyj%2BWvkPXJokG0Zug7IWO%2FVqXj%2BNN6i%2FYndy3QX7r4yBS0eDr38GxCkXZQ%2FkOglaF2bmiCDYXbnw57jlgvmOkxNR3pc3soJOMkocQY%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000, no-transform
accept-ranges: bytes
cf-ray: 6932b4efaf984eaf-FRA
expires: Sun, 19 Jun 2022 13:37:48 GMT

GET
H2 200 2.png
notes.io/theme/images/messagebox/ 84 B
410 B 16ms
15ms Image
image/png 2606:4700:3030::ac43:b188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://notes.io/theme/images/messagebox/2.png
Requested by: Host: notes.io
URL: https://notes.io/theme/styles/notes.min.css?id=483170977
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:b188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b90937bdac082504869f2e7f5ab0cdae955ca4081694733ffd27a521e90dbaf

Request headers

:path: /theme/images/messagebox/2.png
pragma: no-cache
cookie: PHPSESSID=bo7hc4v6bqm8iltum3n78l6nlg
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: notes.io
referer: https://notes.io/theme/styles/notes.min.css?id=483170977
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://notes.io/theme/styles/notes.min.css?id=483170977
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 09:22:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2618412
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 84
last-modified: Fri, 21 Feb 2020 23:15:12 GMT
server: cloudflare
etag: "5e506480-54"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BoD9i20lEBCH%2BdgIl%2ButwpSeq3HanJMLBhttrJCf1tu4zQvBCdHA6W4OaBNDhYgKRQReysebBae0C1cUWzeHD%2FNJ7dy75my46Z6vWF3hsq%2FfZ1LsPJa84geXkSkY4nz5nple%2BqkZaw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000, no-transform
accept-ranges: bytes
cf-ray: 6932b4efaf994eaf-FRA
expires: Wed, 24 Aug 2022 02:01:55 GMT

GET
H2 200 closeBTN.png
notes.io/theme/images/messagebox/ 925 B
1 KB 18ms
17ms Image
image/png 2606:4700:3030::ac43:b188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://notes.io/theme/images/messagebox/closeBTN.png
Requested by: Host: notes.io
URL: https://notes.io/theme/styles/notes.min.css?id=483170977
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:b188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53e69dacf2d972a15757ffbc6d4079e8a0279bdc7b688e48ff1149f32bcaea0f

Request headers

:path: /theme/images/messagebox/closeBTN.png
pragma: no-cache
cookie: PHPSESSID=bo7hc4v6bqm8iltum3n78l6nlg
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: notes.io
referer: https://notes.io/theme/styles/notes.min.css?id=483170977
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://notes.io/theme/styles/notes.min.css?id=483170977
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 09:22:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8279059
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 925
last-modified: Fri, 21 Feb 2020 23:15:13 GMT
server: cloudflare
etag: "5e506481-39d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fWjt9%2FdJ6%2BeciEoLo892MCr9vzJjShkqzRmszCti41XsyUEYg6xTYeH1fnQIOxwpAslyRqh%2FnjUjH01R3Y85E9MEMGXMSmqUKK4R7sPbuBuEMIjUy4X%2BJ3E771BzJesospDGa5VSbg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000, no-transform
accept-ranges: bytes
cf-ray: 6932b4efaf9a4eaf-FRA
expires: Sun, 19 Jun 2022 13:37:48 GMT

GET
H2 200 3.png
notes.io/theme/images/messagebox/ 216 B
752 B 24ms
23ms Image
image/png 2606:4700:3030::ac43:b188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://notes.io/theme/images/messagebox/3.png
Requested by: Host: notes.io
URL: https://notes.io/theme/styles/notes.min.css?id=483170977
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:b188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb00fe51694e9a062bdd78d55e256b8b9b512907f1f886c952b1e6184fa4f3f4

Request headers

:path: /theme/images/messagebox/3.png
pragma: no-cache
cookie: PHPSESSID=bo7hc4v6bqm8iltum3n78l6nlg
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: notes.io
referer: https://notes.io/theme/styles/notes.min.css?id=483170977
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://notes.io/theme/styles/notes.min.css?id=483170977
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 09:22:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8279059
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 216
last-modified: Fri, 21 Feb 2020 23:15:12 GMT
server: cloudflare
etag: "5e506480-d8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=icRtKwmux9XcRj9vQYjIzwQvnCZaO29YbeP4dgbvbDIoxP5el8FHoi3K2V8AZALNoUgZwYfEtSBXaBlnrz7dHqATk3ExC1%2F5Vfxj1cBru1e2f8DFx1XOlORgyYRUpiQY8Mu9tGEi9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000, no-transform
accept-ranges: bytes
cf-ray: 6932b4efaf9c4eaf-FRA
expires: Sun, 19 Jun 2022 13:37:48 GMT

GET
H2 200 4.png
notes.io/theme/images/messagebox/ 80 B
614 B 15ms
14ms Image
image/png 2606:4700:3030::ac43:b188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://notes.io/theme/images/messagebox/4.png
Requested by: Host: notes.io
URL: https://notes.io/theme/styles/notes.min.css?id=483170977
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:b188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd43d486434121095a1a87b10d00af75be9b3876da1b100cabdad4fc1ec08699

Request headers

:path: /theme/images/messagebox/4.png
pragma: no-cache
cookie: PHPSESSID=bo7hc4v6bqm8iltum3n78l6nlg
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: notes.io
referer: https://notes.io/theme/styles/notes.min.css?id=483170977
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://notes.io/theme/styles/notes.min.css?id=483170977
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 09:22:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8279059
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 80
last-modified: Fri, 21 Feb 2020 23:15:11 GMT
server: cloudflare
etag: "5e50647f-50"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aVYJeMcLuviJ4Y5nWhcTgm9HvIBLVH9%2FJJX2RDoqQb1CRYmbacWB9%2Bx%2F8SNNMKLCNmiyoinOjgHzP8XwsiuaTDUkqTs8gANUiXp3afscphb5MTYJFJzerAh7TGIiqXg3IGXXa%2FckRw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000, no-transform
accept-ranges: bytes
cf-ray: 6932b4efaf9d4eaf-FRA
expires: Sun, 19 Jun 2022 13:37:48 GMT

GET
H2 200 5.png
notes.io/theme/images/messagebox/ 81 B
473 B 13ms
12ms Image
image/png 2606:4700:3030::ac43:b188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://notes.io/theme/images/messagebox/5.png
Requested by: Host: notes.io
URL: https://notes.io/theme/styles/notes.min.css?id=483170977
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:b188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a2e6f4e3b47708f456723686f7229139f65c9590fd610ad4483aa37ab623100e

Request headers

:path: /theme/images/messagebox/5.png
pragma: no-cache
cookie: PHPSESSID=bo7hc4v6bqm8iltum3n78l6nlg
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: notes.io
referer: https://notes.io/theme/styles/notes.min.css?id=483170977
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://notes.io/theme/styles/notes.min.css?id=483170977
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 09:22:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8279059
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 81
last-modified: Fri, 21 Feb 2020 23:15:12 GMT
server: cloudflare
etag: "5e506480-51"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z%2Bsd7kD2cSFYb245Hz8GsPv65h%2Bp8DX6ZltfHVowencNnA6WTgpu4u0XbkMlB3JTVeZSjweMAKj13v3z2Sa%2B9Bqle0tOjQDoK%2FZlbEjBpp66dhtmfZx60uSM4Q4avaQ2mcryKQZ1ZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000, no-transform
accept-ranges: bytes
cf-ray: 6932b4efaf9e4eaf-FRA
expires: Sun, 19 Jun 2022 13:37:48 GMT

GET
H2 200 6.png
notes.io/theme/images/messagebox/ 190 B
480 B 16ms
15ms Image
image/png 2606:4700:3030::ac43:b188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://notes.io/theme/images/messagebox/6.png
Requested by: Host: notes.io
URL: https://notes.io/theme/styles/notes.min.css?id=483170977
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:b188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 67fd821b8cbf7173173b93ab14e85ec18d6a244a7f5d9389e8048f5d9c38fbdc

Request headers

:path: /theme/images/messagebox/6.png
pragma: no-cache
cookie: PHPSESSID=bo7hc4v6bqm8iltum3n78l6nlg
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: notes.io
referer: https://notes.io/theme/styles/notes.min.css?id=483170977
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://notes.io/theme/styles/notes.min.css?id=483170977
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 09:22:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8279059
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 190
last-modified: Fri, 21 Feb 2020 23:15:12 GMT
server: cloudflare
etag: "5e506480-be"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1aiLxQTJWLTrAXIY32cl6wCMR4Ao90toZ2gGrnHQMv59PwNvLdI3ccBEGOYL9094ZTBk8m6ncJPR0DAG06ibsLOVTEE2gXfiI3wCcvTPjOeBG4Uur9wtFlGo2BApyXHzztpscGlPng%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000, no-transform
accept-ranges: bytes
cf-ray: 6932b4efaf9f4eaf-FRA
expires: Sun, 19 Jun 2022 13:37:48 GMT

GET
H2 200 7.png
notes.io/theme/images/messagebox/ 84 B
467 B 18ms
17ms Image
image/png 2606:4700:3030::ac43:b188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://notes.io/theme/images/messagebox/7.png
Requested by: Host: notes.io
URL: https://notes.io/theme/styles/notes.min.css?id=483170977
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:b188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e3483b903087992179e337c5b50d3d1768181543b2615915bb53529190fabee

Request headers

:path: /theme/images/messagebox/7.png
pragma: no-cache
cookie: PHPSESSID=bo7hc4v6bqm8iltum3n78l6nlg
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: notes.io
referer: https://notes.io/theme/styles/notes.min.css?id=483170977
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://notes.io/theme/styles/notes.min.css?id=483170977
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 09:22:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 887074
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 84
last-modified: Fri, 21 Feb 2020 23:15:12 GMT
server: cloudflare
etag: "5e506480-54"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bR1l95XQdFxWPGvP%2Bh7u%2FgIUSZyoN9%2BYqtSoiQBbMBjwQYMHI%2BteKM%2FrDnYhLI3aXI665G%2Bh16bYmMG1d9PbOs0vjs%2FnBr720FrmR3q2VJitW3Iz2tlsp%2FN0u%2BFmCwa4GRIolvlTlw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000, no-transform
accept-ranges: bytes
cf-ray: 6932b4efafa04eaf-FRA
expires: Tue, 13 Sep 2022 02:57:33 GMT

GET
H2 200 8.png
notes.io/theme/images/messagebox/ 195 B
519 B 14ms
14ms Image
image/png 2606:4700:3030::ac43:b188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://notes.io/theme/images/messagebox/8.png
Requested by: Host: notes.io
URL: https://notes.io/theme/styles/notes.min.css?id=483170977
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:b188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46d72aae9d4a3d95505f41765ef9f541d3bde5b21ddfa63ca2ac5b9b2fed6003

Request headers

:path: /theme/images/messagebox/8.png
pragma: no-cache
cookie: PHPSESSID=bo7hc4v6bqm8iltum3n78l6nlg
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: notes.io
referer: https://notes.io/theme/styles/notes.min.css?id=483170977
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://notes.io/theme/styles/notes.min.css?id=483170977
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 09:22:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8279059
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 195
last-modified: Fri, 21 Feb 2020 23:15:13 GMT
server: cloudflare
etag: "5e506481-c3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MTvR%2BAIruQrWU%2ByeW8oLJrOozds73MWBCYgA08dhcG3JebC2%2Fnh1BnOc4yK3DBFA3afEoQj%2Bri4aNyp%2FgNGrm7bFQkSUo3i3v%2BOSzB6dxg%2BkMOhK1bUilYIyiwdS5eHy918N9ZbODQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000, no-transform
accept-ranges: bytes
cf-ray: 6932b4efafa14eaf-FRA
expires: Sun, 19 Jun 2022 13:37:48 GMT

GET
H2 200 closeBtn.png
notes.io/theme/images/ 884 B
1 KB 14ms
13ms Image
image/png 2606:4700:3030::ac43:b188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://notes.io/theme/images/closeBtn.png
Requested by: Host: notes.io
URL: https://notes.io/theme/styles/notes.min.css?id=483170977
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:b188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8cacfa400f8759f593f2f89f7984d412c8a2b68c4066108dd0b9e35ec9d22782

Request headers

:path: /theme/images/closeBtn.png
pragma: no-cache
cookie: PHPSESSID=bo7hc4v6bqm8iltum3n78l6nlg
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: notes.io
referer: https://notes.io/theme/styles/notes.min.css?id=483170977
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://notes.io/theme/styles/notes.min.css?id=483170977
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 09:22:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8279059
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 884
last-modified: Fri, 21 Feb 2020 23:28:50 GMT
server: cloudflare
etag: "5e5067b2-374"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zk3m%2FGpBMef2NB2m6p7cVCBv3NqK6tQoP2gZma9qIDGXZNQrtBjXad24CCC%2BTa4yGGfGceE8iybQZ2CEa1nJNrBtbGj7G94Dx7526S92r1a1XJG9v2GyLCYluAlRf3E0ZnuvkXOsPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000, no-transform
accept-ranges: bytes
cf-ray: 6932b4efbfb74eaf-FRA
expires: Sun, 19 Jun 2022 13:37:48 GMT

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109210101/ 255 KB
95 KB 35ms
34ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109210101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4070502493653474&plah=notes.io&bust=31062896

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02cf170d750fab9d79601308d731314e2f3f04c21576e5eae8daff7a340f7415

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://notes.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 09:22:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 96573
x-xss-protection: 0
server: cafe
etag: 5638719263058294328
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 23 Sep 2021 09:22:08 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210921/r20190131/ Frame EB5B 10 KB
5 KB 30ms
7ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210921/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

751dcf9dcab28e7704b6c2b25d6288581f8a45af878fd628135cec03d8112eed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210921/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://notes.io/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://notes.io/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 22 Sep 2021 20:26:37 GMT
expires: Wed, 06 Oct 2021 20:26:37 GMT
content-type: text/html; charset=UTF-8
etag: 14847953055219580247
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4613
x-xss-protection: 0
age: 46531
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1636827750&utmhn=notes.io&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Wenn%20Sie%...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-18039671-1&cid=678837858.1632388928&jid=1710308589&_v=5.7.2&z=1636827750
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-18039671-1&cid=678837858.1632388928&jid=1710308589&_v=5.7.2&z=1636827750
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-18039671-1&cid=678837858.1632388928&jid=1710308589&_v=5.7.2&z=1636827750&slf_rd=1&random=1939909742

42 B
522 B

43ms
19ms

Image
image/gif

2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-18039671-1&cid=678837858.1632388928&jid=1710308589&_v=5.7.2&z=1636827750&slf_rd=1&random=1939909742

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://notes.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Sep 2021 09:22:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 23 Sep 2021 09:22:08 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-18039671-1&cid=678837858.1632388928&jid=1710308589&_v=5.7.2&z=1636827750&slf_rd=1&random=1939909742
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 198 B
655 B 102ms
29ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=notes.io&callback=_gfp_s_&client=ca-pub-4070502493653474

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109210101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4070502493653474&plah=notes.io&bust=31062896

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

67edf2d69f32c807ae88a671e1965ad53562cfa7b8b29ebc50f26e0bc2856da0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://notes.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 09:22:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 190
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
853 B 83ms
17ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=notes.io

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://notes.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 23 Sep 2021 09:22:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 41ms
17ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=notes.io

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://notes.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 23 Sep 2021 09:22:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2734 430 B
407 B 103ms
102ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4070502493653474&output=html&h=200&slotname=3868234696&adk=549409105&adf=954533980&pi=t.ma~as.3868234696&w=1200&fwrn=4&lmt=1632388928&rafmt=11&psa=0&format=1200x200&url=https%3A%2F%2Fnotes.io%2FJaMr&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632388927996&bpp=4&bdt=186&idt=69&shv=r20210921&mjsv=m202109210101&ptt=9&saldr=aa&abxe=1&correlator=7993603270140&frm=20&pv=2&ga_vid=678837858.1632388928&ga_sid=1632388928&ga_hid=924834711&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=194&ady=121&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530887%2C31062896%2C21065724&oid=3&pvsid=2131072436534809&pem=426&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CoeE%7Cp&abl=XS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=TCPy1Std0c&p=https%3A//notes.io&dtd=80

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

25b146b35882d4db16b4246ce04fff5bfa97447031834fdc663f8a6b583ef37e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4070502493653474&output=html&h=200&slotname=3868234696&adk=549409105&adf=954533980&pi=t.ma~as.3868234696&w=1200&fwrn=4&lmt=1632388928&rafmt=11&psa=0&format=1200x200&url=https%3A%2F%2Fnotes.io%2FJaMr&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632388927996&bpp=4&bdt=186&idt=69&shv=r20210921&mjsv=m202109210101&ptt=9&saldr=aa&abxe=1&correlator=7993603270140&frm=20&pv=2&ga_vid=678837858.1632388928&ga_sid=1632388928&ga_hid=924834711&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=194&ady=121&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530887%2C31062896%2C21065724&oid=3&pvsid=2131072436534809&pem=426&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CoeE%7Cp&abl=XS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=TCPy1Std0c&p=https%3A//notes.io&dtd=80
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://notes.io/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://notes.io/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 23 Sep 2021 09:22:08 GMT
server: cafe
content-length: 205
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 23-Sep-2021 09:37:08 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 23 Sep 2021 09:22:08 GMT
cache-control: private

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
9 KB 42ms
20ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210921&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

912758be9c0fdf154db151ae14b4ffde683389c208095c2805c8855c83dd07d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://notes.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 23 Sep 2021 09:22:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8529
x-xss-protection: 0

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
28 KB 50ms
25ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a7ad5974f3d165d1a83149795afe792e241b0e6a41078c6e14bcecc5449934e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://notes.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 09:22:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27652
x-xss-protection: 0
server: sffe
etag: "1632310961004595"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="active-view-scs-read-write-acl"
expires: Thu, 23 Sep 2021 09:22:08 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7A00 430 B
372 B 150ms
149ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4070502493653474&output=html&h=90&adk=3669304273&adf=1363183586&w=728&lmt=1632388928&psa=0&format=728x90&url=https%3A%2F%2Fnotes.io%2FJaMr&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632388928000&bpp=1&bdt=191&idt=82&shv=r20210921&mjsv=m202109210101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x200&correlator=7993603270140&frm=20&pv=1&ga_vid=678837858.1632388928&ga_sid=1632388928&ga_hid=924834711&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=430&ady=1647&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530887%2C31062896%2C21065724&oid=3&pvsid=2131072436534809&pem=426&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CoeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=CSYy2mqKKi&p=https%3A//notes.io&dtd=84

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

402cd16e47764a4a19e201e0c8eca17e1d839e2ce52fe41cb40459c0f24f2456

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4070502493653474&output=html&h=90&adk=3669304273&adf=1363183586&w=728&lmt=1632388928&psa=0&format=728x90&url=https%3A%2F%2Fnotes.io%2FJaMr&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632388928000&bpp=1&bdt=191&idt=82&shv=r20210921&mjsv=m202109210101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x200&correlator=7993603270140&frm=20&pv=1&ga_vid=678837858.1632388928&ga_sid=1632388928&ga_hid=924834711&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=430&ady=1647&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530887%2C31062896%2C21065724&oid=3&pvsid=2131072436534809&pem=426&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CoeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=CSYy2mqKKi&p=https%3A//notes.io&dtd=84
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://notes.io/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://notes.io/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 23 Sep 2021 09:22:08 GMT
server: cafe
content-length: 205
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 23-Sep-2021 09:37:08 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 23 Sep 2021 09:22:08 GMT
cache-control: private

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
121 B 28ms
28ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fnotes.io%2FJaMr&tn=IMG&cls=bg&ign=false&pw=1600&ph=1200&x=0&y=1060.8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://notes.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Sep 2021 09:22:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
56 B 29ms
28ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fnotes.io%2FJaMr&tn=IMG&cls=bg&ign=false&pw=1600&ph=1200&x=0&y=69.6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://notes.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Sep 2021 09:22:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6DCF 10 KB
5 KB 106ms
106ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4070502493653474&output=html&adk=1812271804&adf=3025194257&lmt=1632388928&plat=1%3A16777216%2C2%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fnotes.io%2FJaMr&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632388928009&bpp=1&bdt=199&idt=77&shv=r20210921&mjsv=m202109210101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x200%2C728x90&nras=1&correlator=7993603270140&frm=20&pv=1&ga_vid=678837858.1632388928&ga_sid=1632388928&ga_hid=924834711&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530887%2C31062896%2C21065724&oid=3&pvsid=2131072436534809&pem=426&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=81

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e800029919e3965b487ca63166313e31b835625f51f2da6a80ca49a562d55a59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4070502493653474&output=html&adk=1812271804&adf=3025194257&lmt=1632388928&plat=1%3A16777216%2C2%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fnotes.io%2FJaMr&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632388928009&bpp=1&bdt=199&idt=77&shv=r20210921&mjsv=m202109210101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x200%2C728x90&nras=1&correlator=7993603270140&frm=20&pv=1&ga_vid=678837858.1632388928&ga_sid=1632388928&ga_hid=924834711&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530887%2C31062896%2C21065724&oid=3&pvsid=2131072436534809&pem=426&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=81
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://notes.io/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://notes.io/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 23 Sep 2021 09:22:08 GMT
server: cafe
content-length: 4613
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 23-Sep-2021 09:37:08 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 23 Sep 2021 09:22:08 GMT
cache-control: private

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 54ms
31ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://notes.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 09:22:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Thu, 23 Sep 2021 09:22:08 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 703C 12 KB
5 KB 8ms
6ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://notes.io/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://notes.io/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Thu, 23 Sep 2021 08:03:24 GMT
expires: Fri, 23 Sep 2022 08:03:24 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 4724
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 7701 783 B
993 B 18ms
17ms Document
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f6e484f1b07fd3566bfb2658ea05dd17e8f5e14da9a52f83050bba45431ebb49

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-cdzLQU0EAGdChmUmdYECHw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://notes.io/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://notes.io/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Thu, 23 Sep 2021 09:22:08 GMT
date: Thu, 23 Sep 2021 09:22:08 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-cdzLQU0EAGdChmUmdYECHw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 511
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 19ms
18ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=notes.io

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://notes.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 23 Sep 2021 09:22:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 17ms
16ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=notes.io

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://notes.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 23 Sep 2021 09:22:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4279 430 B
502 B 228ms
228ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4070502493653474&output=html&h=280&adk=1660337510&adf=3767030899&pi=t.aa~a.179182922~i.10~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1632388928&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7194745760&psa=1&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fnotes.io%2FJaMr&flash=0&fwr=0&pra=3&rh=200&rw=1488&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632388928228&bpp=2&bdt=418&idt=-M&shv=r20210921&mjsv=m202109210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6cd3a180b7c31af1-2225373fc1cb00a3%3AT%3D1632388928%3ART%3D1632388928%3AS%3DALNI_MZaOPNpKFDM5fRh8scQ96xlL5vEUw&prev_fmts=1200x200%2C728x90%2C0x0&nras=2&correlator=7993603270140&frm=20&pv=1&ga_vid=678837858.1632388928&ga_sid=1632388928&ga_hid=924834711&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=194&ady=1140&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530887%2C31062896%2C21065724&oid=3&pvsid=2131072436534809&pem=426&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=3vBaw2Z1FI&p=https%3A//notes.io&dtd=8

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d22c4c227d0b2b3cff679a1e1aeae1179c07ec7a4fa090b00f3254da1236accc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4070502493653474&output=html&h=280&adk=1660337510&adf=3767030899&pi=t.aa~a.179182922~i.10~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1632388928&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7194745760&psa=1&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fnotes.io%2FJaMr&flash=0&fwr=0&pra=3&rh=200&rw=1488&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632388928228&bpp=2&bdt=418&idt=-M&shv=r20210921&mjsv=m202109210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6cd3a180b7c31af1-2225373fc1cb00a3%3AT%3D1632388928%3ART%3D1632388928%3AS%3DALNI_MZaOPNpKFDM5fRh8scQ96xlL5vEUw&prev_fmts=1200x200%2C728x90%2C0x0&nras=2&correlator=7993603270140&frm=20&pv=1&ga_vid=678837858.1632388928&ga_sid=1632388928&ga_hid=924834711&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=194&ady=1140&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530887%2C31062896%2C21065724&oid=3&pvsid=2131072436534809&pem=426&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=3vBaw2Z1FI&p=https%3A//notes.io&dtd=8
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://notes.io/
accept-encoding: gzip, deflate, br
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://notes.io/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 23 Sep 2021 09:22:08 GMT
server: cafe
content-length: 206
x-xss-protection: 0
set-cookie: IDE=AHWqTUktO451ltJzrGU-K-GaYSL5qeY5TwbFppd1hErKD_6F8OxD34E5ymWlL5cEyBs; expires=Tue, 18-Oct-2022 09:22:08 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 23 Sep 2021 09:22:08 GMT
cache-control: private

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame CBAA 27 KB
11 KB 214ms
214ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4070502493653474&output=html&h=90&adk=225959210&adf=2234306316&pi=t.aa~a.4127630865~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1632388928&rafmt=1&to=qs&pwprc=7194745760&psa=1&format=1200x90&url=https%3A%2F%2Fnotes.io%2FJaMr&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632388928228&bpp=1&bdt=418&idt=1&shv=r20210921&mjsv=m202109210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6cd3a180b7c31af1-2225373fc1cb00a3%3AT%3D1632388928%3ART%3D1632388928%3AS%3DALNI_MZaOPNpKFDM5fRh8scQ96xlL5vEUw&prev_fmts=1200x200%2C728x90%2C0x0%2C1200x280&nras=3&correlator=7993603270140&frm=20&pv=1&ga_vid=678837858.1632388928&ga_sid=1632388928&ga_hid=924834711&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=194&ady=2080&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530887%2C31062896%2C21065724&oid=3&pvsid=2131072436534809&pem=426&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=RZFjrINWiB&p=https%3A//notes.io&dtd=11

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b448625535a0c7eee84882e8b1b949bb9169993f2af55e42eb8ec05eb7715256

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4070502493653474&output=html&h=90&adk=225959210&adf=2234306316&pi=t.aa~a.4127630865~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1632388928&rafmt=1&to=qs&pwprc=7194745760&psa=1&format=1200x90&url=https%3A%2F%2Fnotes.io%2FJaMr&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632388928228&bpp=1&bdt=418&idt=1&shv=r20210921&mjsv=m202109210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6cd3a180b7c31af1-2225373fc1cb00a3%3AT%3D1632388928%3ART%3D1632388928%3AS%3DALNI_MZaOPNpKFDM5fRh8scQ96xlL5vEUw&prev_fmts=1200x200%2C728x90%2C0x0%2C1200x280&nras=3&correlator=7993603270140&frm=20&pv=1&ga_vid=678837858.1632388928&ga_sid=1632388928&ga_hid=924834711&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=194&ady=2080&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530887%2C31062896%2C21065724&oid=3&pvsid=2131072436534809&pem=426&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=RZFjrINWiB&p=https%3A//notes.io&dtd=11
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://notes.io/
accept-encoding: gzip, deflate, br
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://notes.io/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 23 Sep 2021 09:22:08 GMT
server: cafe
content-length: 11402
x-xss-protection: 0
set-cookie: IDE=AHWqTUnT4gNGpL9bh4Q37FEHgTp9aGqLdu2l6QHBpQ08of0v0cAkA9d52n_aDAPs1S8; expires=Tue, 18-Oct-2022 09:22:08 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 23 Sep 2021 09:22:08 GMT
cache-control: private

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 7701 0
0 60ms
60ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20210921&jk=2131072436534809&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 WAz-nyaJu9uVRUq8NsxhsXGtXViWwv7lV4sP3qP2SqA.js Show response
pagead2.googlesyndication.com/bg/ Frame 703C 35 KB
13 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WAz-nyaJu9uVRUq8NsxhsXGtXViWwv7lV4sP3qP2SqA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

580cfe9f2689bbdb95454abc36cc61b171ad5d5896c2fee5578b0fdea3f64aa0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 08:02:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4777
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13388
x-xss-protection: 0
last-modified: Mon, 20 Sep 2021 23:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Fri, 23 Sep 2022 08:02:31 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 62ms
62ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&t=2&li=gda_r20210921&jk=2131072436534809&bg=!s7ClsPTNAAZNQyuQTUM7ACkAdvg8WqBfvJqLHPsiB7ZcIau2BFkUduKMfFR_ntkFnLmk2VwLBAOg0QIAAABeUgAAAAtoAQcKALabWtUMTbmxpHNfp5ioHyM6rLPKjw-JyQA-AsANFCE87V4kNFEi4yzTbqOb6aWcwQvOCpHMm9olx_7PQXjme3lR1Mp4X4agfVmd7LnEkdD7UBFBGKShnAMD-UHnM01-OkS5w28tEAQj33qGoteZbCQEwLaAyMwuarC3uDeh9EvT7u18RAGrwSdaFMrninx4Egfm0OPCLYZ8dAbc6vmJW4LDCnODpef5b4Ped1LLcCVEICaE_JgUKZkCbs4AUjYQXX-MFw1_dU-fKlKmV2F7w3ekgmrqxqGnfRIneWqXtH1Lypr0voF2HD3m-28xs8Mu9EnJu7PSJLGZwW8c-pzzz6PjYXaHu2oQvON-pB1ZGv4Rv56xTs-DUL6HQcIfChMW4OJPsrBNWlxe6ksr-TeBGDDZqoAmeZmNqQi__E2lpzsE_8fb-Za5iCJhcF_q5sTtb1R7vDT61Ao8ipVCHoG5sqaCRXqXuwMVN1kMFzUCzSngl38cjSc2b40pPnYqKB4-dqf_PjX44Y6aFnHPp7lGKbTv6CLvOl5toRl2DNYbFLl2w8cXFlN6tUSVPWTzhhL4YcSfMmNpzjU2MwHx6PzzPGfmIyi3qy5_lqAcpqzd9mQT5wOlopkbtnT7haP0Gi0huSGEjrwdxOf2N6ZE3ZwxZs9G3A5aC8VyWEIcYP9fL0LNwSR48X9jMspWM90ODVQat-xeWtRSCLVUOyIdV8Ihb__dQdzSw0yxMLXj4ApBw2ns8jCm1V__bJZYh2l8DLbKzpXxQzGT6YYPf_oBq9tmqEYsRO9qYWmrD6WU6KmF8pRUrTCsbZ6RfVcWPun0uE1UPIzNAfM5pX0Ge_wu1AApeafuICEdr32ztFuolTxJ6WAQy_fORvpHVEG5I90mDZzUN1RYk07hUfq6tJLhFcehtcprclbql8VnDQYaZ63jXbxGv6Ssplth0E9YNbF_APxLUi_rtolwsnKA5lFsLZ4aYG9CNeeMjQyDQqT33EkUE7Ge_Q4hIEWMBDi7qfJS6yhfrYon7QKlli66XHlPSVhqAzNR3EAQthyF2fGvSaXweNGB2eA7kkX5f-4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://notes.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame 1CB2 0
0 19ms
19ms Fetch
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C1ZxLQEdMYcjjD6aM7_UPq4mL-AvPh46bXMCG2YLGAsCNtwEQASAAYJWSk4KgB4IBF2NhLXB1Yi00MDcwNTAyNDkzNjUzNDc0yAEJqAMBqgSnAU_Q7SJBXFjUxbMIHtbrwkOXH-yCv6VmZAJztYW44pdiEG3k4UlVhTpwS6lZDmxnqcTLaxt06o00PEPHbk_F4q6BNz2XqH6gBWP9EdftQKpfgVeKSEyA5uHxlOCOScfsmZmS2t76JrHDfeG77Y5uBPzd5DC5pn-z5uLNFYH4sOy2wHZgpXQp4cS6k14dhuFvXnucepPm18WSZZADc0wZj3ZvLgfRlRgUgAbK6-nQ7rCDqokBoAYhqAemvhuoB_DZG6gH8tkbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBABgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTQwNzA1MDI0OTM2NTM0NzQYAA&sigh=OhvyC396S6U&tpd=AGWhJmv89cFghP04deSFyPny4HuGxABP9Xzhd-4g4SKb1zl8SqYxsYqB9wzVRHBirYTbevYPJe6ybaDFRDa1M79s1XdJTw0oeFAmBGUZ1B5ubUj6JX7cgKOQ3FIxEX_TLT7M8Z8Pya-5XAOfDzApozbqDIzSCeE0fzBoS_PElNNGt0_IeqNvtsbusHclzEIMW5jIg5NrVqVtgUzf48qulFDQZ39FNytO8hrKml7ZrK2jdUG2QxTTpHIyBoTHgCF4Aiy78TAH2tZ-a9KzdHkGyywnudR7ZNApt_ukn_hIVM0czAl4Ody8vGYdI6pI595asfFnMWc13SG0DoeodVezIQ52KEVuQBH9B_5ahS_bk57rn8cmCK9a8ah6wYg2-23IgGQPZwFVhhljKvEqMP4JxsEmYr_GRVE7COC7quqMZInRXJpwVKwjKikIAZWQ_cSPyZ6R1mbClSEamxiAEs7mmkOnc3jfMjoELSAThY_PDMCnK8oZCzj2EUErlJ3lf6JV6QXrNA2AlP7Z14f0UxlisjWUIzCelmgRXPI3ONHWVOUd3aBRfbXcpE8uJi_oqg3nE5bMH8Cf6t4LplgXlttcYkFr_5haAgyRhJYhd8F-ux9SIYgE9MestE9aBzrDaJmR4FYPj_XCveGUb31A2b38Vr0zXkFllEMjx358BLOEWQauYu9ef8ChOsnjxmAFiritoMVPADzFlGDDeKuyGaQkXAcNwXrCuuR0PrM1s1axg8SlPqkx8JKNEmkZqr7L2UU6zq-K3ldDZoqvejc_QhDq0kcFKIM9Jerrx3MDcihLGA6Q30gO1Ydf829xtjR549jG1AVT2_eBauGkYdxQNNYsx6rx6NV-A8a7iNozRltiiP1TpW1cIGy-6Gtec9101wSeYk9AFhI4xQqDzqZRZlPYe9vx4nNOalLczjDFIoF7Pcz6kG4FmNmKo2RrBpmaswU2QyDOpdYeOCA83nChEQtgWVo8y6M2wccDebfXpzgvpkaHV_MVxvSuzcoybuph8BHxAXtGDKfumEXckqXYZKlwoqzdGDdkzsjjy84vjaPh0iJbVccyPXVJI3D-c7_r-A

Requested by

Host: notes.io
URL: https://notes.io/JaMr

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4070502493653474&output=html&h=90&adk=225959210&adf=2234306316&pi=t.aa~a.4127630865~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1632388928&rafmt=1&to=qs&pwprc=7194745760&psa=1&format=1200x90&url=https%3A%2F%2Fnotes.io%2FJaMr&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632388928228&bpp=1&bdt=418&idt=1&shv=r20210921&mjsv=m202109210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6cd3a180b7c31af1-2225373fc1cb00a3%3AT%3D1632388928%3ART%3D1632388928%3AS%3DALNI_MZaOPNpKFDM5fRh8scQ96xlL5vEUw&prev_fmts=1200x200%2C728x90%2C0x0%2C1200x280&nras=3&correlator=7993603270140&frm=20&pv=1&ga_vid=678837858.1632388928&ga_sid=1632388928&ga_hid=924834711&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=194&ady=2080&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530887%2C31062896%2C21065724&oid=3&pvsid=2131072436534809&pem=426&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=RZFjrINWiB&p=https%3A//notes.io&dtd=11
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 23 Sep 2021 09:22:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK js Show response
tags.mathtag.com/notify/ Frame 1CB2 2 KB
2 KB 92ms
46ms Script
application/x-javascript 185.29.134.245
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTlRRMk1XWm1aRFl0TW1Zd09TMDFaR0UxTFRBd01EQXRNREF3TURBd01EQXdNREF3LzQzNjU4MTE1OTUwOTA1ODIwMC82NjIyMzMyLzQ1NjIzMDYvNC9WTkdQLW02RGdRQ0tVUDJyLXNqMi1SVzM2Y3NaZmF5ekxhMzY0X2VIdldVLzEvNC8wLzAvOTU2ODAzLzAvMjE2NTM2LzY1MTg3MS8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzQzNjU4MTE1OTUwOTA1ODIwMC96cmgvMC8yMTcvNDcvOTk5LzY2LzJhMDE6NGY4OmExOjovMC4wMDAvMTYzMjM4ODkyOC8xNjMyNDAxNTI4LzQvcHViLTQwNzA1MDI0OTM2NTM0NzQv/tLjNupgPgIChAXtX3xpNPJtnn8k&nodeid=339&group=zrh&auctionid=436581159509058200&shardkey=436581159509058200&sid=4562306&cid=6622332&bp=a_bgiccg&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.67&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9pFZQEdMYcjjD6aM7_UPq4mL-AvPh46bXMCG2YLGAsCNtwEQASAAYJWSk4KgB4IBF2NhLXB1Yi00MDcwNTAyNDkzNjUzNDc0yAEJqAMBqgSqAU_Q7SJBXFjUxbMIHtbrwkOXH-yCv6VmZAJztYW44pdiEG3k4UlVhTpwS6lZDmxnqcTLaxt06o00PEPHbk_F4q6BNz2XqH6gBWP9EdftQKpfgVeKSEyA5uHxlOCOScfsmZmS2t76JrHDfeG77Y5uBPzd5DC5pn-z5uLNFYH4sOy2wHZgpXQp4cS6k14dhuFvXnucepPmlcef9zyT10uUKz7E9kd-ZQUAunpQgAbK6-nQ7rCDqokBoAYhqAemvhuoB_DZG6gH8tkbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_16UaXQ_WsdsN-vbdq_-kNL-jXQNw%26client%3Dca-pub-4070502493653474%26adurl%3D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4070502493653474&output=html&h=90&adk=225959210&adf=2234306316&pi=t.aa~a.4127630865~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1632388928&rafmt=1&to=qs&pwprc=7194745760&psa=1&format=1200x90&url=https%3A%2F%2Fnotes.io%2FJaMr&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632388928228&bpp=1&bdt=418&idt=1&shv=r20210921&mjsv=m202109210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6cd3a180b7c31af1-2225373fc1cb00a3%3AT%3D1632388928%3ART%3D1632388928%3AS%3DALNI_MZaOPNpKFDM5fRh8scQ96xlL5vEUw&prev_fmts=1200x200%2C728x90%2C0x0%2C1200x280&nras=3&correlator=7993603270140&frm=20&pv=1&ga_vid=678837858.1632388928&ga_sid=1632388928&ga_hid=924834711&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=194&ady=2080&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530887%2C31062896%2C21065724&oid=3&pvsid=2131072436534809&pem=426&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=RZFjrINWiB&p=https%3A//notes.io&dtd=11
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.134.245 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.205.1 /
Resource Hash: 5729465301094aebe2427a65018ace17101f506768cdf2a407680f3256abe951

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 23 Sep 2021 09:22:08 GMT
Content-Encoding: gzip
x-mm-bid-request-time: 1632388928
Last-Modified: Thu, 23 Sep 2021 09:22:08 GMT
Server: MMBD/3.205.1
x-mm-latency: 33 (0)
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
x-mm-dbg: Count
Cache-Control: no-cache
x-mm-host: cdg-router-x91, zrh-bidder-x40
Connection: close
Content-Type: application/x-javascript; charset=UTF-8
Expires: Thu, 23 Sep 2021 09:22:07 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210921/r20110914/client/ Frame 1CB2 3 KB
2 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210921/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4070502493653474&output=html&h=90&adk=225959210&adf=2234306316&pi=t.aa~a.4127630865~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1632388928&rafmt=1&to=qs&pwprc=7194745760&psa=1&format=1200x90&url=https%3A%2F%2Fnotes.io%2FJaMr&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632388928228&bpp=1&bdt=418&idt=1&shv=r20210921&mjsv=m202109210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6cd3a180b7c31af1-2225373fc1cb00a3%3AT%3D1632388928%3ART%3D1632388928%3AS%3DALNI_MZaOPNpKFDM5fRh8scQ96xlL5vEUw&prev_fmts=1200x200%2C728x90%2C0x0%2C1200x280&nras=3&correlator=7993603270140&frm=20&pv=1&ga_vid=678837858.1632388928&ga_sid=1632388928&ga_hid=924834711&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=194&ady=2080&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530887%2C31062896%2C21065724&oid=3&pvsid=2131072436534809&pem=426&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=RZFjrINWiB&p=https%3A//notes.io&dtd=11

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c178b294f465f8c802b3f20752a384d2304c8628f8908d30ff13d02e861c2442

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 09:04:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1065
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1358
x-xss-protection: 0
server: cafe
etag: 15351394696698642166
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Oct 2021 09:04:23 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1CB2 128 KB
39 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c2918d0edea50f453e2143087cb6f5b232a6fef8b687e228496629f0739fc809

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 09:22:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39662
x-xss-protection: 0
server: sffe
etag: "1632310973010379"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="active-view-scs-read-write-acl"
expires: Thu, 23 Sep 2021 09:22:08 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210921/r20110914/client/ Frame 1CB2 14 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210921/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d8144ce2cd5918de3beabc8fd113ab560103033fae3956e093b688cda5732a50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 09:02:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1197
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6232
x-xss-protection: 0
server: cafe
etag: 15606800361334891596
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Oct 2021 09:02:11 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 1CB2 0
0 15ms
15ms Image
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTMFvG0HWpWPzTetJbhHQDmLiyDChw6KD_3aLk2M-g81kDBmEgjFpIYRKHnN1L3Hyx7-hINuuYfq9ez-qw0QTSGvpzaOQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4070502493653474&output=html&h=90&adk=225959210&adf=2234306316&pi=t.aa~a.4127630865~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1632388928&rafmt=1&to=qs&pwprc=7194745760&psa=1&format=1200x90&url=https%3A%2F%2Fnotes.io%2FJaMr&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632388928228&bpp=1&bdt=418&idt=1&shv=r20210921&mjsv=m202109210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6cd3a180b7c31af1-2225373fc1cb00a3%3AT%3D1632388928%3ART%3D1632388928%3AS%3DALNI_MZaOPNpKFDM5fRh8scQ96xlL5vEUw&prev_fmts=1200x200%2C728x90%2C0x0%2C1200x280&nras=3&correlator=7993603270140&frm=20&pv=1&ga_vid=678837858.1632388928&ga_sid=1632388928&ga_hid=924834711&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=194&ady=2080&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530887%2C31062896%2C21065724&oid=3&pvsid=2131072436534809&pem=426&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=RZFjrINWiB&p=https%3A//notes.io&dtd=11
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1 200
OK ajk4xlebn4mw Show response
hal9000.redintelligence.net/zone/ Frame 1CB2 10 KB
3 KB 42ms
11ms Script
text/html 144.76.104.53
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/ajk4xlebn4mw?subid=&gdpr=1&gdpr_consent=li&rnd=436581159509058200&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:adx&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D436581159509058200%26mt_id%3D6622332%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D01d3614c-4740-4901-9739-55791b7d5e2c%26mt_cid%3D01d3614c-4740-4901-9739-55791b7d5e2c%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DC9pFZQEdMYcjjD6aM7_UPq4mL-AvPh46bXMCG2YLGAsCNtwEQASAAYJWSk4KgB4IBF2NhLXB1Yi00MDcwNTAyNDkzNjUzNDc0yAEJqAMBqgSqAU_Q7SJBXFjUxbMIHtbrwkOXH-yCv6VmZAJztYW44pdiEG3k4UlVhTpwS6lZDmxnqcTLaxt06o00PEPHbk_F4q6BNz2XqH6gBWP9EdftQKpfgVeKSEyA5uHxlOCOScfsmZmS2t76JrHDfeG77Y5uBPzd5DC5pn-z5uLNFYH4sOy2wHZgpXQp4cS6k14dhuFvXnucepPmlcef9zyT10uUKz7E9kd-ZQUAunpQgAbK6-nQ7rCDqokBoAYhqAemvhuoB_DZG6gH8tkbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_16UaXQ_WsdsN-vbdq_-kNL-jXQNw%2526client%253Dca-pub-4070502493653474%2526adurl%253D%26redirect%3D
Requested by: Host: notes.io
URL: https://notes.io/JaMr
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.104.53 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.53.104.76.144.clients.your-server.de
Software: Apache /
Resource Hash: 5551c69f0f42da304b3210b0a5e21fca5deb0233193f13681e165df40dc71592

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 23 Sep 2021 09:22:08 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3258
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK ck-confirm
tags.mathtag.com/ Frame 1CB2 49 B
329 B 55ms
31ms Image
image/gif 185.29.134.245
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/ck-confirm?bid_id=436581159509058200&node_id=339&exch_id=4
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTlRRMk1XWm1aRFl0TW1Zd09TMDFaR0UxTFRBd01EQXRNREF3TURBd01EQXdNREF3LzQzNjU4MTE1OTUwOTA1ODIwMC82NjIyMzMyLzQ1NjIzMDYvNC9WTkdQLW02RGdRQ0tVUDJyLXNqMi1SVzM2Y3NaZmF5ekxhMzY0X2VIdldVLzEvNC8wLzAvOTU2ODAzLzAvMjE2NTM2LzY1MTg3MS8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzQzNjU4MTE1OTUwOTA1ODIwMC96cmgvMC8yMTcvNDcvOTk5LzY2LzJhMDE6NGY4OmExOjovMC4wMDAvMTYzMjM4ODkyOC8xNjMyNDAxNTI4LzQvcHViLTQwNzA1MDI0OTM2NTM0NzQv/tLjNupgPgIChAXtX3xpNPJtnn8k&nodeid=339&group=zrh&auctionid=436581159509058200&shardkey=436581159509058200&sid=4562306&cid=6622332&bp=a_bgiccg&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.67&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9pFZQEdMYcjjD6aM7_UPq4mL-AvPh46bXMCG2YLGAsCNtwEQASAAYJWSk4KgB4IBF2NhLXB1Yi00MDcwNTAyNDkzNjUzNDc0yAEJqAMBqgSqAU_Q7SJBXFjUxbMIHtbrwkOXH-yCv6VmZAJztYW44pdiEG3k4UlVhTpwS6lZDmxnqcTLaxt06o00PEPHbk_F4q6BNz2XqH6gBWP9EdftQKpfgVeKSEyA5uHxlOCOScfsmZmS2t76JrHDfeG77Y5uBPzd5DC5pn-z5uLNFYH4sOy2wHZgpXQp4cS6k14dhuFvXnucepPmlcef9zyT10uUKz7E9kd-ZQUAunpQgAbK6-nQ7rCDqokBoAYhqAemvhuoB_DZG6gH8tkbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_16UaXQ_WsdsN-vbdq_-kNL-jXQNw%26client%3Dca-pub-4070502493653474%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.134.245 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.205.1 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 23 Sep 2021 09:22:08 GMT
Server: MMBD/3.205.1
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: cdg-router-x84, zrh-bidder-x40
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Thu, 23 Sep 2021 09:22:07 GMT

GET
H/1.1 200
OK img
pixel.mathtag.com/event/ Frame 1CB2 43 B
373 B 71ms
20ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=4&v2=436581159509058200&v3=651871&v4=4562306&v5=6622332&mt_nsync=1&no_attr=1
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTlRRMk1XWm1aRFl0TW1Zd09TMDFaR0UxTFRBd01EQXRNREF3TURBd01EQXdNREF3LzQzNjU4MTE1OTUwOTA1ODIwMC82NjIyMzMyLzQ1NjIzMDYvNC9WTkdQLW02RGdRQ0tVUDJyLXNqMi1SVzM2Y3NaZmF5ekxhMzY0X2VIdldVLzEvNC8wLzAvOTU2ODAzLzAvMjE2NTM2LzY1MTg3MS8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzQzNjU4MTE1OTUwOTA1ODIwMC96cmgvMC8yMTcvNDcvOTk5LzY2LzJhMDE6NGY4OmExOjovMC4wMDAvMTYzMjM4ODkyOC8xNjMyNDAxNTI4LzQvcHViLTQwNzA1MDI0OTM2NTM0NzQv/tLjNupgPgIChAXtX3xpNPJtnn8k&nodeid=339&group=zrh&auctionid=436581159509058200&shardkey=436581159509058200&sid=4562306&cid=6622332&bp=a_bgiccg&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.67&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9pFZQEdMYcjjD6aM7_UPq4mL-AvPh46bXMCG2YLGAsCNtwEQASAAYJWSk4KgB4IBF2NhLXB1Yi00MDcwNTAyNDkzNjUzNDc0yAEJqAMBqgSqAU_Q7SJBXFjUxbMIHtbrwkOXH-yCv6VmZAJztYW44pdiEG3k4UlVhTpwS6lZDmxnqcTLaxt06o00PEPHbk_F4q6BNz2XqH6gBWP9EdftQKpfgVeKSEyA5uHxlOCOScfsmZmS2t76JrHDfeG77Y5uBPzd5DC5pn-z5uLNFYH4sOy2wHZgpXQp4cS6k14dhuFvXnucepPmlcef9zyT10uUKz7E9kd-ZQUAunpQgAbK6-nQ7rCDqokBoAYhqAemvhuoB_DZG6gH8tkbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_16UaXQ_WsdsN-vbdq_-kNL-jXQNw%26client%3Dca-pub-4070502493653474%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 3984 0e3af3b master cdg-pixel-x27 config:1.0.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 23 Sep 2021 09:22:08 GMT
Server: MT3 3984 0e3af3b master cdg-pixel-x27 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 23 Sep 2021 09:22:07 GMT

GET
H/1.1 200
OK img
tags.mathtag.com/event/ Frame 1CB2 49 B
329 B 81ms
56ms Image
image/gif 185.29.134.245
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/event/img?type=mmImpTrack&exch=adx&bid=436581159509058200&st=4562306&time=1632388928&nodeid=339
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTlRRMk1XWm1aRFl0TW1Zd09TMDFaR0UxTFRBd01EQXRNREF3TURBd01EQXdNREF3LzQzNjU4MTE1OTUwOTA1ODIwMC82NjIyMzMyLzQ1NjIzMDYvNC9WTkdQLW02RGdRQ0tVUDJyLXNqMi1SVzM2Y3NaZmF5ekxhMzY0X2VIdldVLzEvNC8wLzAvOTU2ODAzLzAvMjE2NTM2LzY1MTg3MS8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzQzNjU4MTE1OTUwOTA1ODIwMC96cmgvMC8yMTcvNDcvOTk5LzY2LzJhMDE6NGY4OmExOjovMC4wMDAvMTYzMjM4ODkyOC8xNjMyNDAxNTI4LzQvcHViLTQwNzA1MDI0OTM2NTM0NzQv/tLjNupgPgIChAXtX3xpNPJtnn8k&nodeid=339&group=zrh&auctionid=436581159509058200&shardkey=436581159509058200&sid=4562306&cid=6622332&bp=a_bgiccg&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.67&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9pFZQEdMYcjjD6aM7_UPq4mL-AvPh46bXMCG2YLGAsCNtwEQASAAYJWSk4KgB4IBF2NhLXB1Yi00MDcwNTAyNDkzNjUzNDc0yAEJqAMBqgSqAU_Q7SJBXFjUxbMIHtbrwkOXH-yCv6VmZAJztYW44pdiEG3k4UlVhTpwS6lZDmxnqcTLaxt06o00PEPHbk_F4q6BNz2XqH6gBWP9EdftQKpfgVeKSEyA5uHxlOCOScfsmZmS2t76JrHDfeG77Y5uBPzd5DC5pn-z5uLNFYH4sOy2wHZgpXQp4cS6k14dhuFvXnucepPmlcef9zyT10uUKz7E9kd-ZQUAunpQgAbK6-nQ7rCDqokBoAYhqAemvhuoB_DZG6gH8tkbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_16UaXQ_WsdsN-vbdq_-kNL-jXQNw%26client%3Dca-pub-4070502493653474%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.134.245 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.205.1 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 23 Sep 2021 09:22:08 GMT
Server: MMBD/3.205.1
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: cdg-router-x42, zrh-bidder-x40
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Thu, 23 Sep 2021 09:22:07 GMT

GET
H/1.1 200
OK request.php Show response
hal900014.redintelligence.net/ Frame 1CB2 3 KB
2 KB 110ms
80ms Script
application/x-javascript 176.9.26.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900014.redintelligence.net/request.php?zone=ajk4xlebn4mw&nw=20&renderingType=javascript&namespace=e39d95f804&subid=&uid=04b37d5cd821d521&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D436581159509058200%26mt_id%3D6622332%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D01d3614c-4740-4901-9739-55791b7d5e2c%26mt_cid%3D01d3614c-4740-4901-9739-55791b7d5e2c%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DC9pFZQEdMYcjjD6aM7_UPq4mL-AvPh46bXMCG2YLGAsCNtwEQASAAYJWSk4KgB4IBF2NhLXB1Yi00MDcwNTAyNDkzNjUzNDc0yAEJqAMBqgSqAU_Q7SJBXFjUxbMIHtbrwkOXH-yCv6VmZAJztYW44pdiEG3k4UlVhTpwS6lZDmxnqcTLaxt06o00PEPHbk_F4q6BNz2XqH6gBWP9EdftQKpfgVeKSEyA5uHxlOCOScfsmZmS2t76JrHDfeG77Y5uBPzd5DC5pn-z5uLNFYH4sOy2wHZgpXQp4cS6k14dhuFvXnucepPmlcef9zyT10uUKz7E9kd-ZQUAunpQgAbK6-nQ7rCDqokBoAYhqAemvhuoB_DZG6gH8tkbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_16UaXQ_WsdsN-vbdq_-kNL-jXQNw%2526client%253Dca-pub-4070502493653474%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-4070502493653474%26output%3Dhtml%26h%3D90%26adk%3D225959210%26adf%3D2234306316%26pi%3Dt.aa~a.4127630865~rp.3%26w%3D1200%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1632388928%26rafmt%3D1%26to%3Dqs%26pwprc%3D7194745760%26psa%3D1%26format%3D1200x90%26url%3Dhttps%253A%252F%252Fnotes.io%252FJaMr%26flash%3D0%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.%26dt%3D1632388928228%26bpp%3D1%26bdt%3D418%26idt%3D1%26shv%3Dr20210921%26mjsv%3Dm202109210101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253D6cd3a180b7c31af1-2225373fc1cb00a3%253AT%253D1632388928%253ART%253D1632388928%253AS%253DALNI_MZaOPNpKFDM5fRh8scQ96xlL5vEUw%26prev_fmts%3D1200x200%252C728x90%252C0x0%252C1200x280%26nras%3D3%26correlator%3D7993603270140%26frm%3D20%26pv%3D1%26ga_vid%3D678837858.1632388928%26ga_sid%3D1632388928%26ga_hid%3D924834711%26ga_fc%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26adx%3D194%26ady%3D2080%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D42530887%252C31062896%252C21065724%26oid%3D3%26pvsid%3D2131072436534809%26pem%3D426%26eae%3D0%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26ifi%3D5%26uci%3Da!5%26btvi%3D2%26fsb%3D1%26xpc%3DRZFjrINWiB%26p%3Dhttps%253A%2F%2Fnotes.io%26dtd%3D11&ancestorOrigins=null&random=9366630124847&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/zone/ajk4xlebn4mw?subid=&gdpr=1&gdpr_consent=li&rnd=436581159509058200&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:adx&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D436581159509058200%26mt_id%3D6622332%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D01d3614c-4740-4901-9739-55791b7d5e2c%26mt_cid%3D01d3614c-4740-4901-9739-55791b7d5e2c%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DC9pFZQEdMYcjjD6aM7_UPq4mL-AvPh46bXMCG2YLGAsCNtwEQASAAYJWSk4KgB4IBF2NhLXB1Yi00MDcwNTAyNDkzNjUzNDc0yAEJqAMBqgSqAU_Q7SJBXFjUxbMIHtbrwkOXH-yCv6VmZAJztYW44pdiEG3k4UlVhTpwS6lZDmxnqcTLaxt06o00PEPHbk_F4q6BNz2XqH6gBWP9EdftQKpfgVeKSEyA5uHxlOCOScfsmZmS2t76JrHDfeG77Y5uBPzd5DC5pn-z5uLNFYH4sOy2wHZgpXQp4cS6k14dhuFvXnucepPmlcef9zyT10uUKz7E9kd-ZQUAunpQgAbK6-nQ7rCDqokBoAYhqAemvhuoB_DZG6gH8tkbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_16UaXQ_WsdsN-vbdq_-kNL-jXQNw%2526client%253Dca-pub-4070502493653474%2526adurl%253D%26redirect%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 176.9.26.250 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.250.26.9.176.clients.your-server.de
Software: Apache /
Resource Hash: 4e283f089181fd30b5b8d51f9e940408990d3fb2064bd1874828e6de157f7d17

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 23 Sep 2021 09:22:08 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 23567200065022400951389011726014
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 1111
Expires: Thu, 23 Sep 2021 10:22:08 +0200

GET
H2

200

view.aspx Show response
pb.media01.eu/ Frame 57B0
Redirect Chain

https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=23567200065022400951389011726014&t=htlp
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=23567200065022400951389011726014&actionid=879111&produktid=ratenkredit&dt_url=

0
629 B

110ms
73ms

Document
text/html

88.198.250.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=23567200065022400951389011726014&actionid=879111&produktid=ratenkredit&dt_url=

Requested by

Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request.php?zone=ajk4xlebn4mw&nw=20&renderingType=javascript&namespace=e39d95f804&subid=&uid=04b37d5cd821d521&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D436581159509058200%26mt_id%3D6622332%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D01d3614c-4740-4901-9739-55791b7d5e2c%26mt_cid%3D01d3614c-4740-4901-9739-55791b7d5e2c%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DC9pFZQEdMYcjjD6aM7_UPq4mL-AvPh46bXMCG2YLGAsCNtwEQASAAYJWSk4KgB4IBF2NhLXB1Yi00MDcwNTAyNDkzNjUzNDc0yAEJqAMBqgSqAU_Q7SJBXFjUxbMIHtbrwkOXH-yCv6VmZAJztYW44pdiEG3k4UlVhTpwS6lZDmxnqcTLaxt06o00PEPHbk_F4q6BNz2XqH6gBWP9EdftQKpfgVeKSEyA5uHxlOCOScfsmZmS2t76JrHDfeG77Y5uBPzd5DC5pn-z5uLNFYH4sOy2wHZgpXQp4cS6k14dhuFvXnucepPmlcef9zyT10uUKz7E9kd-ZQUAunpQgAbK6-nQ7rCDqokBoAYhqAemvhuoB_DZG6gH8tkbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_16UaXQ_WsdsN-vbdq_-kNL-jXQNw%2526client%253Dca-pub-4070502493653474%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-4070502493653474%26output%3Dhtml%26h%3D90%26adk%3D225959210%26adf%3D2234306316%26pi%3Dt.aa~a.4127630865~rp.3%26w%3D1200%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1632388928%26rafmt%3D1%26to%3Dqs%26pwprc%3D7194745760%26psa%3D1%26format%3D1200x90%26url%3Dhttps%253A%252F%252Fnotes.io%252FJaMr%26flash%3D0%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.%26dt%3D1632388928228%26bpp%3D1%26bdt%3D418%26idt%3D1%26shv%3Dr20210921%26mjsv%3Dm202109210101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253D6cd3a180b7c31af1-2225373fc1cb00a3%253AT%253D1632388928%253ART%253D1632388928%253AS%253DALNI_MZaOPNpKFDM5fRh8scQ96xlL5vEUw%26prev_fmts%3D1200x200%252C728x90%252C0x0%252C1200x280%26nras%3D3%26correlator%3D7993603270140%26frm%3D20%26pv%3D1%26ga_vid%3D678837858.1632388928%26ga_sid%3D1632388928%26ga_hid%3D924834711%26ga_fc%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26adx%3D194%26ady%3D2080%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D42530887%252C31062896%252C21065724%26oid%3D3%26pvsid%3D2131072436534809%26pem%3D426%26eae%3D0%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26ifi%3D5%26uci%3Da!5%26btvi%3D2%26fsb%3D1%26xpc%3DRZFjrINWiB%26p%3Dhttps%253A%2F%2Fnotes.io%26dtd%3D11&ancestorOrigins=null&random=9366630124847&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

88.198.250.30 Schwaig, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-250-30.clients.your-server.de

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: pb.media01.eu
:scheme: https
:path: /view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=23567200065022400951389011726014&actionid=879111&produktid=ratenkredit&dt_url=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Thu, 23 Sep 2021 11:22:07 GMT
server: Microsoft-IIS/10.0
set-cookie: ASP.NET_SessionId=vr3ojhwy0qtttke4u3ttbqbv; path=/; secure; HttpOnly; SameSite=None DTU=18738717EE7CFB2D09EB3D54A3F6F390; expires=Sat, 23-Sep-2023 09:22:07 GMT; path=/; SameSite=None; secure; HttpOnly; SameSite=None
p3p: policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
access-control-allow-origin: *
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
access-control-allow-methods: GET,POST
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
date: Thu, 23 Sep 2021 09:22:07 GMT
content-length: 0

Redirect headers

Server: nginx/1.19.7
Date: Thu, 23 Sep 2021 09:22:08 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Keep-Alive: timeout=20
X-Powered-By: PHP/7.2.34
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,PUT,POST,DELETE,OPTIONS
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Range, Content-Disposition, Content-Type, Authorization
Access-Control-Allow-Credentials: true
Set-Cookie: trscj=MTYzMjM4ODkyOHxMM1J5WTJzdlpYQjJMMlU1T1dGaFkyVTVOR1UyWlRVNE56TTRPREZrTXpRd01EazVNMlV4WlRkbFAzTjFZbWxrUFRJek5UWTNNakF3TURZMU1ESXlOREF3T1RVeE16ZzVNREV4TnpJMk1ERTBKblE5YUhSc2NBPT18YUhSMGNITTZMeTluYjI5bmJHVmhaSE11Wnk1a2IzVmliR1ZqYkdsamF5NXVaWFF2; expires=Fri, 23-Sep-2022 09:22:08 GMT; Max-Age=31536000; path=/; samesite=none; domain=.medialead.de; secure SERVERID177589=2|YUxHQ|YUxHQ; path=/; HttpOnly
Location: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=23567200065022400951389011726014&actionid=879111&produktid=ratenkredit&dt_url=
Strict-Transport-Security: max-age=63072000;includeSubdomains;preload max-age=15768000
X-IPLB-Request-ID: A87719C7:149B_91EFC182:01BB_614C4740_9E16209:3969
X-IPLB-Instance: 40027
Cache-control: private

GET
H2

200

htlp Show response
futalis.de/ Frame 9C60
Redirect Chain

https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=23567200065022400951389011726014
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=887443219

350 B
409 B

38ms
6ms

Document
text/html

167.233.14.134
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=887443219
Requested by: Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request.php?zone=ajk4xlebn4mw&nw=20&renderingType=javascript&namespace=e39d95f804&subid=&uid=04b37d5cd821d521&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D436581159509058200%26mt_id%3D6622332%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D01d3614c-4740-4901-9739-55791b7d5e2c%26mt_cid%3D01d3614c-4740-4901-9739-55791b7d5e2c%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DC9pFZQEdMYcjjD6aM7_UPq4mL-AvPh46bXMCG2YLGAsCNtwEQASAAYJWSk4KgB4IBF2NhLXB1Yi00MDcwNTAyNDkzNjUzNDc0yAEJqAMBqgSqAU_Q7SJBXFjUxbMIHtbrwkOXH-yCv6VmZAJztYW44pdiEG3k4UlVhTpwS6lZDmxnqcTLaxt06o00PEPHbk_F4q6BNz2XqH6gBWP9EdftQKpfgVeKSEyA5uHxlOCOScfsmZmS2t76JrHDfeG77Y5uBPzd5DC5pn-z5uLNFYH4sOy2wHZgpXQp4cS6k14dhuFvXnucepPmlcef9zyT10uUKz7E9kd-ZQUAunpQgAbK6-nQ7rCDqokBoAYhqAemvhuoB_DZG6gH8tkbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_16UaXQ_WsdsN-vbdq_-kNL-jXQNw%2526client%253Dca-pub-4070502493653474%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-4070502493653474%26output%3Dhtml%26h%3D90%26adk%3D225959210%26adf%3D2234306316%26pi%3Dt.aa~a.4127630865~rp.3%26w%3D1200%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1632388928%26rafmt%3D1%26to%3Dqs%26pwprc%3D7194745760%26psa%3D1%26format%3D1200x90%26url%3Dhttps%253A%252F%252Fnotes.io%252FJaMr%26flash%3D0%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.%26dt%3D1632388928228%26bpp%3D1%26bdt%3D418%26idt%3D1%26shv%3Dr20210921%26mjsv%3Dm202109210101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253D6cd3a180b7c31af1-2225373fc1cb00a3%253AT%253D1632388928%253ART%253D1632388928%253AS%253DALNI_MZaOPNpKFDM5fRh8scQ96xlL5vEUw%26prev_fmts%3D1200x200%252C728x90%252C0x0%252C1200x280%26nras%3D3%26correlator%3D7993603270140%26frm%3D20%26pv%3D1%26ga_vid%3D678837858.1632388928%26ga_sid%3D1632388928%26ga_hid%3D924834711%26ga_fc%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26adx%3D194%26ady%3D2080%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D42530887%252C31062896%252C21065724%26oid%3D3%26pvsid%3D2131072436534809%26pem%3D426%26eae%3D0%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26ifi%3D5%26uci%3Da!5%26btvi%3D2%26fsb%3D1%26xpc%3DRZFjrINWiB%26p%3Dhttps%253A%2F%2Fnotes.io%26dtd%3D11&ancestorOrigins=null&random=9366630124847&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 167.233.14.134 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: lb-2.futalis.de
Software: /
Resource Hash: 582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd

Request headers

:method: GET
:authority: futalis.de
:scheme: https
:path: /htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=887443219
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

content-length: 350
content-type: text/html; charset=utf-8

Redirect headers

date: Thu, 23 Sep 2021 09:22:08 GMT
server: Apache
p3p: policyref="https://www.retailads.net//w3c/p3p.xml",CP="NOI CUR OUR STP"
set-cookie: pp2172=887443219; expires=Sat, 23-Oct-2021 09:22:08 GMT; Max-Age=2592000; path=/; domain=.retailads.net ppb2172=887443219; expires=Sat, 23-Oct-2021 09:22:08 GMT; Max-Age=2592000; path=/; domain=.retailads.net; samesite=none; secure
location: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=887443219
content-length: 0
content-type: text/html; charset=utf-8

GET
H2

200

activityi;dc_pre=CJuf8dHilPMCFdiDhQod0BQPtA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2499830314467.728 Show response
8019191.fls.doubleclick.net/ Frame 3479
Redirect Chain

https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2499830314467.728?
https://8019191.fls.doubleclick.net/activityi;dc_pre=CJuf8dHilPMCFdiDhQod0BQPtA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2499830314467.728?

391 B
432 B

48ms
48ms

Document
text/html

142.250.186.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8019191.fls.doubleclick.net/activityi;dc_pre=CJuf8dHilPMCFdiDhQod0BQPtA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2499830314467.728?

Requested by

Host: notes.io
URL: https://notes.io/JaMr

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f6.1e100.net

Software

cafe /

Resource Hash

e2a4c5485839a50e0816ad04d2805a0cc9d86df4dfbe0989918bde53e2633c00

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 8019191.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CJuf8dHilPMCFdiDhQod0BQPtA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2499830314467.728?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUktO451ltJzrGU-K-GaYSL5qeY5TwbFppd1hErKD_6F8OxD34E5ymWlL5cEyBs
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 23 Sep 2021 09:22:08 GMT
expires: Thu, 23 Sep 2021 09:22:08 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 322
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 23 Sep 2021 09:22:08 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://8019191.fls.doubleclick.net/activityi;dc_pre=CJuf8dHilPMCFdiDhQod0BQPtA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2499830314467.728?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK request_content.php Show response
hal900014.redintelligence.net/ Frame EBAA 7 KB
2 KB 19ms
7ms Document
text/html 176.9.26.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900014.redintelligence.net/request_content.php?s=23567200065022400951389011726014&a=b685c7b7
Requested by: Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request.php?zone=ajk4xlebn4mw&nw=20&renderingType=javascript&namespace=e39d95f804&subid=&uid=04b37d5cd821d521&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D436581159509058200%26mt_id%3D6622332%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D01d3614c-4740-4901-9739-55791b7d5e2c%26mt_cid%3D01d3614c-4740-4901-9739-55791b7d5e2c%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DC9pFZQEdMYcjjD6aM7_UPq4mL-AvPh46bXMCG2YLGAsCNtwEQASAAYJWSk4KgB4IBF2NhLXB1Yi00MDcwNTAyNDkzNjUzNDc0yAEJqAMBqgSqAU_Q7SJBXFjUxbMIHtbrwkOXH-yCv6VmZAJztYW44pdiEG3k4UlVhTpwS6lZDmxnqcTLaxt06o00PEPHbk_F4q6BNz2XqH6gBWP9EdftQKpfgVeKSEyA5uHxlOCOScfsmZmS2t76JrHDfeG77Y5uBPzd5DC5pn-z5uLNFYH4sOy2wHZgpXQp4cS6k14dhuFvXnucepPmlcef9zyT10uUKz7E9kd-ZQUAunpQgAbK6-nQ7rCDqokBoAYhqAemvhuoB_DZG6gH8tkbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_16UaXQ_WsdsN-vbdq_-kNL-jXQNw%2526client%253Dca-pub-4070502493653474%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-4070502493653474%26output%3Dhtml%26h%3D90%26adk%3D225959210%26adf%3D2234306316%26pi%3Dt.aa~a.4127630865~rp.3%26w%3D1200%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1632388928%26rafmt%3D1%26to%3Dqs%26pwprc%3D7194745760%26psa%3D1%26format%3D1200x90%26url%3Dhttps%253A%252F%252Fnotes.io%252FJaMr%26flash%3D0%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.%26dt%3D1632388928228%26bpp%3D1%26bdt%3D418%26idt%3D1%26shv%3Dr20210921%26mjsv%3Dm202109210101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253D6cd3a180b7c31af1-2225373fc1cb00a3%253AT%253D1632388928%253ART%253D1632388928%253AS%253DALNI_MZaOPNpKFDM5fRh8scQ96xlL5vEUw%26prev_fmts%3D1200x200%252C728x90%252C0x0%252C1200x280%26nras%3D3%26correlator%3D7993603270140%26frm%3D20%26pv%3D1%26ga_vid%3D678837858.1632388928%26ga_sid%3D1632388928%26ga_hid%3D924834711%26ga_fc%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26adx%3D194%26ady%3D2080%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D42530887%252C31062896%252C21065724%26oid%3D3%26pvsid%3D2131072436534809%26pem%3D426%26eae%3D0%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26ifi%3D5%26uci%3Da!5%26btvi%3D2%26fsb%3D1%26xpc%3DRZFjrINWiB%26p%3Dhttps%253A%2F%2Fnotes.io%26dtd%3D11&ancestorOrigins=null&random=9366630124847&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 176.9.26.250 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.250.26.9.176.clients.your-server.de
Software: Apache /
Resource Hash: 7fae6b50113936323d94d1fbefb5ee4ead31e65d395da48706498bb140d0e30d

Request headers

Host: hal900014.redintelligence.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

Date: Thu, 23 Sep 2021 09:22:08 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Thu, 23 Sep 2021 10:22:08 +0200
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2069
Connection: close
Content-Type: text/html; charset=utf-8

GET
H/1.1

200
OK

native.png
ad-server.eu/wm/pb/ Frame 1CB2
Redirect Chain

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=23567200065022400951389011726014
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=23567200065022400951389011726014
https://ad-server.eu/wm/pb/native.png

68 B
312 B

152ms
30ms

Image
image/png

54.76.176.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-server.eu/wm/pb/native.png
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4070502493653474&output=html&h=90&adk=225959210&adf=2234306316&pi=t.aa~a.4127630865~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1632388928&rafmt=1&to=qs&pwprc=7194745760&psa=1&format=1200x90&url=https%3A%2F%2Fnotes.io%2FJaMr&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632388928228&bpp=1&bdt=418&idt=1&shv=r20210921&mjsv=m202109210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6cd3a180b7c31af1-2225373fc1cb00a3%3AT%3D1632388928%3ART%3D1632388928%3AS%3DALNI_MZaOPNpKFDM5fRh8scQ96xlL5vEUw&prev_fmts=1200x200%2C728x90%2C0x0%2C1200x280&nras=3&correlator=7993603270140&frm=20&pv=1&ga_vid=678837858.1632388928&ga_sid=1632388928&ga_hid=924834711&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=194&ady=2080&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530887%2C31062896%2C21065724&oid=3&pvsid=2131072436534809&pem=426&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=RZFjrINWiB&p=https%3A//notes.io&dtd=11
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.176.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-176-197.eu-west-1.compute.amazonaws.com
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 23 Sep 2021 09:25:34 GMT
Last-Modified: Sat, 21 Dec 2019 23:06:59 GMT
Server: nginx/1.4.6 (Ubuntu)
ETag: "5dfea593-44"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 68

Redirect headers

Date: Thu, 23 Sep 2021 09:22:08 GMT
Server: nginx/1.19.7
X-IPLB-Request-ID: A87719C7:149B_91EFC182:01BB_614C4740_9E16211:3969
X-Powered-By: PHP/7.2.34
X-IPLB-Instance: 40027
Strict-Transport-Security: max-age=63072000;includeSubdomains;preload, max-age=15768000
Content-Type: text/html; charset=UTF-8
Location: https://ad-server.eu/wm/pb/native.png
Cache-control: private
Transfer-Encoding: chunked
Keep-Alive: timeout=20

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 1CB2 43 B
704 B 73ms
33ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2519595&v=14098&q=379097&r=296283&pref1=23567200065022400951389011726014&pv=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 23 Sep 2021 09:22:08 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 6B4C 1 KB
867 B 8ms
7ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 23 Sep 2021 08:58:57 GMT
expires: Fri, 24 Sep 2021 08:58:57 GMT
content-type: text/html; charset=ISO-8859-1
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 1391
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 1CB2 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a4a108ffde0c1ceec7bed17fdce5bf22f3d047227be1462d3b2c3d306c350a3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 css
fonts.googleapis.com/ Frame EBAA 1 KB
904 B 39ms
15ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Titillium+Web:400,700

Requested by

Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request_content.php?s=23567200065022400951389011726014&a=b685c7b7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9c1521286e7dd2d6f8c2262b15bca8867bcae973a83879accdd00e1cb9831e5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900014.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 23 Sep 2021 07:36:52 GMT
server: ESF
date: Thu, 23 Sep 2021 09:22:08 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 23 Sep 2021 09:22:08 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame EBAA 16 KB
16 KB 22ms
10ms Image
image/png 144.76.104.53
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/postbank_pool_privatkredit_1200x627.jpg
Requested by: Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request_content.php?s=23567200065022400951389011726014&a=b685c7b7
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.104.53 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.53.104.76.144.clients.your-server.de
Software: Apache /
Resource Hash: c8d5f748554f3f4e927125fd743dbaf08baf3fe053c3efdbc1f2ec5e5262f370

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900014.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 23 Sep 2021 09:22:08 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16248
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame EBAA 17 KB
17 KB 22ms
10ms Image
image/png 144.76.104.53
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/3839/creativesup/father_daughter_1200x627.jpg
Requested by: Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request_content.php?s=23567200065022400951389011726014&a=b685c7b7
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.104.53 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.53.104.76.144.clients.your-server.de
Software: Apache /
Resource Hash: a7088e69c6d9fa24f40abaed312168d8a3afd889b3ed041e8e9e62b8bdfba708

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900014.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 23 Sep 2021 09:22:08 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16857
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame EBAA 13 KB
13 KB 23ms
10ms Image
image/png 144.76.104.53
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/55487/creativesup/1200x627.jpg
Requested by: Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request_content.php?s=23567200065022400951389011726014&a=b685c7b7
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.104.53 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.53.104.76.144.clients.your-server.de
Software: Apache /
Resource Hash: 5eb10e85bb1e0525fc9fabeed781f54299ba90f865126b2c1cc03bc2b555a004

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900014.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 23 Sep 2021 09:22:08 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 12988
Vary: Accept-Encoding
Content-Type: image/png

GET dpixel
cms.quantserve.com/ Frame 6B4C 0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6B4C
Redirect Chain

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPLJ92MW74MCbjE2XLvS5zLL-aXunz-CR03njsj...
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVV4SFFBQUFBRjNER0hSTQ&google_push=AYg5qPLJ92MW74MCbjE2XLvS5zLL-aXunz-CR03njsjAKNyc80_VabP9tR7kJIGMixrGn69IuV1kwii8LTJu1OmvW27EWBeEJduV

170 B
188 B

24ms
24ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVV4SFFBQUFBRjNER0hSTQ&google_push=AYg5qPLJ92MW74MCbjE2XLvS5zLL-aXunz-CR03njsjAKNyc80_VabP9tR7kJIGMixrGn69IuV1kwii8LTJu1OmvW27EWBeEJduV

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Sep 2021 09:22:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVV4SFFBQUFBRjNER0hSTQ&google_push=AYg5qPLJ92MW74MCbjE2XLvS5zLL-aXunz-CR03njsjAKNyc80_VabP9tR7kJIGMixrGn69IuV1kwii8LTJu1OmvW27EWBeEJduV
Date: Thu, 23 Sep 2021 09:22:08 GMT
Server: Apache
Connection: keep-alive
Content-Length: 391
Content-Type: text/html; charset=iso-8859-1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6B4C
Redirect Chain

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPL2QyHBPTJYa-qQeA7Vr-MTvfJR5AEyNK91xre82mFmjjD3PegSvK6SWp6YgZP4mY8ASyRwoNvimFXOgHQhgZI4kJ9u0G9w&google_gid=CAESEGbhgiBhIUH2ZJNeZXxAO7E&goo...
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCMCOsYoGEgUI6AcQAEIASnBnb29nbGVfcHVzaD1BWWc1cVBMMlF5SEJQVEpZYS1xUWVBN1ZyLU1UdmZKUjVBRXlOSzkxeHJlODJtRm1qakQzUGVnU3ZLNlNXcDZZZ1pQNG1ZOEFTeVJ3b052aW1GWE9nSF...
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwM3JsWEJWRGZ6djBaelRYV1Y2NVhSdm5oOTktWGo0ZGRlbzh1RmMzd29TQQ==&google_push

170 B
188 B

44ms
26ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwM3JsWEJWRGZ6djBaelRYV1Y2NVhSdm5oOTktWGo0ZGRlbzh1RmMzd29TQQ==&google_push

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Sep 2021 09:22:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 23 Sep 2021 09:22:08 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwM3JsWEJWRGZ6djBaelRYV1Y2NVhSdm5oOTktWGo0ZGRlbzh1RmMzd29TQQ==&google_push
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: clear
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6B4C
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEP8aGHubdnj4MO0hCf9p_ys&google_cver=1&google_push=AYg5qPKyH86EwzXomRqbwnokda9hcEeWsZn-QUFIKID82Cns2XDJJiH1mbrQsPTTG7-n-cVfUll8zNxd5fwHjg_koljufgLFPybx
https://rtb.openx.net/sync/dds?google_gid=CAESEP8aGHubdnj4MO0hCf9p_ys&google_cver=1&google_push=AYg5qPKyH86EwzXomRqbwnokda9hcEeWsZn-QUFIKID82Cns2XDJJiH1mbrQsPTTG7-n-cVfUll8zNxd5fwHjg_koljufgLFPybx&...
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKyH86EwzXomRqbwnokda9hcEeWsZn-QUFIKID82Cns2XDJJiH1mbrQsPTTG7-n-cVfUll8zNxd5fwHjg_koljufgLFPybx&google_hm=kJxZhJ2gxRYbvXMi9XtQdg==

170 B
188 B

46ms
25ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKyH86EwzXomRqbwnokda9hcEeWsZn-QUFIKID82Cns2XDJJiH1mbrQsPTTG7-n-cVfUll8zNxd5fwHjg_koljufgLFPybx&google_hm=kJxZhJ2gxRYbvXMi9XtQdg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Sep 2021 09:22:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 23 Sep 2021 09:22:08 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKyH86EwzXomRqbwnokda9hcEeWsZn-QUFIKID82Cns2XDJJiH1mbrQsPTTG7-n-cVfUll8zNxd5fwHjg_koljufgLFPybx&google_hm=kJxZhJ2gxRYbvXMi9XtQdg==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: 3pvr15ggf57b0kc0do262f98qsqjndrs

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 6B4C
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJ3EtmP6HaaKHdkRBPUKiTQ&google_cver=1&google_push=AYg5qPJl2WWptNifIkM-S-OzOJTNWqrK2SWKnGvi-xJk4GlsO1EyNv4mz0FIfrDbdGL69AOy-bL...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1RXUTdZTzgtWC1JNElZ&google_push=AYg5qPJl2WWptNifIkM-S-OzOJTNWqrK2SWKnGvi-xJk4GlsO1EyNv4mz0FIfrDbdGL69AOy-bLBXgpfeDRYghtJjhCugsQ2tjqU

170 B
329 B

24ms
24ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1RXUTdZTzgtWC1JNElZ&google_push=AYg5qPJl2WWptNifIkM-S-OzOJTNWqrK2SWKnGvi-xJk4GlsO1EyNv4mz0FIfrDbdGL69AOy-bLBXgpfeDRYghtJjhCugsQ2tjqU

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Sep 2021 09:22:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1RXUTdZTzgtWC1JNElZ&google_push=AYg5qPJl2WWptNifIkM-S-OzOJTNWqrK2SWKnGvi-xJk4GlsO1EyNv4mz0FIfrDbdGL69AOy-bLBXgpfeDRYghtJjhCugsQ2tjqU
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6B4C
Redirect Chain

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEL9StjR8hHi9I3UdcParRqY&google_cver=1&google_push=AYg5qPKGL4ja7Frw6cx0eVhA...
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPKGL4ja7Frw6cx0eVhAWRDjJylcDY7qmgW9achWvz4wNbJoJo4KyeRiLqtXbEUwj3_CIDMOi6XyoDYoJNeq22XCLEA8XaazYA&google_hm=

170 B
188 B

24ms
23ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPKGL4ja7Frw6cx0eVhAWRDjJylcDY7qmgW9achWvz4wNbJoJo4KyeRiLqtXbEUwj3_CIDMOi6XyoDYoJNeq22XCLEA8XaazYA&google_hm=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Sep 2021 09:22:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 23 Sep 2021 09:22:08 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPKGL4ja7Frw6cx0eVhAWRDjJylcDY7qmgW9achWvz4wNbJoJo4KyeRiLqtXbEUwj3_CIDMOi6XyoDYoJNeq22XCLEA8XaazYA&google_hm=
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 0
expires: Wed, 22 Sep 2021 09:22:08 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 6B4C 0
253 B 63ms
16ms Image
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IL-RdaAKRun_oCoxI5BZFNqU62xSs11ZoCMqoYdYqdDjB3FvJCF8ISkZwjJ9k0LBk

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 09:22:08 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 ts.js Show response
cdn.retailads.net/ Frame 9C60 5 KB
5 KB 4ms
4ms Script
application/javascript 2a01:4f8:d0a:2321::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.retailads.net/ts.js
Requested by: Host: futalis.de
URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=887443219
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 2a01:4f8:d0a:2321::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: 06a1b5afc54f03b03f1ec1d55390a43b7d0bea926033263e0988e33a8db55d19

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://futalis.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 09:22:08 GMT
last-modified: Thu, 17 Jun 2021 11:09:56 GMT
server: Apache
accept-ranges: bytes
etag: "13e5-5c4f43f50991d"
content-length: 5093
content-type: application/javascript

GET
H/1.1 200
OK viewability Show response
hal900014.redintelligence.net/ Frame EBAA 0
150 B 20ms
7ms Script
text/html 176.9.26.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900014.redintelligence.net/viewability?s=23567200065022400951389011726014&a=4704b6ab&vb=m
Requested by: Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request_content.php?s=23567200065022400951389011726014&a=b685c7b7
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 176.9.26.250 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.250.26.9.176.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900014.redintelligence.net/request_content.php?s=23567200065022400951389011726014&a=b685c7b7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 23 Sep 2021 09:22:08 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2 200 dc_pre=CJuf8dHilPMCFdiDhQod0BQPtA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2499830314467.728
adservice.google.com/ddm/fls/z/ Frame 3479 42 B
262 B 32ms
32ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CJuf8dHilPMCFdiDhQod0BQPtA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2499830314467.728

Requested by

Host: 8019191.fls.doubleclick.net
URL: https://8019191.fls.doubleclick.net/activityi;dc_pre=CJuf8dHilPMCFdiDhQod0BQPtA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2499830314467.728?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8019191.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Sep 2021 09:22:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
56 B 28ms
28ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_stats&wpc=ca-pub-4070502493653474&su=notes.io&eid=42530887&doc=complete&pg_h=2563&pg_w=1600&pg_hs=2563&c=1&aa_c=2&av_h=190&av_w=1488.641&av_a=282841.719&all_s=595&b=2242&all_b=458&d=0.078&all_d=0.222&ard=0.073&all_ard=0.207&dt=d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://notes.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Sep 2021 09:22:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cms.quantserve.com
URL: https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEPnbcQKD-E5N6ofMpL0vrEA&google_cver=1&google_push=AYg5qPJ56bKrR1f-RReAkWEcxGVCsYUvoscmifh0FhmTfgehHcRcMQI8jJuyO2_nFhXeCCpcjsbJA5oEn0gFJ3ftbAOCiI_q4bc

Verdicts & Comments Add Verdict or Comment

63 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
notes.io/	1969-12-31 23:59:59	Name: PHPSESSID Value: bo7hc4v6bqm8iltum3n78l6nlg
.notes.io/	1970-01-20 14:57:40	Name: __utma Value: 225778053.678837858.1632388928.1632388928.1632388928.1
.notes.io/	1969-12-31 23:59:59	Name: __utmc Value: 225778053
.notes.io/	1970-01-20 01:49:16	Name: __utmz Value: 225778053.1632388928.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.notes.io/	1970-01-19 21:26:29	Name: __utmt Value: 1
.notes.io/	1970-01-19 21:26:30	Name: __utmb Value: 225778053.1.10.1632388928
.notes.io/	1970-01-20 06:48:04	Name: __gads Value: ID=6cd3a180b7c31af1-2225373fc1cb00a3:T=1632388928:RT=1632388928:S=ALNI_MZaOPNpKFDM5fRh8scQ96xlL5vEUw
.doubleclick.net/	1970-01-20 06:48:04	Name: IDE Value: AHWqTUktO451ltJzrGU-K-GaYSL5qeY5TwbFppd1hErKD_6F8OxD34E5ymWlL5cEyBs
.mathtag.com/	1970-01-20 06:12:04	Name: uuid Value: 01d3614c-4740-4901-9739-55791b7d5e2c
.retailads.net/	1970-01-19 22:09:40	Name: ppb2172 Value: 887443219
.medialead.de/	1970-01-20 06:12:04	Name: trscj Value: MTYzMjM4ODkyOHxMM1J5WTJzdlpYQjJMMlU1T1dGaFkyVTVOR1UyWlRVNE56TTRPREZrTXpRd01EazVNMlV4WlRkbFAzTjFZbWxrUFRJek5UWTNNakF3TURZMU1ESXlOREF3T1RVeE16ZzVNREV4TnpJMk1ERTBKblE5YUhSc2NBPT18YUhSMGNITTZMeTluYjI5bmJHVmhaSE11Wnk1a2IzVmliR1ZqYkdsamF5NXVaWFF2
.awin1.com/	1970-01-19 21:36:33	Name: awpv14098 Value: 296283\|1632388928\|b9dc9d40-1c4f-11ec-a1d8-692d067fb68d
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 379097:2519595
.futalis.de/	1970-01-19 22:52:52	Name: raSIDb Value: 887443219
.openx.net/	1970-01-20 06:12:04	Name: i Value: 9c66ece1-9da1-43cf-a71f-f77d42455931\|1632388928
.rlcdn.com/	1970-01-20 06:12:04	Name: rlas3 Value: ahMe8B+MldlO2HDXvWo/0908Kjt/5Mx79Z0Dl4rH8I0=
.rlcdn.com/	1970-01-19 22:52:52	Name: pxrc Value: CMCOsYoGEgUI6AcQABIGCOndKhAA
pb.media01.eu/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: vr3ojhwy0qtttke4u3ttbqbv
pb.media01.eu/	1970-01-20 14:57:40	Name: DTU Value: 18738717EE7CFB2D09EB3D54A3F6F390

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8019191.fls.doubleclick.net
ad-server.eu
adservice.google.com
adservice.google.de
cdn.retailads.net
cm.g.doubleclick.net
cms.quantserve.com
fonts.googleapis.com
futalis.de
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
hal9000.redintelligence.net
hal900014.redintelligence.net
id.rlcdn.com
medialead.de
notes.io
pagead2.googlesyndication.com
partner.googleadservices.com
pb.media01.eu
pixel.everesttech.net
pixel.mathtag.com
pixel.rubiconproject.com
pv.medialead.de
rtb.openx.net
ssl.google-analytics.com
stats.g.doubleclick.net
tags.mathtag.com
tpc.googlesyndication.com
www.awin1.com
www.google.com
www.google.de
www.googletagservices.com
cms.quantserve.com
104.111.239.217
142.250.184.194
142.250.186.134
142.250.186.34
144.76.104.53
145.239.193.130
167.233.14.134
176.9.26.250
185.29.134.245
2.18.233.201
2606:4700:3030::ac43:b188
2a00:1450:4001:809::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:810::2001
2a00:1450:4001:813::2002
2a00:1450:4001:813::200a
2a00:1450:4001:827::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2008
2a00:1450:4001:82f::2004
2a00:1450:4001:830::2002
2a00:1450:400c:c01::9c
2a01:4f8:d0a:2321::2
35.186.253.211
35.244.174.68
54.76.176.197
63.32.201.39
69.173.144.138
79.137.68.187
88.198.250.30
94.23.99.218
02cf170d750fab9d79601308d731314e2f3f04c21576e5eae8daff7a340f7415
06a1b5afc54f03b03f1ec1d55390a43b7d0bea926033263e0988e33a8db55d19
0a895770cc52fa3e5f4a67694a21f9c6eb0809e4b95b769d0d8237c0f424c42f
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
158f11817e30926c37f49be07c92f1135b1c01c44da92cdf6f8255a93304b75c
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
210ce18fc43f351e1779820524493a298b577ff52fbcf977c89e16c40c6b5174
242ed9a2483dd9ea5f4173423d8a721d1951f2e69d88d53bb6f6da4c3b003468
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
25b146b35882d4db16b4246ce04fff5bfa97447031834fdc663f8a6b583ef37e
2c7700b4f17c98726894ffd50bbb33856f758fc61f90ad86829ce84db18e1b10
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3147c480445ad3bf877b6e076da47127603baee9a754095cc854f1a281ca6b2e
3a7ad5974f3d165d1a83149795afe792e241b0e6a41078c6e14bcecc5449934e
402cd16e47764a4a19e201e0c8eca17e1d839e2ce52fe41cb40459c0f24f2456
41fb5e4b3f3c89d790b0421abe2100d6f2ca3260040541dcc965a9d376eff7fb
42ae8ff6ab42a1788012299b4be64fa1571d1eab8c6d66be656d02ff10d4285e
46d72aae9d4a3d95505f41765ef9f541d3bde5b21ddfa63ca2ac5b9b2fed6003
4bf98373dae18262ff43206a277346a0cfaa86c5a8c64e0cf6626f07b5d676da
4e283f089181fd30b5b8d51f9e940408990d3fb2064bd1874828e6de157f7d17
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
53e69dacf2d972a15757ffbc6d4079e8a0279bdc7b688e48ff1149f32bcaea0f
5551c69f0f42da304b3210b0a5e21fca5deb0233193f13681e165df40dc71592
5729465301094aebe2427a65018ace17101f506768cdf2a407680f3256abe951
57aceb6d03b2c079e742658b4e52b8ecd9ba903302c4c43a661b071941b01c4c
580cfe9f2689bbdb95454abc36cc61b171ad5d5896c2fee5578b0fdea3f64aa0
582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd
5a4a108ffde0c1ceec7bed17fdce5bf22f3d047227be1462d3b2c3d306c350a3
5e3483b903087992179e337c5b50d3d1768181543b2615915bb53529190fabee
5eb10e85bb1e0525fc9fabeed781f54299ba90f865126b2c1cc03bc2b555a004
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
67edf2d69f32c807ae88a671e1965ad53562cfa7b8b29ebc50f26e0bc2856da0
67fd821b8cbf7173173b93ab14e85ec18d6a244a7f5d9389e8048f5d9c38fbdc
751dcf9dcab28e7704b6c2b25d6288581f8a45af878fd628135cec03d8112eed
75913336756871c8e107493ce476f32784b526d5431dca6cddd8a9c4eb383006
77958bf68663ac66add06e72ec2e94521f8d709fda64ebe3b8fa60fb22e46b7f
789882a15d9931a084d417b8ee65bfc323cd64013ef79a781aaea66ec07dee2f
7fae6b50113936323d94d1fbefb5ee4ead31e65d395da48706498bb140d0e30d
8cacfa400f8759f593f2f89f7984d412c8a2b68c4066108dd0b9e35ec9d22782
912758be9c0fdf154db151ae14b4ffde683389c208095c2805c8855c83dd07d2
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20
98f55ac24900e07eacb9ba779ad017a5120824c93b3b9788ae44d49b395c3542
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b90937bdac082504869f2e7f5ab0cdae955ca4081694733ffd27a521e90dbaf
9c1521286e7dd2d6f8c2262b15bca8867bcae973a83879accdd00e1cb9831e5f
a2e6f4e3b47708f456723686f7229139f65c9590fd610ad4483aa37ab623100e
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a7088e69c6d9fa24f40abaed312168d8a3afd889b3ed041e8e9e62b8bdfba708
a88d92e2876436beeb002b35dd4161535db42e6dd90ebd024ee57e96133fee01
afb2ca57a17df4ec594641ffa0ed6410fb85d072e8105affb26f03811edaafb3
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b448625535a0c7eee84882e8b1b949bb9169993f2af55e42eb8ec05eb7715256
b90953c3a08c054df1002a0fca03d4492ea719aac257f000706550a0a2011b7e
c178b294f465f8c802b3f20752a384d2304c8628f8908d30ff13d02e861c2442
c2918d0edea50f453e2143087cb6f5b232a6fef8b687e228496629f0739fc809
c8d5f748554f3f4e927125fd743dbaf08baf3fe053c3efdbc1f2ec5e5262f370
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cd1e65fd03eb5e219a3ea73711a044bbdba580de75e7d0108bc2ce2a99fd73fe
d22c4c227d0b2b3cff679a1e1aeae1179c07ec7a4fa090b00f3254da1236accc
d8144ce2cd5918de3beabc8fd113ab560103033fae3956e093b688cda5732a50
db07a0f9d2bfd471742e819ccd161fb39a71cf278bf7c8e8e28a874986cf7ed3
db2ba4889dd6b787459213e432032ea294061cedf2b335b423c93e923d36472a
dd43d486434121095a1a87b10d00af75be9b3876da1b100cabdad4fc1ec08699
df720775feafe2fbda5ed706fa3a22baaadb1f49a20089426426ee159dfda16e
e2a4c5485839a50e0816ad04d2805a0cc9d86df4dfbe0989918bde53e2633c00
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7f724efe4d77a4100d8833d4d404c3070f6c1e65816901518c56673198eeae0
e800029919e3965b487ca63166313e31b835625f51f2da6a80ca49a562d55a59
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5eb697ffa5c4ba8a2c5badd8ab713a612934c1e0e54f57e082b3ba736a83f51
f6e484f1b07fd3566bfb2658ea05dd17e8f5e14da9a52f83050bba45431ebb49
fb00fe51694e9a062bdd78d55e256b8b9b512907f1f886c952b1e6184fa4f3f4

notes.io Open in urlscan Pro 2606:4700:3030::ac43:b188 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

92 Requests

99 %HTTPS

42 %IPv6

23 Domains

32 Subdomains

24 IPs

6 Countries

629 kBTransfer

1195 kBSize

19 Cookies

3 Outgoing links

Redirected requests

92 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

notes.io Open in urlscan Pro
2606:4700:3030::ac43:b188 Public Scan

Screenshot
Live screenshot

Full Image

92
Requests

99 %
HTTPS

42 %
IPv6

23
Domains

32
Subdomains

24
IPs

6
Countries

629 kB
Transfer

1195 kB
Size

19
Cookies

92 HTTP transactions
1 data transactions