urlscan.io logo urlscan.io
SecurityTrails logo

privnote.com Open in urlscan Pro
2606:4700:10::ac43:186f  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://privnote.com/WxATtre5#Whbnir69S
Effective URL: https://privnote.com/hidden
Submission: On October 05 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 4 countries across 11 domains to perform 54 HTTP transactions. The main IP is 2606:4700:10::ac43:186f, located in United States and belongs to CLOUDFLARENET, US. The main domain is privnote.com. The Cisco Umbrella rank of the primary domain is 629264.
TLS certificate: Issued by DigiCert EV RSA CA G2 on March 8th 2024. Valid for: a year.
This is the only time privnote.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 15 2606:4700:10:... 13335 (CLOUDFLAR...)
3 46.8.152.14 213119 (ALZ-SOFTW...)
20 95.211.66.34 60781 (LEASEWEB-...)
4 172.217.23.98 15169 (GOOGLE)
2 216.58.206.66 15169 (GOOGLE)
3 13.224.186.120 16509 (AMAZON-02)
1 18.245.31.65 16509 (AMAZON-02)
1 184.30.211.26 16625 (AKAMAI-AS)
1 65.9.66.68 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
54 14
15    2606:4700:10::ac43:186f (United States)

ASN13335 (CLOUDFLARENET, US)
privnote.com
3    46.8.152.14 (London, United Kingdom)

ASN213119 (ALZ-SOFTWARE-AS, GB)
clickiocmp.com
cdn.clickiocdn.com
20    95.211.66.34 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: hosted-by.leaseweb.com
s.clickiocdn.com
up.clickiocdn.com
clickiocdn.com
4    172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f2.1e100.net
pagead2.googlesyndication.com
2    216.58.206.66 (United States)

ASN15169 (GOOGLE, US)
PTR: tzfraa-aa-in-f2.1e100.net
securepubads.g.doubleclick.net
3    13.224.186.120 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-186-120.fra2.r.cloudfront.net
c.amazon-adsystem.com
1    18.245.31.65 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-31-65.fra56.r.cloudfront.net
config.aps.amazon-adsystem.com
1    184.30.211.26 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-211-26.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
1    65.9.66.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-68.fra56.r.cloudfront.net
tags.crwdcntrl.net
1    2606:4700:10::6816:35ad (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.hadronid.net
1    2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
2    2606:4700:10::6816:545 (United States)

ASN13335 (CLOUDFLARENET, US)
id.hadron.ad.gt
1    2606:4700:10::ac43:17ea (United States)

ASN13335 (CLOUDFLARENET, US)
a.ad.gt
Apex Domain
Subdomains		 Transfer
21 clickiocdn.com
s.clickiocdn.com — Cisco Umbrella Rank: 48262
up.clickiocdn.com — Cisco Umbrella Rank: 49835
clickiocdn.com — Cisco Umbrella Rank: 39026
cdn.clickiocdn.com — Cisco Umbrella Rank: 224020
361 KB
15 privnote.com
privnote.com — Cisco Umbrella Rank: 629264
30 KB
4 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 345
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 651
86 KB
4 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 116
219 KB
3 ad.gt
id.hadron.ad.gt — Cisco Umbrella Rank: 1450
a.ad.gt — Cisco Umbrella Rank: 1552
5 KB
2 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 215
182 KB
2 clickiocmp.com
clickiocmp.com — Cisco Umbrella Rank: 60950
80 KB
1 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 994
29 KB
1 hadronid.net
cdn.hadronid.net — Cisco Umbrella Rank: 1601
12 KB
1 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1011
13 KB
1 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1096
17 KB
54 11
Domain Requested by
15 up.clickiocdn.com privnote.com
s.clickiocdn.com
15 privnote.com 1 redirects privnote.com
4 pagead2.googlesyndication.com privnote.com
pagead2.googlesyndication.com
3 clickiocdn.com s.clickiocdn.com
3 c.amazon-adsystem.com s.clickiocdn.com
c.amazon-adsystem.com
2 id.hadron.ad.gt cdn.hadronid.net
2 securepubads.g.doubleclick.net s.clickiocdn.com
securepubads.g.doubleclick.net
2 s.clickiocdn.com privnote.com
clickiocmp.com
2 clickiocmp.com privnote.com
1 a.ad.gt cdn.hadronid.net
1 cdn.id5-sync.com privnote.com
1 cdn.hadronid.net privnote.com
1 tags.crwdcntrl.net privnote.com
1 secure.cdn.fastclick.net privnote.com
1 config.aps.amazon-adsystem.com c.amazon-adsystem.com
1 cdn.clickiocdn.com clickiocmp.com
54 16

This site contains links to these domains. Also see Links.

Domain
blog.privnote.com
www.ikatu.us
clickio.com
Subject Issuer Validity Valid
privnote.com
DigiCert EV RSA CA G2		 2024-03-08 -
2025-04-08		 a year crt.sh
*.clickiocmp.com
E6		 2024-09-16 -
2024-12-15		 3 months crt.sh
s.clickiocdn.com
E5		 2024-09-24 -
2024-12-23		 3 months crt.sh
*.clickiocdn.com
E5		 2024-07-11 -
2024-10-09		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-09-16 -
2024-12-09		 3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-12-30 -
2024-12-04		 a year crt.sh
adlmerge.com
E6		 2024-08-16 -
2024-11-14		 3 months crt.sh
*.clickio.com
E5		 2024-07-11 -
2024-10-09		 3 months crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2024-01-21 -
2025-02-19		 a year crt.sh
secure.cdn.fastclick.net
DigiCert TLS RSA SHA256 2020 CA1		 2024-08-07 -
2025-08-07		 a year crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M02		 2024-09-07 -
2025-10-07		 a year crt.sh
hadronid.net
WE1		 2024-09-24 -
2024-12-23		 3 months crt.sh
id5-sync.com
WE1		 2024-09-30 -
2024-12-29		 3 months crt.sh
id.hadron.ad.gt
WE1		 2024-09-20 -
2024-12-19		 3 months crt.sh
a.ad.gt
WE1		 2024-08-07 -
2024-11-05		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://privnote.com/hidden
Frame ID: 491648E48664FCB0CBA9FC90A71477E0
Requests: 52 HTTP requests in this frame

Frame: https://privnote.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/ec4b873d446c/main.js
Frame ID: 7A61678C187A603D00FDFCD574522587
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Privnote - Sende Nachrichten, die sich selbst zerstören, nachdem sie gelesen wurden

Page URL History Show full URLs

  1. https://privnote.com/WxATtre5 Page URL
  2. https://privnote.com/hidden Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Page Statistics

54
Requests

98 %
HTTPS

38 %
IPv6

11
Domains

16
Subdomains

14
IPs

4
Countries

1032 kB
Transfer

3471 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://privnote.com/WxATtre5 Page URL
  2. https://privnote.com/hidden Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13
  • https://privnote.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://privnote.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/ec4b873d446c/main.js

54 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
WxATtre5
privnote.com/ 		1 KB
867 B 		Document
General
Check archive.org
Download Go to
Full URL
https://privnote.com/WxATtre5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:186f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
effdb71a0c1bd1c9bedfd71f8819c04cb7fa4140e7e775e70f4ae85a3b6c369d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control
no-cache, no-store
cf-cache-status
DYNAMIC
cf-ray
8cdc0005bdf99201-FRA
content-encoding
br
content-type
text/html
date
Sat, 05 Oct 2024 08:21:46 GMT
pragma
no-cache
server
cloudflare
vary
Accept-Encoding
x-profile-time-elapsed
0.000546932220459
Primary Request hidden
privnote.com/ 		16 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://privnote.com/hidden
Requested by
Host: privnote.com
URL: https://privnote.com/WxATtre5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:186f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e98b453de55ddce45240888d8d7180f2c000d3653c80b0213723fa90fa4db86a

Request headers

Referer
https://privnote.com/WxATtre5
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control
no-cache, no-store
cf-cache-status
DYNAMIC
cf-ray
8cdc0006be7f9201-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Sat, 05 Oct 2024 08:21:46 GMT
pragma
no-cache
server
cloudflare
vary
Accept-Encoding
x-profile-time-elapsed
0.0044960975647
gibberish-aes.js
privnote.com/static-58c8928/js-min/lib/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://privnote.com/static-58c8928/js-min/lib/gibberish-aes.js
Requested by
Host: privnote.com
URL: https://privnote.com/hidden
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:186f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb54040a037d6d730f498160c7f016f6c37a344025b7d198e5f3a3cfd34f942b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://privnote.com/hidden

Response headers

cache-control
max-age=31536000
content-encoding
gzip
cf-cache-status
HIT
etag
"382b-56d006f94bec0-gzip"
age
1519675
cf-ray
8cdc00075f329201-FRA
expires
Wed, 17 Sep 2025 18:16:48 GMT
accept-ranges
bytes
content-length
5109
date
Sat, 05 Oct 2024 08:21:46 GMT
content-type
application/javascript
last-modified
Fri, 25 May 2018 04:45:23 GMT
vary
Accept-Encoding
server
cloudflare
TextEncoderLite.js
privnote.com/static-58c8928/js-min/lib/ 		2 KB
840 B 		Script
General
Check archive.org
Download Go to
Full URL
https://privnote.com/static-58c8928/js-min/lib/TextEncoderLite.js
Requested by
Host: privnote.com
URL: https://privnote.com/hidden
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:186f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3c7994493b22e917a000077d61321c351cbb1c2ae020523227a083c6fb749cc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://privnote.com/hidden

Response headers

cache-control
max-age=31536000
content-encoding
gzip
cf-cache-status
HIT
etag
"7d1-56d006f94bec0-gzip"
age
1519675
cf-ray
8cdc00075f399201-FRA
expires
Wed, 17 Sep 2025 18:13:55 GMT
accept-ranges
bytes
content-length
757
date
Sat, 05 Oct 2024 08:21:46 GMT
content-type
application/javascript
last-modified
Fri, 25 May 2018 04:45:23 GMT
vary
Accept-Encoding
server
cloudflare
b64.js
privnote.com/static-58c8928/js-min/lib/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://privnote.com/static-58c8928/js-min/lib/b64.js
Requested by
Host: privnote.com
URL: https://privnote.com/hidden
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:186f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36dce7ea0fd92d4746d0acbd131b7c9ab1fe2e6c04e7c1f719653073213caef7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://privnote.com/hidden

Response headers

cache-control
max-age=31536000
content-encoding
gzip
cf-cache-status
HIT
etag
"935-56d006f94bec0-gzip"
age
1519675
cf-ray
8cdc00075f3e9201-FRA
expires
Wed, 17 Sep 2025 18:13:55 GMT
accept-ranges
bytes
content-length
956
date
Sat, 05 Oct 2024 08:21:46 GMT
content-type
application/javascript
last-modified
Fri, 25 May 2018 04:45:23 GMT
vary
Accept-Encoding
server
cloudflare
promise.js
privnote.com/static-58c8928/js-min/lib/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://privnote.com/static-58c8928/js-min/lib/promise.js
Requested by
Host: privnote.com
URL: https://privnote.com/hidden
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:186f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6986df3f8ba7ce00fb51b30b9fff84447f0fd6b874c354b95178bfbeb89d3a64

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://privnote.com/hidden

Response headers

cache-control
max-age=31536000
content-encoding
gzip
cf-cache-status
HIT
etag
"ae0-56d006f94bec0-gzip"
age
1519675
cf-ray
8cdc00075f429201-FRA
expires
Wed, 17 Sep 2025 18:13:55 GMT
accept-ranges
bytes
content-length
1150
date
Sat, 05 Oct 2024 08:21:46 GMT
content-type
application/javascript
last-modified
Fri, 25 May 2018 04:45:23 GMT
vary
Accept-Encoding
server
cloudflare
common.js
privnote.com/static-58c8928/js-min/ 		2 KB
950 B 		Script
General
Check archive.org
Download Go to
Full URL
https://privnote.com/static-58c8928/js-min/common.js
Requested by
Host: privnote.com
URL: https://privnote.com/hidden
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:186f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f39bb5d66e42789ff6d3ab8a785652d537557b1d19ffd4215eb791853af9059

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://privnote.com/hidden

Response headers

cache-control
max-age=31536000
content-encoding
gzip
cf-cache-status
HIT
etag
"80c-56d006f94bec0-gzip"
age
1519675
cf-ray
8cdc00075f469201-FRA
expires
Wed, 17 Sep 2025 18:16:48 GMT
accept-ranges
bytes
content-length
867
date
Sat, 05 Oct 2024 08:21:46 GMT
content-type
application/javascript
last-modified
Fri, 25 May 2018 04:45:23 GMT
vary
Accept-Encoding
server
cloudflare
legacy.js
privnote.com/static-58c8928/js-min/ 		19 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://privnote.com/static-58c8928/js-min/legacy.js
Requested by
Host: privnote.com
URL: https://privnote.com/hidden
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:186f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4563e463b2eab04ad204aaa40aa211779fc9ede9e6f77353fe26d3cae31d75fa

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://privnote.com/hidden

Response headers

cache-control
max-age=31536000
content-encoding
gzip
cf-cache-status
HIT
etag
"4d54-601cc721b494c-gzip"
age
1519675
cf-ray
8cdc00075f4a9201-FRA
expires
Wed, 17 Sep 2025 18:13:55 GMT
accept-ranges
bytes
content-length
4352
date
Sat, 05 Oct 2024 08:21:46 GMT
content-type
application/javascript
last-modified
Mon, 31 Jul 2023 18:17:39 GMT
vary
Accept-Encoding
server
cloudflare
legacy.css
privnote.com/static-58c8928/style/ 		12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://privnote.com/static-58c8928/style/legacy.css
Requested by
Host: privnote.com
URL: https://privnote.com/hidden
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:186f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0322b629b928912687cc9bc4b47d57e136bb93690f789b77a0032b0b6bad54e9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://privnote.com/hidden

Response headers

cache-control
max-age=31536000
content-encoding
gzip
cf-cache-status
HIT
etag
"2f7a-56d006f94bec0-gzip"
age
1519675
cf-ray
8cdc00075f2c9201-FRA
expires
Wed, 17 Sep 2025 18:16:48 GMT
accept-ranges
bytes
content-length
2827
date
Sat, 05 Oct 2024 08:21:46 GMT
content-type
text/css
last-modified
Fri, 25 May 2018 04:45:23 GMT
vary
Accept-Encoding
server
cloudflare
consent_230182.js
clickiocmp.com/t/ 		226 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://clickiocmp.com/t/consent_230182.js
Requested by
Host: privnote.com
URL: https://privnote.com/hidden
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
46.8.152.14 London, United Kingdom, ASN213119 (ALZ-SOFTWARE-AS, GB),
Reverse DNS
Software
nginx/1.24.0 /
Resource Hash
6d09bd2bf2ff7721fb6bb4ddd4afdc7a04a25b9733ce8f98e2226fa8cc135b11
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://privnote.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
iseu
eu
cache-control
max-age=60
content-encoding
gzip
etag
W/"66e981bc-3890c"
expires
Sat, 05 Oct 2024 08:22:46 GMT
access-control-allow-origin
*
date
Sat, 05 Oct 2024 08:21:46 GMT
content-type
application/javascript; charset=utf-8
last-modified
Tue, 17 Sep 2024 13:18:52 GMT
server
nginx/1.24.0
360_light.js
s.clickiocdn.com/t/230182/ 		619 KB
234 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.clickiocdn.com/t/230182/360_light.js
Requested by
Host: privnote.com
URL: https://privnote.com/hidden
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
95.211.66.34 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx/1.20.1 /
Resource Hash
8f23d27d5cb0465a0f9a754d452967f48d06953fa6f24ba1850750cad8432b8e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://privnote.com/

Response headers

iseu
eu
cache-control
max-age=1800
content-encoding
gzip
expires
Sat, 05 Oct 2024 08:51:46 GMT
access-control-allow-origin
*
date
Sat, 05 Oct 2024 08:21:46 GMT
content-type
application/javascript; charset=utf-8
server
nginx/1.20.1
privnote-logo.svg
privnote.com/static-58c8928/style/legacy/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://privnote.com/static-58c8928/style/legacy/privnote-logo.svg
Requested by
Host: privnote.com
URL: https://privnote.com/hidden
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:186f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c3d754c1ba91e12e0963459cddb7fa732ae159886bddc5402abab5f6788cd1c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://privnote.com/hidden

Response headers

cache-control
max-age=31536000
content-encoding
gzip
cf-cache-status
HIT
etag
"d38-56d006f94bec0-gzip"
age
1519675
cf-ray
8cdc00075f4d9201-FRA
expires
Wed, 17 Sep 2025 18:16:48 GMT
accept-ranges
bytes
content-length
1613
date
Sat, 05 Oct 2024 08:21:46 GMT
content-type
image/svg+xml
last-modified
Fri, 25 May 2018 04:45:23 GMT
vary
Accept-Encoding
server
cloudflare
email-decode.min.js
privnote.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
851 B 		Script
General
Check archive.org
Download Go to
Full URL
https://privnote.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: privnote.com
URL: https://privnote.com/hidden
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:186f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://privnote.com/hidden

Response headers

cache-control
max-age=172800, public
content-encoding
gzip
etag
W/"66fc0c28-4d7"
x-content-type-options
nosniff
cf-ray
8cdc00075f559201-FRA
expires
Mon, 07 Oct 2024 08:21:46 GMT
date
Sat, 05 Oct 2024 08:21:46 GMT
content-type
application/javascript
last-modified
Tue, 01 Oct 2024 14:50:16 GMT
vary
Accept-Encoding
server
cloudflare
x-frame-options
DENY
truncated
/ 		130 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c6863c2ea0567d703d0e3acad82bd814247a01d1a02d032cc33351221a0e3920

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
main.js
privnote.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/ec4b873d446c/ Frame 7A61
Redirect Chain
  • https://privnote.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://privnote.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/ec4b873d446c/main.js?
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://privnote.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/ec4b873d446c/main.js?
Requested by
Host: privnote.com
URL: https://privnote.com/hidden
Protocol
H2
Server
2606:4700:10::ac43:186f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ca6e61cb4157a23d85509c3c251524c7c35a9eee98004f8b41f0bdce22c25d6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
content-encoding
br
x-content-type-options
nosniff
cf-ray
8cdc0008a81d9201-FRA
date
Sat, 05 Oct 2024 08:21:46 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
cloudflare

Redirect headers

cache-control
max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/ec4b873d446c/main.js?
cf-ray
8cdc00086ff59201-FRA
access-control-allow-origin
*
content-length
0
date
Sat, 05 Oct 2024 08:21:46 GMT
vary
Accept-Encoding
server
cloudflare
8cdc0006be7f9201
privnote.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 7A61 		0
625 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://privnote.com/cdn-cgi/challenge-platform/h/g/jsd/r/8cdc0006be7f9201
Requested by
Host: privnote.com
URL: https://privnote.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:186f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/json
Referer

Response headers

cf-ray
8cdc0009d8c79201-FRA
content-length
0
date
Sat, 05 Oct 2024 08:21:47 GMT
content-type
text/plain; charset=UTF-8
server
cloudflare
/
up.clickiocdn.com/consent/log/ 		42 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://up.clickiocdn.com/consent/log/?r=650716656&site_id=230182&version=1692267057&csid=4889&stv=3&tcf2=1&uid=17281165071652300&state=21
Requested by
Host: privnote.com
URL: https://privnote.com/hidden
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
95.211.66.34 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx/1.20.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://privnote.com/

Response headers

iseu
eu
cache-control
no-cache
x-pixel-host
amn-ams-5-4
access-control-allow-origin
*
content-length
42
date
Sat, 05 Oct 2024 08:21:47 GMT
content-type
image/gif
server
nginx/1.20.1
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		152 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5092778170626405
Requested by
Host: privnote.com
URL: https://privnote.com/WxATtre5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
cafe /
Resource Hash
a041dbde7b03804e942e8bfe0afa4b608cb17728723ac91c03e92d9891eaa511
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://privnote.com
Referer
https://privnote.com/

Response headers

content-encoding
br
etag
3373094453932178392
x-content-type-options
nosniff
expires
Sat, 05 Oct 2024 08:21:47 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sat, 05 Oct 2024 08:21:47 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
52581
x-xss-protection
0
server
cafe
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		105 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/230182/360_light.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tzfraa-aa-in-f2.1e100.net
Software
cafe /
Resource Hash
e32d8f9a2875bf64ed0d3450b980dfd146aa28075b8ccd82d91c420187397915
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://privnote.com/

Response headers

content-encoding
br
etag
289 / 20001 / m202410010101 / config-hash: 16398384345169165167
x-content-type-options
nosniff
expires
Sat, 05 Oct 2024 08:21:47 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Sat, 05 Oct 2024 08:21:47 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
33209
x-xss-protection
0
server
cafe
apstag.js
c.amazon-adsystem.com/aax2/ 		324 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/230182/360_light.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.186.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-186-120.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
64171bed8b1e093ab735ee9c6cdc99440d0fea8e8f8c9f362fae3c093f1332f1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://privnote.com/

Response headers

vary
Accept-Encoding
cache-control
max-age=3600
content-encoding
gzip
etag
W/"f2dd6786b4537f2bb6a3e22886b855f2"
age
3599
via
1.1 142ded88048f806cc40a5a225130cc8a.cloudfront.net (CloudFront), 1.1 c7f7b4cf7fd5efe64bac95586db3f62a.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
tqezTgZg5KOMR4qGUFlx2zi-1fkfTa4IMH3pYxHYC2H4UKPbYPqXTg==
date
Sat, 05 Oct 2024 07:21:49 GMT
content-type
application/javascript
last-modified
Wed, 28 Aug 2024 22:46:40 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA2-C1
x-amz-server-side-encryption
AES256
/
up.clickiocdn.com/hbadx/ 		46 B
217 B 		Script
General
Check archive.org
Download Go to
Full URL
https://up.clickiocdn.com/hbadx/?ex=1&f=__lxG__.tmp.pol_34e2xyxqe886zu4b&rt=650719622&site_id=230182&title=Privnote%20-%20Sende%20Nachrichten%2C%20die%20sich%20selbst%20zerst%C3%B6ren%2C%20nachdem%20sie%20gelesen%20wurden&r=https%3A%2F%2Fprivnote.com%2FWxATtre5&l=https%3A%2F%2Fprivnote.com%2Fhidden%23
Requested by
Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/230182/360_light.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
95.211.66.34 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx/1.20.1 /
Resource Hash
004cd8064e9e734c98f804f06b867f6b520c1694c16596576bd3c28f45f57b2e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://privnote.com/

Response headers

iseu
eu
access-control-allow-origin
*
cache-control
no-cache
content-encoding
gzip
date
Sat, 05 Oct 2024 08:21:47 GMT
content-type
application/x-javascript; charset=utf-8
server
nginx/1.20.1
/
clickiocdn.com/utr/wv/ 		42 B
208 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://clickiocdn.com/utr/wv/?prism=0&url=%2Fhidden&eid=230182&wh=1600x1200&rnd=65071750019&lid=0&tid=0&cnt=1
Requested by
Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/230182/360_light.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
95.211.66.34 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx/1.20.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://privnote.com/

Response headers

iseu
eu
cache-control
no-cache
x-error
limit exceeded
access-control-allow-origin
https://privnote.com
content-length
42
date
Sat, 05 Oct 2024 08:21:47 GMT
content-type
image/gif
x-error-host
mnams02
server
nginx/1.20.1
/
clickiocdn.com/utr/wv/ 		42 B
212 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://clickiocdn.com/utr/wv/?prism=0&url=%2Fhidden&eid=230182&wh=1600x1200&rnd=65071750019&lid=0&tid=0&fcp_green=276.100&fcp_green_cnt=1
Requested by
Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/230182/360_light.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
95.211.66.34 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx/1.20.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://privnote.com/

Response headers

iseu
eu
cache-control
no-cache
x-error
limit exceeded
access-control-allow-origin
https://privnote.com
content-length
42
date
Sat, 05 Oct 2024 08:21:47 GMT
content-type
image/gif
x-error-host
amn-ams-5-7
server
nginx/1.20.1
vendor-list.json
cdn.clickiocdn.com/t/cmp/v3/ 		638 KB
107 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.clickiocdn.com/t/cmp/v3/vendor-list.json
Requested by
Host: clickiocmp.com
URL: https://clickiocmp.com/t/consent_230182.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
46.8.152.14 London, United Kingdom, ASN213119 (ALZ-SOFTWARE-AS, GB),
Reverse DNS
Software
nginx/1.24.0 /
Resource Hash
d37285279dbcb887db2ffcf46e9ed4dc019de0e31600965bdb727ea460988f2d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://privnote.com/

Response headers

iseu
eu
cache-control
max-age=1800
content-encoding
gzip
etag
W/"66ff4d50-9f843"
expires
Sat, 05 Oct 2024 08:51:47 GMT
access-control-allow-origin
*
date
Sat, 05 Oct 2024 08:21:47 GMT
content-type
application/json
last-modified
Fri, 04 Oct 2024 02:05:04 GMT
server
nginx/1.24.0
logo_65ad2c5dbc38232f32205715c3fecbc3.png
clickiocmp.com/t/cmp/logos/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://clickiocmp.com/t/cmp/logos/logo_65ad2c5dbc38232f32205715c3fecbc3.png
Requested by
Host: privnote.com
URL: https://privnote.com/hidden
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
46.8.152.14 London, United Kingdom, ASN213119 (ALZ-SOFTWARE-AS, GB),
Reverse DNS
Software
nginx/1.24.0 /
Resource Hash
d87a273d6cc917fc7878dc700937a611505a0572870be34cbe49b3ff0189e81a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://privnote.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
iseu
eu
cache-control
max-age=1800
etag
"646d9467-263b"
expires
Sat, 05 Oct 2024 08:51:47 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
9787
date
Sat, 05 Oct 2024 08:21:47 GMT
content-type
image/png
last-modified
Wed, 24 May 2023 04:36:55 GMT
server
nginx/1.24.0
/
up.clickiocdn.com/consent/log/ 		42 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://up.clickiocdn.com/consent/log/?r=650728606&site_id=230182&version=1692267057&csid=4889&stv=3&tcf2=1&uid=17281165071652300&state=2&vcnt=181
Requested by
Host: privnote.com
URL: https://privnote.com/hidden
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
95.211.66.34 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx/1.20.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://privnote.com/

Response headers

iseu
eu
cache-control
no-cache
x-pixel-host
amn-ams-5-3
access-control-allow-origin
*
content-length
42
date
Sat, 05 Oct 2024 08:21:47 GMT
content-type
image/gif
server
nginx/1.20.1
/
up.clickiocdn.com/clickiotag_log/ 		83 B
251 B 		Script
General
Check archive.org
Download Go to
Full URL
https://up.clickiocdn.com/clickiotag_log/?step=0&ses_id=mufqzh0lm88boa2650717931&area_id=708061&type=base&f=__lxG__.tmp.rot_xuhlleflyoolnppq&rt=650730551
Requested by
Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/230182/360_light.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
95.211.66.34 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx/1.20.1 /
Resource Hash
9c9baab93ea86f28f5239b8a4e3b91b1a3ce3f0d32d6bb90734cb87b16f2cf33

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://privnote.com/

Response headers

iseu
eu
access-control-allow-origin
*
cache-control
no-cache
content-encoding
gzip
date
Sat, 05 Oct 2024 08:21:47 GMT
content-type
application/x-javascript; charset=utf-8
server
nginx/1.20.1
/
up.clickiocdn.com/clickiotag_log/ 		83 B
251 B 		Script
General
Check archive.org
Download Go to
Full URL
https://up.clickiocdn.com/clickiotag_log/?step=0&ses_id=mufqzh0lm88boa2650717931&area_id=708067&type=base&f=__lxG__.tmp.rot_xuhlleflyoolnppq&rt=650730598
Requested by
Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/230182/360_light.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
95.211.66.34 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx/1.20.1 /
Resource Hash
9a6f1611c54de8f2dcf660cc8725a86b253f2f398721b578181d8e5d7acea39d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://privnote.com/

Response headers

iseu
eu
access-control-allow-origin
*
cache-control
no-cache
content-encoding
gzip
date
Sat, 05 Oct 2024 08:21:47 GMT
content-type
application/x-javascript; charset=utf-8
server
nginx/1.20.1
/
up.clickiocdn.com/clickiotag_log/ 		83 B
251 B 		Script
General
Check archive.org
Download Go to
Full URL
https://up.clickiocdn.com/clickiotag_log/?step=0&ses_id=mufqzh0lm88boa2650717931&area_id=719872&type=base&f=__lxG__.tmp.rot_xuhlleflyoolnppq&rt=650730510
Requested by
Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/230182/360_light.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
95.211.66.34 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx/1.20.1 /
Resource Hash
d4b235fe0c241bc98351e64aebae164dcb7d1c282c071c6f1c7d67bd89a1354d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://privnote.com/

Response headers

iseu
eu
access-control-allow-origin
*
cache-control
no-cache
content-encoding
gzip
date
Sat, 05 Oct 2024 08:21:47 GMT
content-type
application/x-javascript; charset=utf-8
server
nginx/1.20.1
/
up.clickiocdn.com/clickiotag_log/ 		83 B
249 B 		Script
General
Check archive.org
Download Go to
Full URL
https://up.clickiocdn.com/clickiotag_log/?step=0&ses_id=mufqzh0lm88boa2650717931&area_id=720020&type=base&f=__lxG__.tmp.rot_xuhlleflyoolnppq&rt=650730601
Requested by
Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/230182/360_light.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
95.211.66.34 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx/1.20.1 /
Resource Hash
4204cd9b61840fab62e9e87b2dc502a1a21195d53fea4c6a796d2395fed77da9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://privnote.com/

Response headers

iseu
eu
access-control-allow-origin
*
cache-control
no-cache
content-encoding
gzip
date
Sat, 05 Oct 2024 08:21:47 GMT
content-type
application/x-javascript; charset=utf-8
server
nginx/1.20.1
/
up.clickiocdn.com/clickiotag_log/ 		83 B
249 B 		Script
General
Check archive.org
Download Go to
Full URL
https://up.clickiocdn.com/clickiotag_log/?step=1&ses_id=mufqzh0lm88boa2650717931&area_id=708094&type=dfp&f=__lxG__.tmp.rot_xuhlleflyoolnppq&rt=650730635
Requested by
Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/230182/360_light.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
95.211.66.34 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx/1.20.1 /
Resource Hash
28a88af548181593f04c420b008c7fbdf0e5837f4b636e04a812b7714fad1549

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://privnote.com/

Response headers

iseu
eu
access-control-allow-origin
*
cache-control
no-cache
content-encoding
gzip
date
Sat, 05 Oct 2024 08:21:47 GMT
content-type
application/x-javascript; charset=utf-8
server
nginx/1.20.1
/
up.clickiocdn.com/clickiotag_log/ 		83 B
249 B 		Script
General
Check archive.org
Download Go to
Full URL
https://up.clickiocdn.com/clickiotag_log/?step=1&ses_id=mufqzh0lm88boa2650717931&area_id=708098&type=dfp&f=__lxG__.tmp.rot_xuhlleflyoolnppq&rt=650730625
Requested by
Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/230182/360_light.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
95.211.66.34 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx/1.20.1 /
Resource Hash
ce9b311af96e45ca2b5c24a62aa39330402b329f0f02a86148a175a442f28ee2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://privnote.com/

Response headers

iseu
eu
access-control-allow-origin
*
cache-control
no-cache
content-encoding
gzip
date
Sat, 05 Oct 2024 08:21:47 GMT
content-type
application/x-javascript; charset=utf-8
server
nginx/1.20.1
/
up.clickiocdn.com/clickiotag_log/ 		83 B
249 B 		Script
General
Check archive.org
Download Go to
Full URL
https://up.clickiocdn.com/clickiotag_log/?step=1&ses_id=mufqzh0lm88boa2650717931&area_id=719886&type=dfp&f=__lxG__.tmp.rot_xuhlleflyoolnppq&rt=650730670
Requested by
Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/230182/360_light.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
95.211.66.34 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx/1.20.1 /
Resource Hash
ceed33f3f4a341f0c3efee54befc0e88c9d408f7dd2cc737182896a31cd6c290

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://privnote.com/

Response headers

iseu
eu
access-control-allow-origin
*
cache-control
no-cache
content-encoding
gzip
date
Sat, 05 Oct 2024 08:21:47 GMT
content-type
application/x-javascript; charset=utf-8
server
nginx/1.20.1
/
up.clickiocdn.com/clickiotag_log/ 		83 B
249 B 		Script
General
Check archive.org
Download Go to
Full URL
https://up.clickiocdn.com/clickiotag_log/?step=1&ses_id=mufqzh0lm88boa2650717931&area_id=725187&type=dfp&f=__lxG__.tmp.rot_xuhlleflyoolnppq&rt=650730659
Requested by
Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/230182/360_light.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
95.211.66.34 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx/1.20.1 /
Resource Hash
87640dcd3270044c06909ec3d85f4a3d692445fbac9684af2bbb25aba392ae42

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://privnote.com/

Response headers

iseu
eu
access-control-allow-origin
*
cache-control
no-cache
content-encoding
gzip
date
Sat, 05 Oct 2024 08:21:47 GMT
content-type
application/x-javascript; charset=utf-8
server
nginx/1.20.1
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410010101/ 		482 KB
149 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410010101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tzfraa-aa-in-f2.1e100.net
Software
cafe /
Resource Hash
3f799ff70a067cdb0d1110d608f80bae49955473be53048209b3e20321834d3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://privnote.com/

Response headers

content-encoding
br
etag
16592206555246158576
age
57858
x-content-type-options
nosniff
expires
Sat, 04 Oct 2025 16:17:29 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Fri, 04 Oct 2024 16:17:29 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
153017
x-xss-protection
0
server
cafe
slotcar_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410010101/ 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410010101/slotcar_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5092778170626405
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
cafe /
Resource Hash
fd4f48b08ad4635b2b4dd60129d1c1dfce6e536da8d1f30d3c5e769bcd6ebff0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://privnote.com/

Response headers

content-encoding
br
etag
17712640921274326956
x-content-type-options
nosniff
expires
Sat, 05 Oct 2024 08:21:47 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sat, 05 Oct 2024 08:21:47 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
31870
x-xss-protection
0
server
cafe
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410010101/ 		409 KB
136 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5092778170626405&plah=privnote.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5092778170626405
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
cafe /
Resource Hash
798871b1a2a5b0e0cb1b571b0dfc5adc8a9a2fb7a9c3f432d6c4725713017e48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://privnote.com/

Response headers

content-encoding
br
etag
14064456548766177894
x-content-type-options
nosniff
expires
Sat, 05 Oct 2024 08:21:47 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sat, 05 Oct 2024 08:21:47 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
139514
x-xss-protection
0
server
cafe
04013c9e-1356-42d0-86b7-40a716af3f50
config.aps.amazon-adsystem.com/configs/ 		563 B
829 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/04013c9e-1356-42d0-86b7-40a716af3f50
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.31.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-31-65.fra56.r.cloudfront.net
Software
CloudFront /
Resource Hash
295d4cdc21f9c554cd1590228d052ae0cac52b64331064439b110d9590d15c5d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://privnote.com/

Response headers

cache-control
max-age=3600
age
3034
via
1.1 b5baf61905dac15e74c27872e28ce3ae.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
content-length
563
x-amz-cf-id
RftFKrhd0SOawIdPCl7umDdxndkHreo6RL4sT9DuCFlX4B9LqLiaPQ==
date
Sat, 05 Oct 2024 07:31:13 GMT
content-type
application/javascript
x-amz-cf-pop
FRA56-P8
server
CloudFront
config
c.amazon-adsystem.com/cdn/prod/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fprivnote.com&pubid=04013c9e-1356-42d0-86b7-40a716af3f50
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.186.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-186-120.fra2.r.cloudfront.net
Software
Server /
Resource Hash
ce0027ff84e10e870bff58318b77656fe75c2b7fdf68c34f4ae8b5079f088c5a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://privnote.com/

Response headers

cache-control
max-age=21550, s-maxage=21600
age
9479
access-control-allow-credentials
true
via
1.1 c7f7b4cf7fd5efe64bac95586db3f62a.cloudfront.net (CloudFront)
access-control-allow-origin
https://privnote.com
x-cache
Hit from cloudfront
content-length
2198
x-amz-cf-id
2ChfnWzyhTVjuc7-r9Q3XXHLqpNrwWVtA_vwqgQU8Sii7kosUMGFPg==
date
Sat, 05 Oct 2024 05:43:48 GMT
content-type
application/json;charset=UTF-8
x-amz-cf-pop
FRA2-C1
server
Server
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.186.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-186-120.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://privnote.com/

Response headers

access-control-max-age
3000
content-encoding
gzip
x-amz-version-id
r5.lR.LJ66XEXzxUUVo7iMemjL_F_GoE
etag
W/"a4d296427fc806b21335359e398c025c"
age
20570
access-control-allow-methods
GET
x-cache
Hit from cloudfront
x-amz-cf-id
AhuBqeSiHYyjbIqz6jbUxamut193-br8WKaJNqI6nzE-DacAlGKH7w==
date
Sat, 05 Oct 2024 02:38:58 GMT
content-type
application/javascript
vary
Accept-Encoding,Origin
last-modified
Thu, 29 Feb 2024 02:13:08 GMT
cache-control
public, max-age=86400
via
1.1 f7bf326347bdd7f275a38a22b5b83724.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
FRA2-C1
server
AmazonS3
x-amz-server-side-encryption
AES256
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: privnote.com
URL: https://privnote.com/WxATtre5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.211.26 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-211-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://privnote.com/

Response headers

cache-control
max-age=900
content-encoding
gzip
etag
"d734-5f2f3919e751f-gzip"
expires
Sat, 05 Oct 2024 08:36:47 GMT
accept-ranges
bytes
content-length
17407
date
Sat, 05 Oct 2024 08:21:47 GMT
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
content-type
application/javascript
server
Apache
vary
Accept-Encoding
sync.min.js
tags.crwdcntrl.net/lt/c/16576/ 		43 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by
Host: privnote.com
URL: https://privnote.com/WxATtre5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-68.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c5fdea6bcb7b7dc4aabe9e409df609b922dde30401ccf5c25f0f384f7e8c43b5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://privnote.com/

Response headers

vary
Accept-Encoding
cache-control
public, max-age=86400
content-encoding
gzip
etag
W/"6016bf24a16f4d1d8384c5f7f11c49fb"
age
18065
via
1.1 e39402e2cf62b31f7774452c905f38f2.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
TJLAG66pyDBJ2VrnoIpryw2zwttksOU84eAyHv01Bl1Faz6tf9Gk2Q==
date
Sat, 05 Oct 2024 03:20:43 GMT
content-type
text/javascript
last-modified
Tue, 20 Aug 2024 18:47:26 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
x-amz-server-side-encryption
AES256
hadron.js
cdn.hadronid.net/ 		56 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fprivnote.com%2Fhidden%23&ref=https%3A%2F%2Fprivnote.com%2FWxATtre5&_it=amazon&partner_id=750
Requested by
Host: privnote.com
URL: https://privnote.com/WxATtre5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:35ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
492db2ca577f4d221e3e28239c19e7db05f1701b298bf278fc4d1fcb92563586

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://privnote.com/

Response headers

cache-control
max-age=432000
content-encoding
br
cf-bgj
minify
etag
W/"1e77f38a1df1490d4175e3c4878bd150"
age
1835
cf-cache-status
HIT
x-amz-request-id
4GNMNHQXA94JVW78
cf-ray
8cdc000c9ee1dc56-FRA
date
Sat, 05 Oct 2024 08:21:47 GMT
content-type
application/javascript
last-modified
Tue, 04 Jun 2024 15:30:02 GMT
vary
Accept-Encoding
server
cloudflare
x-amz-id-2
FNS8Lc8R9Qji432eQyZbGDDgvyWHvIXmOzDykwh9qe1J2fX8u6aO0aANuFN3vxu6aVi9rB6lRRQ=
id5-api.js
cdn.id5-sync.com/api/1.0/ 		98 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: privnote.com
URL: https://privnote.com/WxATtre5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a7c35a58c1ad79d4fc96dad3bf9ef24b49d9d439ad3fb9b454cdcfe7c445724
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://privnote.com/

Response headers

x-amz-id-2
+pZfpxVKFVNLKF04V9dzGbAqCr46k8hx4gQV4ptAvB01smzfaTLR2QcmkmOP9lAqTbLFW3fcCY03d5GEeN2ATg==
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=3600
content-encoding
br
cf-cache-status
HIT
etag
W/"f24286e1b73c01841e789906d50ce23f"
age
151
x-amz-request-id
P4W1ZATW5ZXP2K48
cf-ray
8cdc000c9d1b9143-FRA
date
Sat, 05 Oct 2024 08:21:47 GMT
content-type
text/javascript;charset=utf-8
last-modified
Wed, 02 Oct 2024 12:26:13 GMT
vary
Accept-Encoding
server
cloudflare
x-amz-server-side-encryption
AES256
google-vendor-list.json
s.clickiocdn.com/t/cmp/v3/ 		54 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.clickiocdn.com/t/cmp/v3/google-vendor-list.json
Requested by
Host: clickiocmp.com
URL: https://clickiocmp.com/t/consent_230182.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
95.211.66.34 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx/1.20.1 /
Resource Hash
24ab74d15e26c3b92fd0803df20eea7fbce01d5a4df591e2a6237be5e2f3c4f8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://privnote.com/

Response headers

iseu
eu
cache-control
max-age=1800
content-encoding
gzip
etag
W/"67009ed0-d706"
expires
Sat, 05 Oct 2024 08:51:47 GMT
access-control-allow-origin
*
date
Sat, 05 Oct 2024 08:21:47 GMT
content-type
application/json
last-modified
Sat, 05 Oct 2024 02:05:04 GMT
server
nginx/1.20.1
hadron.json
id.hadron.ad.gt/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=750&sync=0&domain=privnote.com&url=https://privnote.com/hidden
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://privnote.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin
*
allow
POST, OPTIONS, GET
cache-control
max-age=31536000 public, no-transform
cf-cache-status
DYNAMIC
cf-ray
8cdc000e2fe0dca0-FRA
content-length
0
content-type
application/json
date
Sat, 05 Oct 2024 08:21:47 GMT
debug
OPTIONS block
expires
Sun, 05 Oct 2025 08:21:47 GMT
server
cloudflare
hadron.json
id.hadron.ad.gt/v1/ 		122 B
301 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=750&sync=0&domain=privnote.com&url=https://privnote.com/hidden
Requested by
Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fprivnote.com%2Fhidden%23&ref=https%3A%2F%2Fprivnote.com%2FWxATtre5&_it=amazon&partner_id=750
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18038d3fc82f6c415f7a664e7f7985b17414ddc776a0aeceac88ea148ddc3ad1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://privnote.com/

Response headers

content-encoding
br
cf-cache-status
DYNAMIC
debug
NON-OPTIONS
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
access-control-allow-credentials
true
cf-ray
8cdc000efa41dca0-FRA
access-control-allow-origin
*
date
Sat, 05 Oct 2024 08:21:48 GMT
content-type
application/json
server
cloudflare
access-control-allow-headers
authorization,content-type
/
clickiocdn.com/utr/wv/ 		42 B
211 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://clickiocdn.com/utr/wv/?prism=0&url=%2Fhidden&eid=230182&wh=1600x1200&rnd=65071750019&lid=0&tid=0&ttfb_green=89.700&ttfb_green_cnt=1
Requested by
Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/230182/360_light.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
95.211.66.34 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx/1.20.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://privnote.com/

Response headers

iseu
eu
cache-control
no-cache
x-error
limit exceeded
access-control-allow-origin
https://privnote.com
content-length
42
date
Sat, 05 Oct 2024 08:21:47 GMT
content-type
image/gif
x-error-host
amn-ams-5-7
server
nginx/1.20.1
favicon.ico
privnote.com/static-58c8928/icon/ 		5 KB
976 B 		Other
General
Check archive.org
Download Go to
Full URL
https://privnote.com/static-58c8928/icon/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:186f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b41efba844b0c019854e1f022e3fddb777d4a62365e00f113d721e0b3e6656d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://privnote.com/hidden

Response headers

cache-control
max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
W/"1536-56d006f94bec0"
age
1519055
cf-ray
8cdc000d8aa69201-FRA
expires
Wed, 17 Sep 2025 18:14:09 GMT
date
Sat, 05 Oct 2024 08:21:47 GMT
content-type
image/vnd.microsoft.icon
last-modified
Fri, 25 May 2018 04:45:23 GMT
vary
Accept-Encoding
server
cloudflare
ping
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5092778170626405
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://privnote.com/

Response headers
750
a.ad.gt/api/v1/u/matches/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.ad.gt/api/v1/u/matches/750?_it=amazon
Requested by
Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fprivnote.com%2Fhidden%23&ref=https%3A%2F%2Fprivnote.com%2FWxATtre5&_it=amazon&partner_id=750
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5dd931d3d98337da88e468f219ffc8269bb4fcabe86064224adc46af4874851

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://privnote.com/

Response headers

cache-control
max-age=14400
content-encoding
gzip
cf-cache-status
HIT
age
245
cross-origin-resource-policy
cross-origin
cf-ray
8cdc00108b85913a-FRA
date
Sat, 05 Oct 2024 08:21:48 GMT
content-type
application/javascript
last-modified
Sat, 05 Oct 2024 08:17:19 GMT
vary
Accept-Encoding
server
cloudflare
/
up.clickiocdn.com/utr/logst_st/c2lkPX4yMzAxODImYWN0PTM2MGx+Y21uMzYwfnB2fnNfY2RuXzEmdXJsPX5wcml2bm90ZS5jb20mdmNudD00Jl9mPV9fbHhHX18udG1wLmxvZ3N0X2R2YnFseTJ5OXNlZjA2a3o/ 		38 B
206 B 		Script
General
Check archive.org
Download Go to
Full URL
https://up.clickiocdn.com/utr/logst_st/c2lkPX4yMzAxODImYWN0PTM2MGx+Y21uMzYwfnB2fnNfY2RuXzEmdXJsPX5wcml2bm90ZS5jb20mdmNudD00Jl9mPV9fbHhHX18udG1wLmxvZ3N0X2R2YnFseTJ5OXNlZjA2a3o/
Requested by
Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/230182/360_light.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
95.211.66.34 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx/1.20.1 /
Resource Hash
a0cbbf230dddfaa6bca4701d0489a6b2a0663754df9ff289282c3f6d85529a19

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://privnote.com/

Response headers

iseu
eu
access-control-allow-origin
*
cache-control
no-cache
content-encoding
gzip
date
Sat, 05 Oct 2024 08:21:48 GMT
content-type
application/javascript; charset=utf-8
server
nginx/1.20.1
/
up.clickiocdn.com/utr/logst_sa/c2FpZD03MjAxMzV+NzIwMTM0fjcyODE1NH43MDc5MjZ+NzE5OTEzfjcwODA2M343MDgwODR+NzE5ODc0fjcxOTg4MX43MjY0OTd+NzE5ODc4fjcxOTg4NX43MTk4ODR+NzIwMDIyfjcyMDAyMX43MjUxODF+NzI4MTUzfj... 		38 B
206 B 		Script
General
Check archive.org
Download Go to
Full URL
https://up.clickiocdn.com/utr/logst_sa/c2FpZD03MjAxMzV+NzIwMTM0fjcyODE1NH43MDc5MjZ+NzE5OTEzfjcwODA2M343MDgwODR+NzE5ODc0fjcxOTg4MX43MjY0OTd+NzE5ODc4fjcxOTg4NX43MTk4ODR+NzIwMDIyfjcyMDAyMX43MjUxODF+NzI4MTUzfjcxOTg3Mn43MDgwNjF+NzA4MDY3fjcwODA5Mn43MDgwODh+NzA4MDk0fjcwODA5OH43MDgwNjEmc3NpZD1+MSZhY3Q9ZGJnX25vdF9uYmx+LX4tfmRldl90YXJnX3JlbX4tfi1+LX4tfi1+LX4tfi1+LX4tfi1+LX4tfmZuZF9vbl9wZ34tfi1+cnRyX3Zhcl9jaHNufi1+LX4tfnRnbF9zXzAmcGx0Zj1+MCZ1cmw9fnByaXZub3RlLmNvbSZ2Y250PTI1Jl9mPV9fbHhHX18udG1wLmxvZ3N0X2QyZmhiNjRzdjRlY2lwb20/
Requested by
Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/230182/360_light.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
95.211.66.34 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx/1.20.1 /
Resource Hash
c52540d8f13cfd44a2019d8634c89864536fba842ce4681b8a3f4659bf10f4f1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://privnote.com/

Response headers

iseu
eu
access-control-allow-origin
*
cache-control
no-cache
content-encoding
gzip
date
Sat, 05 Oct 2024 08:21:48 GMT
content-type
application/javascript; charset=utf-8
server
nginx/1.20.1
/
up.clickiocdn.com/utr/logst_sa/c2FpZD03MDgwOTh+NzE5ODg2fjcyODE5MX43MjUxODd+NzA4MDk0fjcwODA5OH43MTk4ODZ+NzI1MTg3fjcwODA5NH4tfjcwODA5OH43MjUxODd+NzE5ODg2fjcwODA2N343MTk4NzJ+NzIwMDIwfjcwODA5NH43MDgwOT... 		38 B
206 B 		Script
General
Check archive.org
Download Go to
Full URL
https://up.clickiocdn.com/utr/logst_sa/c2FpZD03MDgwOTh+NzE5ODg2fjcyODE5MX43MjUxODd+NzA4MDk0fjcwODA5OH43MTk4ODZ+NzI1MTg3fjcwODA5NH4tfjcwODA5OH43MjUxODd+NzE5ODg2fjcwODA2N343MTk4NzJ+NzIwMDIwfjcwODA5NH43MDgwOTh+NzE5ODg2fjcyNTE4NyZzc2lkPTF+LX4tfi1+LX4tfi1+LX4tfjJ+MX4tfi1+LX4tfi1+LX4tfi1+LSZhY3Q9aHNfY2Jfc2h3fnJ0cl92YXJfY2hzbn4tfi1+cnRyX3Zhcl9pbnN0YWxsfi1+LX4tfnNsb3RfaW5fcGd+LX4tfi1+LX50Z2xfc18wfi1+LX50Z2xfc18xX2RmcH4tfi1+LSZwbHRmPX4wJnVybD1+cHJpdm5vdGUuY29tJnZjbnQ9MjAmX2Y9X19seEdfXy50bXAubG9nc3RfamxxZ2o0d3J0YzZycmR2dg/
Requested by
Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/230182/360_light.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
95.211.66.34 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx/1.20.1 /
Resource Hash
41aa081e2b60648ce14a3db2888b609c82388327acf1556a7960908a9162582e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://privnote.com/

Response headers

iseu
eu
access-control-allow-origin
*
cache-control
no-cache
content-encoding
gzip
date
Sat, 05 Oct 2024 08:21:48 GMT
content-type
application/javascript; charset=utf-8
server
nginx/1.20.1
/
up.clickiocdn.com/utr/scmps2/ 		42 B
158 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://up.clickiocdn.com/utr/scmps2/?rt=651020071&cmp=63&api=2&tcfv=5&tcfvlv=-1&sid=230182&req=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
95.211.66.34 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx/1.20.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://privnote.com/

Response headers

iseu
eu
access-control-allow-origin
*
cache-control
no-cache
content-length
42
date
Sat, 05 Oct 2024 08:21:50 GMT
content-type
image/gif
server
nginx/1.20.1

Verdicts & Comments Add Verdict or Comment

187 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| GibberishAES function| TextEncoderLite function| TextDecoderLite string| lookup object| base64js object| promise object| common object| notes function| $ object| i18n_tpl object| adsbygoogle object| consentCallbackQueue object| __lxGc__ object| __lxG__ object| __lxG__consent__ object| googletag object| dataLayer function| gtag object| __lxGr__ object| __lxGp__ object| __lxG230182__ object| webVitals boolean| webVitalsLibConnected object| __ClickioDataInsights__ object| pbjs object| lxpbjsdfp object| apstag object| ggeac object| google_tag_data object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| google_persistent_state_async object| google_reactive_ads_global_state object| google_llp object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| _aps boolean| apstagLOADED object| apscustom object| lotame_sync_16576 function| ha function| __tcfapi function| AFMA_AddEventListener function| AFMA_RemoveEventListener function| AFMA_AddObserver function| AFMA_RemoveObserver function| AFMA_ReceiveMessage function| AFMA_SendMessage object| AFMA_Communicator function| google_sa_impl object| googPageScrollPreventerInfo function| lotameIsCompatible function| sync16576_aa function| sync16576_c function| sync16576_f object| sync16576_h function| sync16576_ca function| sync16576_j function| sync16576_da object| sync16576_ object| sync16576_ia object| sync16576_ja object| sync16576_s object| sync16576_B object| sync16576_wa function| sync16576_a function| sync16576_b function| sync16576_g function| sync16576_i function| sync16576_k function| sync16576_l function| sync16576_m function| sync16576_n function| sync16576_o function| sync16576_p function| sync16576_q function| sync16576_r function| sync16576_fa function| sync16576_ea function| sync16576_ga function| sync16576_ha function| sync16576_t function| sync16576_v function| sync16576_w function| sync16576_x function| sync16576_ka function| sync16576_la function| sync16576_y function| sync16576_ma function| sync16576_z function| sync16576_A function| sync16576_u function| sync16576_C function| sync16576_na function| sync16576_oa function| sync16576_pa function| sync16576_D function| sync16576_E function| sync16576_F function| sync16576_qa function| sync16576_G function| sync16576_H function| sync16576_I function| sync16576_K function| sync16576_M function| sync16576_L function| sync16576_N function| sync16576_O function| sync16576_J function| sync16576_ra function| sync16576_sa function| sync16576_ta function| sync16576_ua function| sync16576_va function| sync16576_P function| sync16576_Q function| sync16576_xa function| sync16576_R function| sync16576_ya function| sync16576_za function| sync16576_Aa function| sync16576_S function| sync16576_Ba function| sync16576_Ca function| sync16576_Da function| sync16576_Ea function| sync16576_T function| sync16576_Fa function| sync16576_U function| sync16576_V function| sync16576_W function| sync16576_X function| sync16576_Ga function| sync16576_Y function| sync16576_Z function| sync16576__ function| sync16576_0 function| sync16576_1 function| sync16576_2 function| sync16576_Ha function| sync16576_3 function| sync16576_Ja function| sync16576_Ia function| sync16576_4 function| sync16576_La function| sync16576_Ma function| sync16576_Ka function| sync16576_Na function| sync16576_Qa function| sync16576_Pa function| sync16576_Oa function| sync16576_Sa function| sync16576_Ua function| sync16576_Ra function| sync16576_6 function| sync16576_Ta function| sync16576_Xa function| sync16576_Wa function| sync16576_Va function| sync16576_7 function| sync16576_5 function| sync16576_8 function| sync16576_Ya function| sync16576_Za function| sync16576__a function| sync16576_0a function| sync16576_9 function| sync16576_1a function| sync16576_$ function| sync16576_2a function| sync16576_3a function| sync16576_4a object| hadron boolean| __halo_loaded__ object| __id5_finalization_registry object| ID5 object| PublisherCommonId object| au

3 Cookies

Domain/Path Name / Value
.privnote.com/ Name: __cf_bm
Value: _tOCj2Xph3cX7Hr1UuYvqtd51rRaQYKxMIWhjyKfUCU-1728116506-1.0.1.1-3Yke16Ic4bnzPdSJI.Hi2RUDjSUn3Fb6fmV0WwMDaU_l885x7I2hNk5NuQNqRvRJzwwQrqg7P7xapwDEvKWk3A
.privnote.com/ Name: cf_clearance
Value: VwEto10bMyCR4fXv0sY8TYNCMkObqHk0kSmAY0Gd53k-1728116507-1.2.1.1-U74MGpA9XYfkvkOR_.74KTswbQdLRo8LIwYlNV3SeLsjUSCgqhVqyaSn6ZCS9i6qQ3OStgeWCnEBALhkxbtyzVCBGEeRCcAQNRf7pOcivL30ipdwQeaaKEo9ki4hn0Kfm53pZNgyfTOaOCZM7FB5BmUPAGd.hZzPxfLHlyHBaYh4cuKhX0WGwCaL5t4GPvGG4n1.FUULH6zZlyZDQfBxDpMmX8s7gEnB0Ud70Gz9tD4MWdRRyw_lV.P4Awf6_q9_XjAAq63pKcez.uEze8ghhCNv2sjM7RuKPj159d4Qna_QTMyfas5DlVCRxHzqQvOyiK35vtqJ9lkqg.GljwQ82czTL3qkRYSTVIcqPn4GdJ55MGQBNGXxF0OdylSWLlRj
.ad.gt/ Name: au_3p_check
Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.ad.gt
c.amazon-adsystem.com
cdn.clickiocdn.com
cdn.hadronid.net
cdn.id5-sync.com
clickiocdn.com
clickiocmp.com
config.aps.amazon-adsystem.com
id.hadron.ad.gt
pagead2.googlesyndication.com
privnote.com
s.clickiocdn.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
tags.crwdcntrl.net
up.clickiocdn.com
13.224.186.120
172.217.23.98
18.245.31.65
184.30.211.26
216.58.206.66
2606:4700:10::6816:35ad
2606:4700:10::6816:545
2606:4700:10::ac43:17ea
2606:4700:10::ac43:186f
2606:4700:10::ac43:266a
46.8.152.14
65.9.66.68
95.211.66.34
004cd8064e9e734c98f804f06b867f6b520c1694c16596576bd3c28f45f57b2e
0322b629b928912687cc9bc4b47d57e136bb93690f789b77a0032b0b6bad54e9
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
18038d3fc82f6c415f7a664e7f7985b17414ddc776a0aeceac88ea148ddc3ad1
24ab74d15e26c3b92fd0803df20eea7fbce01d5a4df591e2a6237be5e2f3c4f8
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
28a88af548181593f04c420b008c7fbdf0e5837f4b636e04a812b7714fad1549
295d4cdc21f9c554cd1590228d052ae0cac52b64331064439b110d9590d15c5d
2a7c35a58c1ad79d4fc96dad3bf9ef24b49d9d439ad3fb9b454cdcfe7c445724
2c3d754c1ba91e12e0963459cddb7fa732ae159886bddc5402abab5f6788cd1c
36dce7ea0fd92d4746d0acbd131b7c9ab1fe2e6c04e7c1f719653073213caef7
3f799ff70a067cdb0d1110d608f80bae49955473be53048209b3e20321834d3b
41aa081e2b60648ce14a3db2888b609c82388327acf1556a7960908a9162582e
4204cd9b61840fab62e9e87b2dc502a1a21195d53fea4c6a796d2395fed77da9
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
4563e463b2eab04ad204aaa40aa211779fc9ede9e6f77353fe26d3cae31d75fa
492db2ca577f4d221e3e28239c19e7db05f1701b298bf278fc4d1fcb92563586
64171bed8b1e093ab735ee9c6cdc99440d0fea8e8f8c9f362fae3c093f1332f1
6986df3f8ba7ce00fb51b30b9fff84447f0fd6b874c354b95178bfbeb89d3a64
6ca6e61cb4157a23d85509c3c251524c7c35a9eee98004f8b41f0bdce22c25d6
6d09bd2bf2ff7721fb6bb4ddd4afdc7a04a25b9733ce8f98e2226fa8cc135b11
6f39bb5d66e42789ff6d3ab8a785652d537557b1d19ffd4215eb791853af9059
798871b1a2a5b0e0cb1b571b0dfc5adc8a9a2fb7a9c3f432d6c4725713017e48
87640dcd3270044c06909ec3d85f4a3d692445fbac9684af2bbb25aba392ae42
8f23d27d5cb0465a0f9a754d452967f48d06953fa6f24ba1850750cad8432b8e
9a6f1611c54de8f2dcf660cc8725a86b253f2f398721b578181d8e5d7acea39d
9b41efba844b0c019854e1f022e3fddb777d4a62365e00f113d721e0b3e6656d
9c9baab93ea86f28f5239b8a4e3b91b1a3ce3f0d32d6bb90734cb87b16f2cf33
a041dbde7b03804e942e8bfe0afa4b608cb17728723ac91c03e92d9891eaa511
a0cbbf230dddfaa6bca4701d0489a6b2a0663754df9ff289282c3f6d85529a19
bb54040a037d6d730f498160c7f016f6c37a344025b7d198e5f3a3cfd34f942b
c52540d8f13cfd44a2019d8634c89864536fba842ce4681b8a3f4659bf10f4f1
c5fdea6bcb7b7dc4aabe9e409df609b922dde30401ccf5c25f0f384f7e8c43b5
c6863c2ea0567d703d0e3acad82bd814247a01d1a02d032cc33351221a0e3920
ce0027ff84e10e870bff58318b77656fe75c2b7fdf68c34f4ae8b5079f088c5a
ce9b311af96e45ca2b5c24a62aa39330402b329f0f02a86148a175a442f28ee2
ceed33f3f4a341f0c3efee54befc0e88c9d408f7dd2cc737182896a31cd6c290
d37285279dbcb887db2ffcf46e9ed4dc019de0e31600965bdb727ea460988f2d
d4b235fe0c241bc98351e64aebae164dcb7d1c282c071c6f1c7d67bd89a1354d
d5dd931d3d98337da88e468f219ffc8269bb4fcabe86064224adc46af4874851
d87a273d6cc917fc7878dc700937a611505a0572870be34cbe49b3ff0189e81a
e32d8f9a2875bf64ed0d3450b980dfd146aa28075b8ccd82d91c420187397915
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c7994493b22e917a000077d61321c351cbb1c2ae020523227a083c6fb749cc
e98b453de55ddce45240888d8d7180f2c000d3653c80b0213723fa90fa4db86a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
effdb71a0c1bd1c9bedfd71f8819c04cb7fa4140e7e775e70f4ae85a3b6c369d
fd4f48b08ad4635b2b4dd60129d1c1dfce6e536da8d1f30d3c5e769bcd6ebff0