urlscan.io logo urlscan.io
SecurityTrails logo

note1s.com Open in urlscan Pro
151.139.128.10  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://note1s.com/notes/23WTJ5
Effective URL: https://note1s.com/notes/23WTJ5
Submission: On September 15 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 3 countries across 12 domains to perform 41 HTTP transactions. The main IP is 151.139.128.10, located in United States and belongs to STACKPATH-CDN, US. The main domain is note1s.com.
TLS certificate: Issued by R3 on September 3rd 2022. Valid for: 3 months.
This is the only time note1s.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

11    151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net
note1s.com
1    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
3    2a00:1450:4001:803::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
4    2600:9000:206e:800:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)
quantcast.mgr.consensu.org
3    151.139.128.11 (United States)

ASN20446 (STACKPATH-CDN, US)
ssp.web1s.com
3    2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
4    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    2606:4700:20::681a:51a (United States)

ASN13335 (CLOUDFLARENET, US)
fstatic.netpub.media
1    199.232.16.193 (Vienna, Austria)

ASN54113 (FASTLY, US)
i.imgur.com
1    2600:9000:2304:4e00:3:a4cd:8380:93a1 (United States)

ASN- ()
test.quantcast.mgr.consensu.org
1    18.184.40.219 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-40-219.eu-central-1.compute.amazonaws.com
audit-tcfv2.quantcast.mgr.consensu.org
3    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
Apex Domain
Subdomains		 Transfer
11 note1s.com
note1s.com
174 KB
6 consensu.org
quantcast.mgr.consensu.org — Cisco Umbrella Rank: 2806
test.quantcast.mgr.consensu.org — Cisco Umbrella Rank: 9953
audit-tcfv2.quantcast.mgr.consensu.org — Cisco Umbrella Rank: 21407
281 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 94
40 KB
4 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 73
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 226
164 KB
3 netpub.media
fstatic.netpub.media — Cisco Umbrella Rank: 210573
100 KB
3 gstatic.com
fonts.gstatic.com
31 KB
3 web1s.com
ssp.web1s.com — Cisco Umbrella Rank: 454118
3 KB
3 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 129
236 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 141
125 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 355
88 KB
1 imgur.com
i.imgur.com — Cisco Umbrella Rank: 4706
135 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 120
1021 B
41 12
Domain Requested by
11 note1s.com 1 redirects note1s.com
4 www.google-analytics.com www.googletagmanager.com
note1s.com
4 quantcast.mgr.consensu.org note1s.com
quantcast.mgr.consensu.org
3 securepubads.g.doubleclick.net fstatic.netpub.media
securepubads.g.doubleclick.net
note1s.com
3 fstatic.netpub.media 2 redirects note1s.com
3 fonts.gstatic.com fonts.googleapis.com
3 ssp.web1s.com note1s.com
3 pagead2.googlesyndication.com note1s.com
pagead2.googlesyndication.com
3 www.googletagmanager.com note1s.com
www.googletagmanager.com
fstatic.netpub.media
2 cdnjs.cloudflare.com note1s.com
cdnjs.cloudflare.com
1 audit-tcfv2.quantcast.mgr.consensu.org note1s.com
1 test.quantcast.mgr.consensu.org note1s.com
1 i.imgur.com note1s.com
1 googleads.g.doubleclick.net pagead2.googlesyndication.com
1 fonts.googleapis.com note1s.com
41 15

This site contains links to these domains. Also see Links.

Domain
zalo.me
dooloust.net
link1s.com
1shorten.com
kiemlua.com
Subject Issuer Validity Valid
note1s.com
R3		 2022-09-03 -
2022-12-02		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-08-03 -
2023-08-02		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
*.cmp.quantcast.com
R3		 2022-08-22 -
2022-11-20		 3 months crt.sh
ssp.web1s.com
R3		 2022-08-19 -
2022-11-17		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
*.imgur.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-03-16		 a year crt.sh

This page contains 4 frames:

Primary Page: https://note1s.com/notes/23WTJ5
Frame ID: AA50013C0EE49F75DC0FC239F9CD2C09
Requests: 36 HTTP requests in this frame

Frame: https://note1s.com/sbbi/?sbbpg=sbbShell&gprid=zB
Frame ID: 3CA067B4EB6FA2746FA7F8AE6E7003A0
Requests: 3 HTTP requests in this frame

Frame: https://note1s.com/sbbi/?sbbpg=sbbShell&gprid=fP
Frame ID: FC4CD7EA31171EE6F10A94EF6D689EED
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220912/r20190131/zrt_lookup.html
Frame ID: EF87E51B67DC7637018E21B69A49F17A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Note1s Online Notepad - Free at note1s.com

Page URL History Show full URLs

  1. http://note1s.com/notes/23WTJ5 HTTP 301
    https://note1s.com/notes/23WTJ5 Page URL
  2. https://note1s.com/notes/23WTJ5 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • quantcast\.mgr\.consensu\.org

Page Statistics

41
Requests

98 %
HTTPS

73 %
IPv6

12
Domains

15
Subdomains

15
IPs

3
Countries

1376 kB
Transfer

4057 kB
Size

14
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://note1s.com/notes/23WTJ5 HTTP 301
    https://note1s.com/notes/23WTJ5 Page URL
  2. https://note1s.com/notes/23WTJ5 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://note1s.com/notes/23WTJ5 HTTP 301
  • https://note1s.com/notes/23WTJ5
Request Chain 26
  • https://fstatic.netpub.media/static/269534aa95722c2bbc20163e28baf266.min.js?1663223282784 HTTP 301
  • https://fstatic.netpub.media/r/269534aa95722c2bbc20163e28baf266/service.js HTTP 302
  • https://fstatic.netpub.media/r/269534aa95722c2bbc20163e28baf266/47700594.js?npr=0864f49efbc4536bedbb0d252ae853d8

41 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
23WTJ5
note1s.com/notes/
Redirect Chain
  • http://note1s.com/notes/23WTJ5
  • https://note1s.com/notes/23WTJ5
12 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://note1s.com/notes/23WTJ5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
fbs /
Resource Hash
0b1d853b95981b889d69c46d648042c4817d7d92dff28c6728cf767eb26a34cc

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-store, no-cache, max-age=0, must-revalidate, private, max-stale=0, post-check=0, pre-check=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 15 Sep 2022 06:28:01 GMT
server
fbs
x-accel-expires
0
x-hw
1663223281.cds262.fr8.hn,1663223281.cds217.fr8.sc,1663223281.cdn2-wafbe04-fra1.stackpath.systems.-.w,1663223281.cds217.fr8.p

Redirect headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Cache-Control
max-age=0
Connection
keep-alive
Content-Length
0
Date
Thu, 15 Sep 2022 06:28:01 GMT
Location
https://note1s.com/notes/23WTJ5
X-HW
1663223281.cds143.fr8.h2,1663223281.cds217.fr8.c
/
note1s.com/sbbi/ Frame 3CA0 		25 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://note1s.com/sbbi/?sbbpg=sbbShell&gprid=zB&sbbgs=h495af0ba43c94ee53d7ecf57fed5ca26754&ddl=0
Requested by
Host: note1s.com
URL: https://note1s.com/notes/23WTJ5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
fbs /
Resource Hash
6810410cbba05e41d4058a7bf87897f0b4d3c788bed41ca4badc2e659cf39b16

Request headers

Referer
https://note1s.com/notes/23WTJ5
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-store, no-cache, max-age=0, must-revalidate, private, max-stale=0, post-check=0, pre-check=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 15 Sep 2022 06:28:01 GMT
server
fbs
x-accel-expires
0
x-hw
1663223281.cds262.fr8.hn,1663223281.cds057.fr8.sc,1663223281.waf1-node03-fra02.stackpath.systems.-.i,1663223281.cds057.fr8.p
/
note1s.com/sbbi/ 		43 B
167 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://note1s.com/sbbi/?sbbpg=utMedia&vii=0h1499e53adf80fb9a44138c69140e0eb523ad277eacffe5578f5efd656c9a12r6h7v5z4
Requested by
Host: note1s.com
URL: https://note1s.com/notes/23WTJ5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
fbs /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://note1s.com/notes/23WTJ5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-origin
*
x-accel-expires
0
date
Thu, 15 Sep 2022 06:28:01 GMT
cache-control
no-store, no-cache, max-age=0, must-revalidate, private, max-stale=0, post-check=0, pre-check=0
server
fbs
x-hw
1663223281.cds262.fr8.hn,1663223281.cds057.fr8.sc,1663223281.waf1-node01-fra02.stackpath.systems.-.i,1663223281.cds057.fr8.p
content-type
image/gif
/
note1s.com/sbbi/ Frame 3CA0 		516 B
449 B 		Document
General
Check archive.org
Download Go to
Full URL
https://note1s.com/sbbi/?sbbpg=sbbShell&gprid=zB&sbbgs=h495af0ba43c94ee53d7ecf57fed5ca26754&ddl=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
fbs /
Resource Hash
d155160aea288964eebe06a362795ab879ed657ca75f7ca60d5a1c8e9fe05d7b

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://note1s.com
Referer
https://note1s.com/sbbi/?sbbpg=sbbShell&gprid=zB&sbbgs=h495af0ba43c94ee53d7ecf57fed5ca26754&ddl=0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-store, no-cache, max-age=0, must-revalidate, private, max-stale=0, post-check=0, pre-check=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 15 Sep 2022 06:28:01 GMT
server
fbs
x-accel-expires
0
x-hw
1663223281.cds262.fr8.hn,1663223281.cds222.fr8.sc,1663223281.cdn2-redis01-fra1.stackpath.systems.-.i,1663223281.cds222.fr8.p
/
note1s.com/sbbi/ Frame 3CA0 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://note1s.com/sbbi/?sbbpg=sbbShell&gprid=zB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
fbs /
Resource Hash

Request headers

Referer
https://note1s.com/sbbi/?sbbpg=sbbShell&gprid=zB&sbbgs=h495af0ba43c94ee53d7ecf57fed5ca26754&ddl=0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-store, no-cache, max-age=0, must-revalidate, private, max-stale=0, post-check=0, pre-check=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 15 Sep 2022 06:28:01 GMT
server
fbs
x-accel-expires
0
x-hw
1663223281.cds262.fr8.hn,1663223281.cds057.fr8.sc,1663223281.waf1-node01-fra02.stackpath.systems.-.i,1663223281.cds057.fr8.p
Primary Request 23WTJ5
note1s.com/notes/ 		28 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://note1s.com/notes/23WTJ5
Requested by
Host: note1s.com
URL: https://note1s.com/notes/23WTJ5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
fbs /
Resource Hash
289ba6b0133f582b231fb167f803fcc65ffa8a87216abea8e144db7b9c15e94e
Security Headers
Name Value
Content-Security-Policy default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval';
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://note1s.com/notes/23WTJ5
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache, private
content-encoding
gzip
content-security-policy
default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval';
content-type
text/html; charset=UTF-8
date
Thu, 15 Sep 2022 06:28:02 GMT
server
fbs
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-hw
1663223281.cds262.fr8.hn,1663223281.cds217.fr8.sc,1663223282.cdn2-wafbe04-fra1.stackpath.systems.-.wx,1663223282.cds217.fr8.p
x-xss-protection
1; mode=block
css
fonts.googleapis.com/ 		2 KB
1021 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Nunito
Requested by
Host: note1s.com
URL: https://note1s.com/notes/23WTJ5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
003ab203aa11cb3ff3da2225f34413d8b77842d2b4597f4b9349d67dab7a0a0d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://note1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 15 Sep 2022 05:02:02 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 15 Sep 2022 06:28:02 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 15 Sep 2022 06:28:02 GMT
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/ 		58 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css
Requested by
Host: note1s.com
URL: https://note1s.com/notes/23WTJ5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://note1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 06:28:02 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
24698
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10462
timing-allow-origin
*
last-modified
Mon, 13 Sep 2021 19:10:03 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"613fa20b-28de"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SwNZGC981iCdesCKu7zMTO5irfc6u%2BezCqFMCR3Ff%2BV7Et4SGHEelIbhrBrJiTNBPoYi2fPeVTDq0z1Ly2gLPzgJBWgKWYkqH2XvKogC9AGFukPohXVnbKzoIeTcO6XD83m%2FBqcKNEczQEkUj7GN4jFn"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
74af4ccb7c359b76-FRA
expires
Tue, 05 Sep 2023 06:28:02 GMT
app.css
note1s.com/css/ 		143 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://note1s.com/css/app.css?id=ebe28cb9d875b19bed6b
Requested by
Host: note1s.com
URL: https://note1s.com/notes/23WTJ5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
fbs /
Resource Hash
bb4e5956f130d6375ce85ca1225536f8852c4ca5b16ee74cb882ee40a4cbedd2
Security Headers
Name Value
Content-Security-Policy default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval';
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://note1s.com/notes/23WTJ5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 06:28:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sat, 26 Feb 2022 15:53:00 GMT
server
fbs
etag
W/"621a4cdc-23c92"
x-frame-options
SAMEORIGIN
x-hw
1663223282.cds262.fr8.hn,1663223282.cds057.fr8.c
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
content-security-policy
default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval';
accept-ranges
bytes
content-length
27999
x-xss-protection
1; mode=block
js
www.googletagmanager.com/gtag/ 		106 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-129758818-11
Requested by
Host: note1s.com
URL: https://note1s.com/notes/23WTJ5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5363f6cdbf24ae95e5f31a3d93350f892d1909ed91f76cd7302d3185056770fc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://note1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 06:28:02 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42365
x-xss-protection
0
last-modified
Thu, 15 Sep 2022 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 15 Sep 2022 06:28:02 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		167 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9792971117783742
Requested by
Host: note1s.com
URL: https://note1s.com/notes/23WTJ5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8bec323a914195ff8ea2ea3fd79418a8b094b1245016f4e08e7a1fe292d2e6fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://note1s.com/
Origin
https://note1s.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 06:28:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57951
x-xss-protection
0
server
cafe
etag
11825438319558467106
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 15 Sep 2022 06:28:02 GMT
logo.png
note1s.com/images/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://note1s.com/images/logo.png
Requested by
Host: note1s.com
URL: https://note1s.com/notes/23WTJ5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
fbs /
Resource Hash
9f726a0127ce218459cccfbec762795e5897b91c4c3ed3aa653b982c2f35fbfc
Security Headers
Name Value
Content-Security-Policy default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval';
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://note1s.com/notes/23WTJ5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 06:28:02 GMT
x-content-type-options
nosniff
last-modified
Sat, 26 Feb 2022 15:53:00 GMT
server
fbs
etag
"621a4cdc-4d27"
x-frame-options
SAMEORIGIN
x-hw
1663223282.cds262.fr8.hn,1663223282.cds160.fr8.c
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
content-security-policy
default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval';
accept-ranges
bytes
content-length
19751
x-xss-protection
1; mode=block
app.js
note1s.com/js/ 		258 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://note1s.com/js/app.js?id=0e83dba9e8630f1a1f92
Requested by
Host: note1s.com
URL: https://note1s.com/notes/23WTJ5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
fbs /
Resource Hash
8b5da51cc7922a21ec9681c479cb6709d39d388235a4570c7f626ddd6174485d
Security Headers
Name Value
Content-Security-Policy default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval';
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://note1s.com/notes/23WTJ5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 06:28:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sat, 26 Feb 2022 15:53:00 GMT
server
fbs
etag
W/"621a4cdc-40688"
x-frame-options
SAMEORIGIN
x-hw
1663223282.cds262.fr8.hn,1663223282.cds275.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
content-security-policy
default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval';
accept-ranges
bytes
content-length
94951
x-xss-protection
1; mode=block
cmp2.js
quantcast.mgr.consensu.org/tcfv2/23/ 		266 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://quantcast.mgr.consensu.org/tcfv2/23/cmp2.js
Requested by
Host: note1s.com
URL: https://note1s.com/notes/23WTJ5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206e:800:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7baadf42bdd7151de787de3b98f1c65f55cc2b3d34d4fbe90a0e490756dd3a1b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://note1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 06:28:02 GMT
content-encoding
br
age
8
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
access-control-max-age
86400
access-control-allow-origin
*
last-modified
Fri, 18 Dec 2020 15:09:37 GMT
server
AmazonS3
etag
W/"1d55b13d85c9837da884d1e8594cc025"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/javascript;charset=UTF-8
via
1.1 a243c19b86829b9271d382d92416109c.cloudfront.net (CloudFront)
cache-control
max-age=172800
x-amz-meta-qc-ineu
True
x-amz-cf-pop
VIE50-C1
x-amz-cf-id
FnG8blwPaul0IpOlZvt5ZXT_fZVWsihAerHkRdN5DjUNMlPLCiQgBw==
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		167 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: note1s.com
URL: https://note1s.com/notes/23WTJ5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e323075f91e800e771264bee36c99d2613e0f1d7b19cba910264d0dad64856a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://note1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 06:28:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57951
x-xss-protection
0
server
cafe
etag
11480731567146598461
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 15 Sep 2022 06:28:02 GMT
/
note1s.com/sbbi/ Frame FC4C 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://note1s.com/sbbi/?sbbpg=sbbShell&gprid=fP
Requested by
Host: note1s.com
URL: https://note1s.com/notes/23WTJ5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
fbs /
Resource Hash
a3e93a8794c4a1dc70215ffcc6eab5697ce0b56df2f401ff12e7918a221c76c2

Request headers

Referer
https://note1s.com/notes/23WTJ5
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-store, no-cache, max-age=0, must-revalidate, private, max-stale=0, post-check=0, pre-check=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 15 Sep 2022 06:28:02 GMT
server
fbs
x-accel-expires
0
x-hw
1663223282.cds262.fr8.hn,1663223282.cds057.fr8.sc,1663223282.waf1-node01-fra02.stackpath.systems.-.i,1663223282.cds057.fr8.p
ser.php
ssp.web1s.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssp.web1s.com/ser.php?t=AADIV48&f=48&psc=
Requested by
Host: note1s.com
URL: https://note1s.com/notes/23WTJ5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx / LarVPS
Resource Hash
830130c9c959ae884ad5894ea88521ee96b202b0487e5df6487ee7a43901eb5a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://note1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 06:28:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
x-powered-by
LarVPS
x-download-options
noopen
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-hw
1663223282.cds272.fr8.hn,1663223282.cds217.fr8.sc,1663223282.cds217.fr8.p
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
accept-ranges
bytes
x-xss-protection
1; mode=block
ser.php
ssp.web1s.com/ 		2 KB
953 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ssp.web1s.com/ser.php?t=AADIV46&f=46&psc=
Requested by
Host: note1s.com
URL: https://note1s.com/notes/23WTJ5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx / LarVPS
Resource Hash
eb0e2701355b2c0beb0ea5121dba8470370367b460ff12f047b76240ff1e1f47
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://note1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 06:28:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
x-powered-by
LarVPS
x-download-options
noopen
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-hw
1663223282.cds272.fr8.hn,1663223282.cds229.fr8.sc,1663223282.cds229.fr8.p
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
accept-ranges
bytes
x-xss-protection
1; mode=block
ser.php
ssp.web1s.com/ 		1 KB
757 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ssp.web1s.com/ser.php?t=AADIV57&f=57&psc=
Requested by
Host: note1s.com
URL: https://note1s.com/notes/23WTJ5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx / LarVPS
Resource Hash
4172d3f2fde2218404e2dfd7aa682e416f76fec7b66290d167a3f6a9a956e680
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://note1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 06:28:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
x-powered-by
LarVPS
x-download-options
noopen
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-hw
1663223282.cds272.fr8.hn,1663223282.cds217.fr8.sc,1663223282.cds217.fr8.p
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
accept-ranges
bytes
x-xss-protection
1; mode=block
fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/webfonts/ 		76 KB
77 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/webfonts/fa-solid-900.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f52ae059ebd18fcb45ca5d2f81ab410ade2b54e096aa1284fd4b2b97bf3ddc9
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css
Origin
https://note1s.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 06:28:02 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
561525
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
78268
timing-allow-origin
*
last-modified
Mon, 13 Sep 2021 19:10:03 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"613fa20b-131bc"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wHcQVfA8dASaeS0Ir8BJVz9o6votjoXTp8G%2Bn2BzXfGHS%2BBvrHs7Xu5RaSqb%2BhGvXDrkEEXLx%2BVaPiaGUWD6aClsx37DJ2Ch3ibAH1d1%2FKoEr3%2FGM7XqqcxBoaRPJ5b36mvGvI3w2obB8gqnB9JyusN9"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
74af4ccbddb7996c-FRA
expires
Tue, 05 Sep 2023 06:28:02 GMT
XRXI3I6Li01BKofiOc5wtlZ2di8HDLshdTQ3jw.woff2
fonts.gstatic.com/s/nunito/v25/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/nunito/v25/XRXI3I6Li01BKofiOc5wtlZ2di8HDLshdTQ3jw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5e2f97ea0fb92d5e3ae31eeef403b9c34363c8fb2a387e13cf381fa97f3e8cf7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://note1s.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 19:04:03 GMT
x-content-type-options
nosniff
age
300239
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14060
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 19:44:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 11 Sep 2023 19:04:03 GMT
XRXI3I6Li01BKofiOc5wtlZ2di8HDLshdTo3j77e.woff2
fonts.gstatic.com/s/nunito/v25/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/nunito/v25/XRXI3I6Li01BKofiOc5wtlZ2di8HDLshdTo3j77e.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a8aed46dba06a6b68d94a3204205fc78f1e9fc5c90e69ca49fad346e3b7e47b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://note1s.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 07:18:38 GMT
x-content-type-options
nosniff
age
169764
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12736
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 19:32:29 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Sep 2023 07:18:38 GMT
google-atp-list.json
quantcast.mgr.consensu.org/tcfv2/ 		152 KB
36 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://quantcast.mgr.consensu.org/tcfv2/google-atp-list.json
Requested by
Host: note1s.com
URL: https://note1s.com/notes/23WTJ5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206e:800:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
07972f12994eb405d291a4584d3cec9262e657f789053b67de1b1d71d6f09c62

Request headers

Accept
application/json, text/plain, */*
Referer
https://note1s.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 03:03:25 GMT
content-encoding
br
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
age
12277
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Thu, 15 Sep 2022 03:03:24 GMT
server
AmazonS3
etag
W/"b6c05a3bfd48e979d8c08b0310b92d76"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
via
1.1 650962b00c259fe47c193b15b2fe4b88.cloudfront.net (CloudFront)
cache-control
max-age=172800
access-control-allow-credentials
true
x-amz-cf-pop
VIE50-C1
x-amz-cf-id
r9B__o2uWNGmP5fFgPAcmDbLwv9BJtJ4zn50KG30MoIveZ3xrCrm-Q==
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/ 		346 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9792971117783742&plah=note1s.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9f2cc3ff20e2648c6c37c5415b26523088b570fe657b6d94c709e38016e68d8b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://note1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 06:28:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
124742
x-xss-protection
0
server
cafe
etag
1506013802295912726
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 15 Sep 2022 06:28:02 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220912/r20190131/ Frame EF87 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220912/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://note1s.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1236
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4412
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 15 Sep 2022 06:07:26 GMT
etag
8616628553774171045
expires
Thu, 29 Sep 2022 06:07:26 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-129758818-11
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://note1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
5162
date
Thu, 15 Sep 2022 05:02:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Thu, 15 Sep 2022 07:02:00 GMT
XRXI3I6Li01BKofiOc5wtlZ2di8HDLshdTs3j77e.woff2
fonts.gstatic.com/s/nunito/v25/ 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/nunito/v25/XRXI3I6Li01BKofiOc5wtlZ2di8HDLshdTs3j77e.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7ed3b3e7cc5d46c24c6e02c7bd33100fbdd09822b0fb230956369b4881da6953
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://note1s.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 14:16:31 GMT
x-content-type-options
nosniff
age
144691
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4252
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 19:27:35 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Sep 2023 14:16:31 GMT
47700594.js
fstatic.netpub.media/r/269534aa95722c2bbc20163e28baf266/
Redirect Chain
  • https://fstatic.netpub.media/static/269534aa95722c2bbc20163e28baf266.min.js?1663223282784
  • https://fstatic.netpub.media/r/269534aa95722c2bbc20163e28baf266/service.js
  • https://fstatic.netpub.media/r/269534aa95722c2bbc20163e28baf266/47700594.js?npr=0864f49efbc4536bedbb0d252ae853d8
397 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fstatic.netpub.media/r/269534aa95722c2bbc20163e28baf266/47700594.js?npr=0864f49efbc4536bedbb0d252ae853d8
Requested by
Host: note1s.com
URL: https://note1s.com/notes/23WTJ5
Protocol
H2
Server
2606:4700:20::681a:51a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c543b5c520ed07545df1ccd8996baf509ed66f7c9f089e28e410ee5a019facf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://note1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 06:28:02 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Mon, 12 Sep 2022 22:27:43 GMT
server
cloudflare
age
2375
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q0fbemF3Hus4p2eAUrdmBTxpYuZUGnsx33bHvCTmSecN4bLQeeK5CN8duxBjKMaDyl%2ByYwWciL3GKHvSYVRe5QA2hoxiXXBiuPoxancLHGfEzP%2BCwHywBgRuOfVcYGRp%2BH2cmOj%2BuZoW5L%2FUyUc3Xqdv"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2678400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
74af4ccdfb859b9a-FRA
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
BYPASS

Redirect headers

date
Thu, 15 Sep 2022 06:28:02 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KB1seZa6qAZVEFLIqYlA6pd%2B3uO9zHtpIvl%2FFQNJ%2B1FPfOv4OKF9zxGOuRu6czIUhQVoidieWzz%2B%2BrXOjL8TmrLwD3wgGi4b2wOSqmdzSoyHnQjTvGVpMGfrEJWqImyzRZV59TSWE3wMcoygfvakJZQC"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
location
https://fstatic.netpub.media/r/269534aa95722c2bbc20163e28baf266/47700594.js?npr=0864f49efbc4536bedbb0d252ae853d8
cf-ray
74af4ccdcaf39b9a-FRA
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
BYPASS
pFAMLXM.png
i.imgur.com/ 		135 KB
135 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/pFAMLXM.png
Requested by
Host: note1s.com
URL: https://note1s.com/notes/23WTJ5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.16.193 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
a2b7eec9677333bdbac244e74320e44aced7c9056020bb4ff5c7ec3d7fa7ffa4
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://note1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 06:28:02 GMT
x-content-type-options
nosniff
age
1208906
x-cache
HIT, HIT
content-length
138183
x-served-by
cache-iad-kcgs7200149-IAD, cache-vie6348-VIE
last-modified
Thu, 01 Sep 2022 06:39:36 GMT
server
cat factory 1.0
x-timer
S1663223283.845868,VS0,VE0
etag
"27e30487355301ee6b043198bd6c0d3a"
strict-transport-security
max-age=300
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 44
cmp-list.json
test.quantcast.mgr.consensu.org/GVL-v2/ 		10 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://test.quantcast.mgr.consensu.org/GVL-v2/cmp-list.json
Requested by
Host: note1s.com
URL: https://note1s.com/notes/23WTJ5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2304:4e00:3:a4cd:8380:93a1 , United States, ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cd0564106c40c0d22e2b8fd12f552d0beb6bc1f44d0e9e1a744ff86a811d1ebb

Request headers

Accept
application/json, text/plain, */*
Referer
https://note1s.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 03:00:57 GMT
content-encoding
gzip
age
12425
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
access-control-max-age
86400
access-control-allow-origin
*
last-modified
Thu, 01 Sep 2022 19:55:38 GMT
server
AmazonS3
etag
W/"6956b949229e4f70c6801a6ba073ae1e"
vary
Accept-Encoding
access-control-allow-methods
GET
x-amz-version-id
7JVvY2BjkVZ63YlCse_n1XAdPqJrPXIl
via
1.1 8c71fe23914182493dae4cb15c841346.cloudfront.net (CloudFront)
cache-control
max-age=172800
x-amz-cf-pop
VIE50-P1
content-type
application/json
x-amz-cf-id
r-vSwtZW1OMbjaJOQlDzY9id3mL01zxJCh-SiKH5CCsxu0jI5-g6jA==
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=542072642&t=pageview&_s=1&dl=https%3A%2F%2Fnote1s.com%2Fnotes%2F23WTJ5&ul=en-us&de=UTF-8&dt=Note1s%20Online%20Notepad%20-%20Free%20at%20note1s.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1829217592&gjid=1252048911&cid=1436128776.1663223283&tid=UA-129758818-11&_gid=1429506803.1663223283&_r=1&gtm=2ou9e0&z=156470995
Requested by
Host: note1s.com
URL: https://note1s.com/notes/23WTJ5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://note1s.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 15 Sep 2022 06:28:02 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://note1s.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
vendor-list.json
quantcast.mgr.consensu.org/GVL-v2/ 		384 KB
51 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://quantcast.mgr.consensu.org/GVL-v2/vendor-list.json
Requested by
Host: note1s.com
URL: https://note1s.com/notes/23WTJ5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206e:800:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
92bc86f5b4bd321419e20ee6d4ac001bdac0d60275ab0c05ce3d13df458f6a4c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://note1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 03:00:48 GMT
content-encoding
gzip
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
age
12435
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Thu, 15 Sep 2022 03:00:35 GMT
server
AmazonS3
etag
W/"1eb4631408fa6170c2b320ff34ecf832"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
via
1.1 650962b00c259fe47c193b15b2fe4b88.cloudfront.net (CloudFront)
cache-control
max-age=172800
access-control-allow-credentials
true
x-amz-cf-pop
VIE50-C1
x-amz-cf-id
2qnc0aUGEPDDYhexl71xvOtzCOGiZrYbIYXdXLCn40xRsa5tMycexw==
cmp2ui-en.js
quantcast.mgr.consensu.org/tcfv2/23/ 		469 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://quantcast.mgr.consensu.org/tcfv2/23/cmp2ui-en.js
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/23/cmp2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206e:800:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
587e2e7350886d6b5fd31e385638ffe5cf3331c82260e8fe76523f99cda27a42

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://note1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 18:15:06 GMT
content-encoding
br
age
43977
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
access-control-max-age
86400
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
last-modified
Fri, 18 Dec 2020 15:09:43 GMT
server
AmazonS3
etag
W/"b999c652510fc4edd897a1d667aaee33"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/javascript;charset=UTF-8
via
1.1 a243c19b86829b9271d382d92416109c.cloudfront.net (CloudFront)
cache-control
max-age=172800
x-amz-cf-pop
VIE50-C1
x-amz-cf-id
wVsDrRx1StTXGCUKaSMA2mLz5ERs8GZzEnF4dSnwKueohefE7w6g2Q==
/
audit-tcfv2.quantcast.mgr.consensu.org/ 		2 B
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://audit-tcfv2.quantcast.mgr.consensu.org/?log=%7B%22domain%22%3A%22note1s.com%22%2C%22publisher%22%3A%22https%3A%2F%2Fnote1s.com%2Fnotes%2F23WTJ5%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.23%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%22%22%2C%22clientTimestamp%22%3A1663223283079%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-ddl0wdbtz2czdo09gxad%22%7D
Requested by
Host: note1s.com
URL: https://note1s.com/notes/23WTJ5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.184.40.219 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-184-40-219.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accept
application/json, text/plain, */*
Referer
https://note1s.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 15 Sep 2022 06:28:03 GMT
content-length
2
content-type
text/plain; charset=utf-8
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		86 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: fstatic.netpub.media
URL: https://fstatic.netpub.media/static/269534aa95722c2bbc20163e28baf266.min.js?1663223282784
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f25020551b7875861e4d51628f6f57e57a250441de53dfa0ad585c80e16a0740
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://note1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 06:28:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29163
x-xss-protection
0
server
sffe
etag
"1334 / 176 of 1000 / last-modified: 1663193277"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 15 Sep 2022 06:28:03 GMT
js
www.googletagmanager.com/gtag/ 		106 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-228391614-1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-129758818-11
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8899de0dfab1c4f913096e2040aa668844496c7a81300292484fa2afd3c8262b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://note1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 06:28:03 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42367
x-xss-protection
0
last-modified
Thu, 15 Sep 2022 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 15 Sep 2022 06:28:03 GMT
js
www.googletagmanager.com/gtag/ 		106 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-228391614-1
Requested by
Host: fstatic.netpub.media
URL: https://fstatic.netpub.media/static/269534aa95722c2bbc20163e28baf266.min.js?1663223282784
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9deb41423661ff83dae96be10ed7219b762a0daf17638bec8ebb6e61939ed070
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://note1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 06:28:03 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42358
x-xss-protection
0
last-modified
Thu, 15 Sep 2022 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 15 Sep 2022 06:28:03 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=542072642&t=pageview&_s=1&dl=https%3A%2F%2Fnote1s.com%2Fnotes%2F23WTJ5&ul=en-us&de=UTF-8&dt=Note1s%20Online%20Notepad%20-%20Free%20at%20note1s.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAUABAAAAAC~&jid=699710855&gjid=1071221495&cid=1436128776.1663223283&tid=UA-228391614-1&_gid=1429506803.1663223283&_r=1&gtm=2ou9e0&z=770872022
Requested by
Host: note1s.com
URL: https://note1s.com/notes/23WTJ5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://note1s.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 15 Sep 2022 06:28:03 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://note1s.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-228391614-1&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://note1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
5163
date
Thu, 15 Sep 2022 05:02:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Thu, 15 Sep 2022 07:02:00 GMT
pubads_impl_2022090801.js
securepubads.g.doubleclick.net/gpt/ 		382 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090801.js?cb=31069552
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dba21b69260b204a0ea685b1388df50b9c490e8db990610b08499aef93a72f39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://note1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 19:31:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
39415
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133090
x-xss-protection
0
last-modified
Thu, 08 Sep 2022 08:35:47 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 14 Sep 2023 19:31:08 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		163 B
135 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=note1s.com
Requested by
Host: note1s.com
URL: https://note1s.com/notes/23WTJ5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a2c70f4c1017711968251300d4f4f4f7a9580f22ecc2c7ede9aaeee6175f3486
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://note1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 15 Sep 2022 06:28:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
110
x-xss-protection
0
expires
Thu, 15 Sep 2022 06:28:03 GMT

Verdicts & Comments Add Verdict or Comment

94 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| gtag object| dataLayer function| __tcfapi function| __uspapi string| sbbvscc string| sbbgscc function| genPid function| nsbbfetch function| sbbgc function| addmg function| addprid function| sbbeccf function| m2vr function| sbbls string| y string| x string| gprid boolean| sbbfcr object| sbbeccfi string| sbbgs string| k object| ca string| psc string| c object| s function| close_baolink1s function| _ function| Popper function| jQuery function| $ function| axios boolean| sbrmp number| lX number| lY string| csr object| otr object| cnv string| lk__ function| setUGEvals number| tt object| google_tag_manager object| regeneratorRuntime function| __tcfapiui object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| GoogleAnalyticsObject function| ga string| google_user_agent_client_hint function| amb_sC function| amb_gC function| amb_rI function| amb_sH object| gaplugins object| gaGlobal object| gaData function| google_sa_impl object| googleToken object| googleIMState object| AdSlotCollection object| WebComponents function| __CE_installPolyfill object| ShadyCSS object| scCGSHMRCache object| __oa360ScriptsState boolean| __isGoogleAllowed object| googletag

14 Cookies

Domain/Path Name / Value
note1s.com/ Name: SPSI
Value: 019e3d8f94186100b2a27afe585f6691
note1s.com/ Name: SPSE
Value: A9gF7NXDT5SvmiDDeG9M9O2lUPghpT4fu6B+D9vqMtKtt6EZKW4aZLYPTiBZDnNithT9RdPXx7iy8lE2GaLQHQ==
note1s.com/ Name: sbtsck
Value: javO4T/cvWTC6R5neBeyPqSxrITLtpNHVKX6lbP6gACQZA=
note1s.com/ Name: UTGv2
Value: h495af0ba43c94ee53d7ecf57fed5ca26754
note1s.com/ Name: spcsrf
Value: 47152ddf8809f8336c80d27d1ccb04ac
note1s.com/ Name: XSRF-TOKEN
Value: eyJpdiI6IkVzZ0pkbWd3bjdIdTZRYTBXY2lwSEE9PSIsInZhbHVlIjoiRDk5eUgxdjZ0alErcFRDcEd1bWJqNVM1T1U3WTN3VnFac1A5L1ppd1B2c1hpV0xPRmtBckwwaXdydXhORjgzVis5U3QzWnEwRXJDblI4bHlscVpNcjNWQnJJbTNLcHhRL1hXdjBYYVhYOGtzazRzZGNtUW9KWFBGYU9mWFFrRngiLCJtYWMiOiJlZTA2ZDQ2OGViYWIwYTkwMzM3ZmVmNmU1ZGE5MjUzNDM5NTRkYWNiNjVmYzA4MmE4ZGNhZDBiOWZhMmVkNjkyIn0%3D
note1s.com/ Name: online_notepad_take_notes_and_earn_money_at_note1scom_session
Value: eyJpdiI6IlJlQWF6dkltTDQxRFpEaW5iZGovTmc9PSIsInZhbHVlIjoidWJXTTRkOXNzeE9HZ2N5OFVsQkRnUmZueWNBcWVoK0k3a2ZqRkVFcS9rVDl0cGo1OVZGcnhTR3UyQlpQWHBuNEhxYk52RUJZeDlDTFZHZktlYnprNVZTUXBLZGdDVEtWRDJwNFV1ZG9aaG1IVTEzYzVITGx4TnBwQkxZSHJYTXUiLCJtYWMiOiJjZDQ5MDI4NzBiYTFkZjY3OTViMTMxZWI0NDhlNzE3ZGUwNzE1MGMxYmE0ZmQ1MTNhMWNhZDEyYWNjMzk2NjBiIn0%3D
note1s.com/ Name: sp_lit
Value: pWOKgoXCi+C5RxvyR+qnpA==
note1s.com/ Name: PRLST
Value: fP
note1s.com/ Name: adOtr
Value: 3e1d0f99814
.note1s.com/ Name: _ga
Value: GA1.2.1436128776.1663223283
.note1s.com/ Name: _gid
Value: GA1.2.1429506803.1663223283
.note1s.com/ Name: _gat_gtag_UA_129758818_11
Value: 1
.note1s.com/ Name: _gat_gtag_UA_228391614_1
Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

audit-tcfv2.quantcast.mgr.consensu.org
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
fstatic.netpub.media
googleads.g.doubleclick.net
i.imgur.com
note1s.com
pagead2.googlesyndication.com
quantcast.mgr.consensu.org
securepubads.g.doubleclick.net
ssp.web1s.com
test.quantcast.mgr.consensu.org
www.google-analytics.com
www.googletagmanager.com
151.139.128.10
151.139.128.11
18.184.40.219
199.232.16.193
2600:9000:206e:800:9:46dc:4700:93a1
2600:9000:2304:4e00:3:a4cd:8380:93a1
2606:4700:20::681a:51a
2606:4700::6811:180e
2a00:1450:4001:801::2003
2a00:1450:4001:803::2002
2a00:1450:4001:803::2008
2a00:1450:4001:80e::200e
2a00:1450:4001:811::2002
2a00:1450:4001:812::200a
2a00:1450:4001:827::2002
003ab203aa11cb3ff3da2225f34413d8b77842d2b4597f4b9349d67dab7a0a0d
07972f12994eb405d291a4584d3cec9262e657f789053b67de1b1d71d6f09c62
0b1d853b95981b889d69c46d648042c4817d7d92dff28c6728cf767eb26a34cc
289ba6b0133f582b231fb167f803fcc65ffa8a87216abea8e144db7b9c15e94e
4172d3f2fde2218404e2dfd7aa682e416f76fec7b66290d167a3f6a9a956e680
5363f6cdbf24ae95e5f31a3d93350f892d1909ed91f76cd7302d3185056770fc
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
587e2e7350886d6b5fd31e385638ffe5cf3331c82260e8fe76523f99cda27a42
5e2f97ea0fb92d5e3ae31eeef403b9c34363c8fb2a387e13cf381fa97f3e8cf7
6810410cbba05e41d4058a7bf87897f0b4d3c788bed41ca4badc2e659cf39b16
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c543b5c520ed07545df1ccd8996baf509ed66f7c9f089e28e410ee5a019facf
7baadf42bdd7151de787de3b98f1c65f55cc2b3d34d4fbe90a0e490756dd3a1b
7ed3b3e7cc5d46c24c6e02c7bd33100fbdd09822b0fb230956369b4881da6953
830130c9c959ae884ad5894ea88521ee96b202b0487e5df6487ee7a43901eb5a
8899de0dfab1c4f913096e2040aa668844496c7a81300292484fa2afd3c8262b
8b5da51cc7922a21ec9681c479cb6709d39d388235a4570c7f626ddd6174485d
8bec323a914195ff8ea2ea3fd79418a8b094b1245016f4e08e7a1fe292d2e6fc
8f52ae059ebd18fcb45ca5d2f81ab410ade2b54e096aa1284fd4b2b97bf3ddc9
92bc86f5b4bd321419e20ee6d4ac001bdac0d60275ab0c05ce3d13df458f6a4c
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e
9deb41423661ff83dae96be10ed7219b762a0daf17638bec8ebb6e61939ed070
9f2cc3ff20e2648c6c37c5415b26523088b570fe657b6d94c709e38016e68d8b
9f726a0127ce218459cccfbec762795e5897b91c4c3ed3aa653b982c2f35fbfc
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2b7eec9677333bdbac244e74320e44aced7c9056020bb4ff5c7ec3d7fa7ffa4
a2c70f4c1017711968251300d4f4f4f7a9580f22ecc2c7ede9aaeee6175f3486
a3e93a8794c4a1dc70215ffcc6eab5697ce0b56df2f401ff12e7918a221c76c2
a8aed46dba06a6b68d94a3204205fc78f1e9fc5c90e69ca49fad346e3b7e47b2
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bb4e5956f130d6375ce85ca1225536f8852c4ca5b16ee74cb882ee40a4cbedd2
cd0564106c40c0d22e2b8fd12f552d0beb6bc1f44d0e9e1a744ff86a811d1ebb
d155160aea288964eebe06a362795ab879ed657ca75f7ca60d5a1c8e9fe05d7b
dba21b69260b204a0ea685b1388df50b9c490e8db990610b08499aef93a72f39
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
e323075f91e800e771264bee36c99d2613e0f1d7b19cba910264d0dad64856a4
eb0e2701355b2c0beb0ea5121dba8470370367b460ff12f047b76240ff1e1f47
f25020551b7875861e4d51628f6f57e57a250441de53dfa0ad585c80e16a0740