noteslive.vip Open in urlscan Pro
141.193.213.10 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://sunsetownersclub.com/
Effective URL:
https://noteslive.vip/properties/sunsetcollection/
Submission: On April 17 via manual (April 17th 2024, 3:21:17 am UTC) from US — Scanned from DE

Summary HTTP 107 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 22 IPs in 3 countries across 20 domains to perform 107 HTTP transactions. The main IP is 141.193.213.10, located in United States and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is noteslive.vip.
TLS certificate: Issued by E1 on March 25th 2024. Valid for: 3 months.

This is the only time noteslive.vip was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	3.33.152.147 3.33.152.147	16509 (AMAZON-02) (AMAZON-02)
58	141.193.213.10 141.193.213.10	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
3	104.17.24.14 104.17.24.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
3	2a01:4f8:c17:... 2a01:4f8:c17:103c::1	24940 (HETZNER-AS) (HETZNER-AS)
6	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
1	2600:9000:225... 2600:9000:225e:1600:7:e536:8b00:93a1	16509 (AMAZON-02) (AMAZON-02)
2	104.18.142.119 104.18.142.119	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	51.81.55.251 51.81.55.251	16276 (OVH) (OVH)
2 3	2606:4700::68... 2606:4700::6811:f5cb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	54.177.56.40 54.177.56.40	16509 (AMAZON-02) (AMAZON-02)
2 2	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
2	18.66.186.148 18.66.186.148	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
8	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
2	104.19.175.188 104.19.175.188	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
1	157.240.252.13 157.240.252.13	32934 (FACEBOOK) (FACEBOOK)
2	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 1	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
1 1	172.217.16.196 172.217.16.196	15169 (GOOGLE) (GOOGLE)
1	216.58.206.35 216.58.206.35	15169 (GOOGLE) (GOOGLE)
1	104.18.80.204 104.18.80.204	13335 (CLOUDFLAR...) (CLOUDFLARENET)
107	22

1 3.33.152.147 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a4ec4c6ea1c92e2e6.awsglobalaccelerator.com

sunsetownersclub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

58 141.193.213.10 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

noteslive.vip	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a01:4f8:c17:103c::1 (Bad Soden-Salmuenster, Germany)

ASN24940 (HETZNER-AS, DE)

moderate.cleantalk.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:225e:1600:7:e536:8b00:93a1 (United States)

ASN16509 (AMAZON-02, US)

tag.brandcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.142.119 (None, )

ASN13335 (CLOUDFLARENET, US)

js.hsforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.81.55.251 (United States)

ASN16276 (OVH, FR)
PTR: moderate9.cleantalk.org

moderate9-v4.cleantalk.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:f5cb (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.177.56.40 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-177-56-40.us-west-1.compute.amazonaws.com

adservices.brandcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.71.131.137 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.186.148 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-186-148.muc50.r.cloudfront.net

d1eoo1tco6rr5e.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.19.175.188 (None, )

ASN13335 (CLOUDFLARENET, US)

forms.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 157.240.252.13 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-fra3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.194 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.196 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.206.35 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr35s10-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.80.204 (None, )

ASN13335 (CLOUDFLARENET, US)

forms-na1.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
58	noteslive.vip noteslive.vip	4 MB
8	gstatic.com fonts.gstatic.com	127 KB
6	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 42	554 KB
4	adsrvr.org 2 redirects insight.adsrvr.org — Cisco Umbrella Rank: 611	384 B
4	brandcdn.com tag.brandcdn.com — Cisco Umbrella Rank: 17966 adservices.brandcdn.com — Cisco Umbrella Rank: 12547	3 KB
4	cleantalk.org moderate.cleantalk.org — Cisco Umbrella Rank: 23477 moderate9-v4.cleantalk.org — Cisco Umbrella Rank: 48011	15 KB
3	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2548	360 B
3	hsforms.com forms.hsforms.com — Cisco Umbrella Rank: 4261 forms-na1.hsforms.com — Cisco Umbrella Rank: 6850	6 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 183	73 KB
3	unpkg.com 2 redirects unpkg.com — Cisco Umbrella Rank: 745	11 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	7 KB
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 239	13 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 97	376 B
2	cloudfront.net d1eoo1tco6rr5e.cloudfront.net
2	hsforms.net js.hsforms.net — Cisco Umbrella Rank: 6698	156 KB
1	google.de www.google.de — Cisco Umbrella Rank: 7551	64 B
1	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2	24 B
1	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 38	24 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 124	2 KB
1	sunsetownersclub.com 1 redirects sunsetownersclub.com	344 B
107	20

	Domain	Requested by
58	noteslive.vip	noteslive.vip
8	fonts.gstatic.com	fonts.googleapis.com
6	www.googletagmanager.com	noteslive.vip www.googletagmanager.com
4	insight.adsrvr.org	2 redirects noteslive.vip
3	region1.google-analytics.com	www.googletagmanager.com
3	connect.facebook.net	tag.brandcdn.com connect.facebook.net
3	adservices.brandcdn.com	tag.brandcdn.com adservices.brandcdn.com
3	unpkg.com	2 redirects noteslive.vip
3	moderate.cleantalk.org	noteslive.vip moderate.cleantalk.org
3	fonts.googleapis.com	noteslive.vip js.hsforms.net
3	cdnjs.cloudflare.com	noteslive.vip
2	www.facebook.com	noteslive.vip
2	forms.hsforms.com	js.hsforms.net noteslive.vip
2	d1eoo1tco6rr5e.cloudfront.net	tag.brandcdn.com
2	js.hsforms.net	noteslive.vip js.hsforms.net
1	forms-na1.hsforms.com	noteslive.vip
1	www.google.de	noteslive.vip
1	www.google.com	1 redirects
1	googleads.g.doubleclick.net	1 redirects
1	www.googleadservices.com	www.googletagmanager.com
1	moderate9-v4.cleantalk.org	noteslive.vip
1	tag.brandcdn.com	noteslive.vip
1	sunsetownersclub.com	1 redirects
107	23

This site contains links to these domains. Also see Links.

Domain
wordpress.org
themesharbor.com

Subject Issuer	Validity	Valid
noteslive.vip E1	`2024-03-25` - `2024-06-23`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.cleantalk.org Sectigo RSA Domain Validation Secure Server CA	`2023-09-07` - `2024-09-24`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.brandcdn.com Amazon RSA 2048 M02	`2023-08-02` - `2024-08-30`	a year	crt.sh
hsforms.net GTS CA 1P5	`2024-04-15` - `2024-07-14`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-01-25` - `2024-04-24`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
hsforms.com GTS CA 1P5	`2024-04-17` - `2024-07-16`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://noteslive.vip/properties/sunsetcollection/
Frame ID: 5069556FD54C83BFA702E9FD65D12C82
Requests: 100 HTTP requests in this frame

Frame: https://d1eoo1tco6rr5e.cloudfront.net/i5bjofz/3iw741u/iframe
Frame ID: 975D4B0F234C82D6FA7E27D6F1543EDC
Requests: 1 HTTP requests in this frame

Frame: https://d1eoo1tco6rr5e.cloudfront.net/i5bjofz/3iw741u/iframe
Frame ID: 44F4B98E6AA1587A1AB70C57BC479656
Requests: 1 HTTP requests in this frame

Frame: https://js.hsforms.net/forms/embed/v2.js
Frame ID: 80F051192EAB58820DF70F0DDC9BA37D
Requests: 3 HTTP requests in this frame

Frame: https://adservices.brandcdn.com/pixel/cv?aid=349448&cv_ck=d9ec18d6-b6f5-4007-9c38-d0592862ba7e&m=noteslive.vip&r=
Frame ID: 2C42484DFFD59740EEE99EE7E933E176
Requests: 1 HTTP requests in this frame

Frame: https://adservices.brandcdn.com/pixel/cv?aid=349448&cv_ck=d9ec18d6-b6f5-4007-9c38-d0592862ba7e&m=noteslive.vip&r=
Frame ID: AE9CA7FC0E2C9E83AD21412DF8CE5EAD
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sunset Hospitality Collection

Page URL History Show full URLs

http://sunsetownersclub.com/ HTTP 307
https://sunsetownersclub.com/ HTTP 307
http://sunsetownersclub.com/ HTTP 301
https://noteslive.vip/properties/sunsetcollection/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href="[^"]+owl\.carousel(?:\.min)?\.css
owl\.carousel.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

107
Requests

97 %
HTTPS

36 %
IPv6

20
Domains

23
Subdomains

22
IPs

3
Countries

5036 kB
Transfer

9091 kB
Size

14
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: http://wordpress.org/
Title: Proudly powered by WordPress

Search URL Search Domain Scan URL

URL: https://themesharbor.com/
Title: Themes Harbor

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://sunsetownersclub.com/ HTTP 307
https://sunsetownersclub.com/ HTTP 307
http://sunsetownersclub.com/ HTTP 301
https://noteslive.vip/properties/sunsetcollection/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 43

https://unpkg.com/isotope-layout@3/dist/isotope.pkgd.min.js?ver=1 HTTP 302
https://unpkg.com/isotope-layout@3/dist/isotope.pkgd.min.js HTTP 302
https://unpkg.com/isotope-layout@3.0.6/dist/isotope.pkgd.min.js

Request Chain 66

https://insight.adsrvr.org/tags/i5bjofz/3iw741u/iframe HTTP 301
https://d1eoo1tco6rr5e.cloudfront.net/i5bjofz/3iw741u/iframe

Request Chain 70

https://insight.adsrvr.org/tags/i5bjofz/3iw741u/iframe HTTP 301
https://d1eoo1tco6rr5e.cloudfront.net/i5bjofz/3iw741u/iframe

Request Chain 92

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11305234616/?random=294249009&cv=11&fst=1713324072171&bg=ffffff&guid=ON&async=1&gtm=45be44f0za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fnoteslive.vip%2Fproperties%2Fsunsetcollection%2F&label=tRxpCIKS59MYELjh4I4q&hn=www.googleadservices.com&frm=0&tiba=Sunset%20Hospitality%20Collection&did=dZTNiMT&gdid=dZTNiMT&npa=1&pscdl=noapi&auid=1816245810.1713324072&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&ec_mode=a&fdr=SA&data=event%3Dconversion&em=tv.1&fmt=3&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECCJjBsQI&pscrd=IhMInILWxaXIhQMVr-MRCB2s4wgTMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6Fmh0dHBzOi8vbm90ZXNsaXZlLnZpcC8 HTTP 302
https://www.google.com/pagead/1p-conversion/11305234616/?random=294249009&cv=11&fst=1713324072171&bg=ffffff&guid=ON&async=1&gtm=45be44f0za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fnoteslive.vip%2Fproperties%2Fsunsetcollection%2F&label=tRxpCIKS59MYELjh4I4q&hn=www.googleadservices.com&frm=0&tiba=Sunset%20Hospitality%20Collection&did=dZTNiMT&gdid=dZTNiMT&npa=1&pscdl=noapi&auid=1816245810.1713324072&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&ec_mode=a&fdr=SA&data=event%3Dconversion&em=tv.1&fmt=3&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECCJjBsQI&pscrd=IhMInILWxaXIhQMVr-MRCB2s4wgTMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6Fmh0dHBzOi8vbm90ZXNsaXZlLnZpcC8&is_vtc=1&cid=CAQSGwB7FLtq_Uo6Lk_sXYc8jiHUau1XW-n2RL3Ncg&random=3145234867 HTTP 302
https://www.google.de/pagead/1p-conversion/11305234616/?random=294249009&cv=11&fst=1713324072171&bg=ffffff&guid=ON&async=1&gtm=45be44f0za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fnoteslive.vip%2Fproperties%2Fsunsetcollection%2F&label=tRxpCIKS59MYELjh4I4q&hn=www.googleadservices.com&frm=0&tiba=Sunset%20Hospitality%20Collection&did=dZTNiMT&gdid=dZTNiMT&npa=1&pscdl=noapi&auid=1816245810.1713324072&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&ec_mode=a&fdr=SA&data=event%3Dconversion&em=tv.1&fmt=3&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECCJjBsQI&pscrd=IhMInILWxaXIhQMVr-MRCB2s4wgTMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6Fmh0dHBzOi8vbm90ZXNsaXZlLnZpcC8&is_vtc=1&cid=CAQSGwB7FLtq_Uo6Lk_sXYc8jiHUau1XW-n2RL3Ncg&random=3145234867&ipr=y

107 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
noteslive.vip/properties/sunsetcollection/
Redirect Chain

http://sunsetownersclub.com/
https://sunsetownersclub.com/
http://sunsetownersclub.com/
https://noteslive.vip/properties/sunsetcollection/

433 KB
45 KB

457ms
423ms

Document
text/html

141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://noteslive.vip/properties/sunsetcollection/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / WP Engine
Resource Hash: 1fc0b0b37e65e4471aac871b109135b7c08c2f6d5418577553128741bda5a9d5

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=600, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 875948968abf35fe-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 17 Apr 2024 03:21:11 GMT
link: <https://noteslive.vip/wp-json/>; rel="https://api.w.org/" <https://noteslive.vip/wp-json/wp/v2/pages/8819>; rel="alternate"; type="application/json" <https://noteslive.vip/?p=8819>; rel=shortlink
server: cloudflare
vary: Accept-Encoding Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache: HIT: 1
x-cache-group: normal
x-cacheable: SHORT
x-powered-by: WP Engine

Redirect headers

Connection: keep-alive
Content-Length: 85
Content-Type: text/html; charset=utf-8
Date: Wed, 17 Apr 2024 03:21:11 GMT
Location: https://noteslive.vip/properties/sunsetcollection/
Server: ip-100-74-4-113.eu-west-2.compute.internal
Vary: Accept-Encoding
X-Request-Id: 7a49e3d8-a3c2-4e50-83eb-079d41c9879d

GET
H3 200 owl.carousel.css
cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.3.4/assets/ 5 KB
2 KB 38ms
14ms Stylesheet
text/css 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.3.4/assets/owl.carousel.css

Requested by

Host: noteslive.vip
URL: https://noteslive.vip/properties/sunsetcollection/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aaf08be6ae4ed211293a6d4280e2d052e1f332eb0066a0dc0192fd8a3a9f39d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Origin: https://noteslive.vip
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 17 Apr 2024 03:21:11 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1054056
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1136
last-modified: Mon, 04 May 2020 16:04:00 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03cf0-1288"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wAKceUPOO2lc9r3ap107mRq2sE56Z70zzCT%2FvJvVFpxW3NdLmgcRC67Wk5%2F78FxEyYb60nRlQYREVGQSOiriDhQ0Disngqnn%2BrRoPFMPxpTHkxiO%2Bz33zsL%2FCQ2HMOQwKobJp5iH"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8759489959cca031-FRA
expires: Mon, 07 Apr 2025 03:21:11 GMT

GET
H3 200 owl.theme.default.min.css
cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.3.4/assets/ 1013 B
915 B 40ms
16ms Stylesheet
text/css 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.3.4/assets/owl.theme.default.min.css

Requested by

Host: noteslive.vip
URL: https://noteslive.vip/properties/sunsetcollection/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

924b0dc630d1c5dff9fa31aead9509775b1d476bfe0a5ac2977b2f11205a26ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Origin: https://noteslive.vip
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 17 Apr 2024 03:21:11 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 161
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 331
last-modified: Mon, 04 May 2020 16:04:00 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03cf0-3f5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lWiUYmLCE0fg3ToiY9IEOlyTCwICqqJ6XBTeFkxlds7VYX6k8sK07DQD5SBoy%2BXpCJuUh7pSS43%2FZ8gNq76TBTMBgZZ03Nc3wYx9NLC29nGdZZ1o%2FWPk163auPo0TiHzoQwkHMyy"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8759489959caa031-FRA
expires: Mon, 07 Apr 2025 03:21:11 GMT

GET
H2 200 style.css
noteslive.vip/wp-content/plugins/layout-grid/ 58 KB
2 KB 19ms
17ms Stylesheet
text/css 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://noteslive.vip/wp-content/plugins/layout-grid/style.css?ver=1690396473
Requested by: Host: noteslive.vip
URL: https://noteslive.vip/properties/sunsetcollection/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ff079893cbfe8eebd0d49b7c8bcbeba131173b3e0da0e13210ad611869e0e36

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://noteslive.vip/properties/sunsetcollection/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 17 Apr 2024 03:21:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 26 Jul 2023 18:34:33 GMT
server: cloudflare
age: 364089
etag: W/"64c16739-e64d"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 875948993c0235fe-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 cleantalk-public.min.css
noteslive.vip/wp-content/plugins/cleantalk-spam-protect/css/ 2 KB
815 B 20ms
18ms Stylesheet
text/css 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://noteslive.vip/wp-content/plugins/cleantalk-spam-protect/css/cleantalk-public.min.css?ver=6.30
Requested by: Host: noteslive.vip
URL: https://noteslive.vip/properties/sunsetcollection/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f2c1f098f7a28dbab913d292da562c06b45d6495ec9a60e6cbc6b99564ef5e4

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://noteslive.vip/properties/sunsetcollection/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 17 Apr 2024 03:21:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 07 Apr 2024 15:44:40 GMT
server: cloudflare
age: 364089
etag: W/"6612bf68-876"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 875948993c0335fe-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 dashicons.min.css
noteslive.vip/wp-includes/css/ 58 KB
35 KB 21ms
19ms Stylesheet
text/css 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://noteslive.vip/wp-includes/css/dashicons.min.css?ver=6.5.2
Requested by: Host: noteslive.vip
URL: https://noteslive.vip/properties/sunsetcollection/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://noteslive.vip/properties/sunsetcollection/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 17 Apr 2024 03:21:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 26 Jul 2023 18:34:30 GMT
server: cloudflare
age: 206095
etag: W/"64c16736-e688"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 875948993c0435fe-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 style.css
noteslive.vip/wp-content/themes/appetite-child/ 82 KB
15 KB 22ms
21ms Stylesheet
text/css 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://noteslive.vip/wp-content/themes/appetite-child/style.css?ver=1.0.2
Requested by: Host: noteslive.vip
URL: https://noteslive.vip/properties/sunsetcollection/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcbc06b113673514f9ae310f4b5fa431720372fcf4e9b8473a888c300c9509f6

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://noteslive.vip/properties/sunsetcollection/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 17 Apr 2024 03:21:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 26 Jul 2023 18:33:21 GMT
server: cloudflare
age: 364089
etag: W/"64c166f1-14889"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 875948993c0635fe-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 posts-with-filter.css
noteslive.vip/wp-content/themes/appetite-child/assets/css/ 6 KB
1 KB 25ms
24ms Stylesheet
text/css 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://noteslive.vip/wp-content/themes/appetite-child/assets/css/posts-with-filter.css?ver=6.5.2
Requested by: Host: noteslive.vip
URL: https://noteslive.vip/properties/sunsetcollection/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2be9ab417d9ce189a79d3fa0d2e543bc13c22b0687af9b7594301b3d0439bd3

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://noteslive.vip/properties/sunsetcollection/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 17 Apr 2024 03:21:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 26 Jul 2023 18:33:21 GMT
server: cloudflare
age: 206095
etag: W/"64c166f1-18bf"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 875948993c0735fe-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 press-releases.css
noteslive.vip/wp-content/themes/appetite-child/assets/css/ 3 KB
892 B 24ms
23ms Stylesheet
text/css 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://noteslive.vip/wp-content/themes/appetite-child/assets/css/press-releases.css?ver=6.5.2
Requested by: Host: noteslive.vip
URL: https://noteslive.vip/properties/sunsetcollection/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 887040d844e8fe5e6794e6de88e54238db586f416d853fa4293bfa51d20d44ba

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://noteslive.vip/properties/sunsetcollection/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 17 Apr 2024 03:21:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 26 Jul 2023 18:33:56 GMT
server: cloudflare
age: 206095
etag: W/"64c16714-dc3"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 875948993c0835fe-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 our-team.css
noteslive.vip/wp-content/themes/appetite-child/assets/css/ 12 KB
2 KB 28ms
27ms Stylesheet
text/css 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://noteslive.vip/wp-content/themes/appetite-child/assets/css/our-team.css?ver=6.5.2
Requested by: Host: noteslive.vip
URL: https://noteslive.vip/properties/sunsetcollection/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: abeffbea799bfe76da3333b156daf8d7f1aab02ce4210efdfd73e265941412b3

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://noteslive.vip/properties/sunsetcollection/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 17 Apr 2024 03:21:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 11 Mar 2024 18:03:16 GMT
server: cloudflare
age: 206095
etag: W/"65ef4764-2f25"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 875948993c0935fe-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 10 KB
1 KB 48ms
16ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat%3A400%2C400i%2C700%2C700i%7CLato%3A400%2C700%2C400italic%2C700italic&subset=latin%2Clatin-ext%2Ccyrillic%2Ccyrillic-ext&display=swap

Requested by

Host: noteslive.vip
URL: https://noteslive.vip/properties/sunsetcollection/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5b84c4b766d4eccc89786e31780963387c8f1124d2040fc0d757a37ac02f4f22

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://noteslive.vip/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Wed, 17 Apr 2024 03:21:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 17 Apr 2024 03:21:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 17 Apr 2024 03:21:11 GMT

GET
H2 200 style.css
noteslive.vip/wp-content/themes/appetite-child/ 82 KB
15 KB 26ms
25ms Stylesheet
text/css 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://noteslive.vip/wp-content/themes/appetite-child/style.css?ver=2.2.3
Requested by: Host: noteslive.vip
URL: https://noteslive.vip/properties/sunsetcollection/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcbc06b113673514f9ae310f4b5fa431720372fcf4e9b8473a888c300c9509f6

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://noteslive.vip/properties/sunsetcollection/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 17 Apr 2024 03:21:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 26 Jul 2023 18:33:21 GMT
server: cloudflare
age: 364089
etag: W/"64c166f1-14889"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 875948993c0a35fe-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 singular.css
noteslive.vip/wp-content/themes/appetite/assets/css/pages/ 3 KB
1 KB 30ms
29ms Stylesheet
text/css 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://noteslive.vip/wp-content/themes/appetite/assets/css/pages/singular.css?ver=2.2.1
Requested by: Host: noteslive.vip
URL: https://noteslive.vip/properties/sunsetcollection/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 383fc0a2c8d9b1c598523d56e3e6c24522a86a4cf8808410b8182476e4607971

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://noteslive.vip/properties/sunsetcollection/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 17 Apr 2024 03:21:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 26 Jul 2023 18:33:26 GMT
server: cloudflare
age: 364089
etag: W/"64c166f6-d8e"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 875948993c0c35fe-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 jetpack.css
noteslive.vip/wp-content/themes/appetite/assets/css/pages/ 7 KB
2 KB 25ms
25ms Stylesheet
text/css 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://noteslive.vip/wp-content/themes/appetite/assets/css/pages/jetpack.css?ver=2.2.1
Requested by: Host: noteslive.vip
URL: https://noteslive.vip/properties/sunsetcollection/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: a80d4f393fe6858d03fa840c5c30179e3c0497923fa72ac7178e9f3039811f94

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://noteslive.vip/properties/sunsetcollection/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 17 Apr 2024 03:21:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 26 Jul 2023 18:33:32 GMT
server: cloudflare
age: 364089
etag: W/"64c166fc-1df0"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 875948993c0d35fe-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 elementor-icons.min.css
noteslive.vip/wp-content/plugins/elementor/assets/lib/eicons/css/ 19 KB
4 KB 29ms
28ms Stylesheet
text/css 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://noteslive.vip/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.29.0
Requested by: Host: noteslive.vip
URL: https://noteslive.vip/properties/sunsetcollection/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 67ac597bed179b5842d996fad80472c6b9514edde408ade8b892161bcf9e9c88

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://noteslive.vip/properties/sunsetcollection/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 17 Apr 2024 03:21:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 11 Apr 2024 02:08:01 GMT
server: cloudflare
age: 364089
etag: W/"66174601-4d42"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 875948994c1335fe-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 frontend.min.css
noteslive.vip/wp-content/plugins/elementor/assets/css/ 170 KB
21 KB 32ms
31ms Stylesheet
text/css 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://noteslive.vip/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.21.0
Requested by: Host: noteslive.vip
URL: https://noteslive.vip/properties/sunsetcollection/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e70e9a94ba85c4c49cf03cb6addf2deb658da1880617ec7b4952c2ffb13d660c

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://noteslive.vip/properties/sunsetcollection/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 17 Apr 2024 03:21:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 15 Apr 2024 14:09:03 GMT
server: cloudflare
age: 128400
etag: W/"661d34ff-2a6b2"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 875948994c1435fe-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 swiper.min.css
noteslive.vip/wp-content/plugins/elementor/assets/lib/swiper/v8/css/ 16 KB
5 KB 31ms
31ms Stylesheet
text/css 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://noteslive.vip/wp-content/plugins/elementor/assets/lib/swiper/v8/css/swiper.min.css?ver=8.4.5
Requested by: Host: noteslive.vip
URL: https://noteslive.vip/properties/sunsetcollection/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: c57e64fcb72bddafa9c38de574441c3e69ac6c961df96b0cad34da83658bd196

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://noteslive.vip/properties/sunsetcollection/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 17 Apr 2024 03:21:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 11 Apr 2024 02:08:01 GMT
server: cloudflare
age: 364089
etag: W/"66174601-4057"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 875948994c1535fe-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 frontend.min.css
noteslive.vip/wp-content/plugins/elementor-pro/assets/css/ 446 KB
44 KB 30ms
30ms Stylesheet
text/css 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://noteslive.vip/wp-content/plugins/elementor-pro/assets/css/frontend.min.css?ver=3.21.0
Requested by: Host: noteslive.vip
URL: https://noteslive.vip/properties/sunsetcollection/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: b9d7b8f5404018a17132e52fa513993588f08d5b73899ac08f23793546cbe3ce

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://noteslive.vip/properties/sunsetcollection/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 17 Apr 2024 03:21:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 16 Apr 2024 02:07:55 GMT
server: cloudflare
age: 73708
etag: W/"661ddd7b-6f6b8"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 875948994c1635fe-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 all.min.css
noteslive.vip/wp-content/plugins/elementor/assets/lib/font-awesome/css/ 58 KB
13 KB 29ms
29ms Stylesheet
text/css 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://noteslive.vip/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=3.21.0
Requested by: Host: noteslive.vip
URL: https://noteslive.vip/properties/sunsetcollection/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: d87ddf917b7a1449ab45e2b8e3c98354629bdd65b6659c37e6023bbea1ce1386

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://noteslive.vip/properties/sunsetcollection/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 17 Apr 2024 03:21:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 15 Apr 2024 14:09:03 GMT
server: cloudflare
age: 128400
etag: W/"661d34ff-e7d0"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 875948997f302c35-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 v4-shims.min.css
noteslive.vip/wp-content/plugins/elementor/assets/lib/font-awesome/css/ 26 KB
4 KB 30ms
29ms Stylesheet
text/css 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://noteslive.vip/wp-content/plugins/elementor/assets/lib/font-awesome/css/v4-shims.min.css?ver=3.21.0
Requested by: Host: noteslive.vip
URL: https://noteslive.vip/properties/sunsetcollection/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: c55902832fb84522d02ea1a60a30747403a140d8651fa748f13ba398b0c0df3a

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://noteslive.vip/properties/sunsetcollection/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 17 Apr 2024 03:21:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 15 Apr 2024 14:09:03 GMT
server: cloudflare
age: 128400
etag: W/"661d34ff-684e"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 875948997f312c35-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 general.min.css
noteslive.vip/wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/css/view/ 4 KB
1 KB 22ms
20ms Stylesheet
text/css 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://noteslive.vip/wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/css/view/general.min.css?ver=5.9.15
Requested by: Host: noteslive.vip
URL: https://noteslive.vip/properties/sunsetcollection/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0bc32c16a963f587d3d0d69da37f1ddf1269221fc7df0907f420624614ab2963

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://noteslive.vip/properties/sunsetcollection/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 17 Apr 2024 03:21:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 14 Apr 2024 15:35:36 GMT
server: cloudflare
age: 206095
etag: W/"661bf7c8-eae"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 875948997f322c35-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 172 KB
5 KB 24ms
22ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CMontserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CLora%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRaleway%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CPoppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CInter%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.5.2

Requested by

Host: noteslive.vip
URL: https://noteslive.vip/properties/sunsetcollection/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

be18e6049924d017a996ef614140feb39fbffdbf25e5ed65576d22c18cda6a2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://noteslive.vip/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Wed, 17 Apr 2024 03:21:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 17 Apr 2024 03:21:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 17 Apr 2024 03:21:11 GMT

GET
H3 200 jquery.min.js Show response
noteslive.vip/wp-includes/js/jquery/ 86 KB
31 KB 31ms
29ms Script
application/javascript 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://noteslive.vip/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by: Host: noteslive.vip
URL: https://noteslive.vip/properties/sunsetcollection/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://noteslive.vip/properties/sunsetcollection/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 17 Apr 2024 03:21:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 13 Nov 2023 12:00:53 GMT
server: cloudflare
age: 364089
etag: W/"65520ff5-15601"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 875948997f332c35-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 jquery-migrate.min.js Show response
noteslive.vip/wp-includes/js/jquery/ 13 KB
5 KB 37ms
35ms Script
application/javascript 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://noteslive.vip/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: noteslive.vip
URL: https://noteslive.vip/properties/sunsetcollection/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://noteslive.vip/properties/sunsetcollection/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 17 Apr 2024 03:21:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 11 Aug 2023 13:09:50 GMT
server: cloudflare
age: 364089
etag: W/"64d6331e-3509"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 875948997f342c35-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 apbct-public-bundle.min.js Show response
noteslive.vip/wp-content/plugins/cleantalk-spam-protect/js/ 60 KB
16 KB 38ms
36ms Script
application/javascript 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://noteslive.vip/wp-content/plugins/cleantalk-spam-protect/js/apbct-public-bundle.min.js?ver=6.30
Requested by: Host: noteslive.vip
URL: https://noteslive.vip/properties/sunsetcollection/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7bfddafd9c981f2277a76f7f0613a3146343bd66777a26e9c7c1097d9a148741

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://noteslive.vip/properties/sunsetcollection/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 17 Apr 2024 03:21:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 07 Apr 2024 15:44:40 GMT
server: cloudflare
age: 364089
etag: W/"6612bf68-f045"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 875948997f352c35-FRA
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK ct-bot-detector-wrapper.js Show response
moderate.cleantalk.org/ 382 B
733 B 85ms
32ms Script
application/javascript 2a01:4f8:c17:103c::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://moderate.cleantalk.org/ct-bot-detector-wrapper.js?ver=6.30
Requested by: Host: noteslive.vip
URL: https://noteslive.vip/properties/sunsetcollection/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:4f8:c17:103c::1 Bad Soden-Salmuenster, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: 7d8bc5e59ebb8f4c3f335b2db8008553c3f88599c67eba2fb5d2f35fd0ab2e59

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://noteslive.vip/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 17 Apr 2024 03:21:11 GMT
Last-Modified: Wed, 31 Jan 2024 07:45:22 GMT
Server: nginx
ETag: "65b9fa92-17e"
Content-Type: application/javascript
Access-Control-Allow-Origin: : *
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 382
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 v4-shims.min.js Show response
noteslive.vip/wp-content/plugins/elementor/assets/lib/font-awesome/js/ 15 KB
4 KB 41ms
40ms Script
application/javascript 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://noteslive.vip/wp-content/plugins/elementor/assets/lib/font-awesome/js/v4-shims.min.js?ver=3.21.0
Requested by: Host: noteslive.vip
URL: https://noteslive.vip/properties/sunsetcollection/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f35273b8502706ee06854d797337ab40bc1b3a7421960a2ceb5392ac85a0f54

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://noteslive.vip/properties/sunsetcollection/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 17 Apr 2024 03:21:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 15 Apr 2024 14:09:03 GMT
server: cloudflare
age: 128400
etag: W/"661d34ff-3ae1"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 875948997f362c35-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 217 KB
80 KB 81ms
36ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-RE4DQ039LT

Requested by

Host: noteslive.vip
URL: https://noteslive.vip/properties/sunsetcollection/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b35b7a047b0b9fe81847eb415079eeae347f19cab08236746b5839897440eb8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://noteslive.vip/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 17 Apr 2024 03:21:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81496
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 17 Apr 2024 03:21:12 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 249 KB
86 KB 66ms
21ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-11305234616

Requested by

Host: noteslive.vip
URL: https://noteslive.vip/properties/sunsetcollection/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

da96b12617ce83e0562918004b9bc04f8403a87c004a7c8558260037aaf4e8c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://noteslive.vip/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 17 Apr 2024 03:21:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 87819
x-xss-protection: 0
last-modified: Wed, 17 Apr 2024 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 17 Apr 2024 03:21:12 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 296 KB
98 KB 84ms
39ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-MHF0PLLHHY

Requested by

Host: noteslive.vip
URL: https://noteslive.vip/properties/sunsetcollection/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fd842f89e2bd55034a8c3c63f289619df49270681112e23ec4b42e45e5a63f8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://noteslive.vip/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 17 Apr 2024 03:21:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 100405
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 17 Apr 2024 03:21:12 GMT

GET
H2 200 Notes_Live.js Show response
tag.brandcdn.com/autoscript/noteslive_vfhwuk5vnuvvvfe9/ 2 KB
2 KB 78ms
8ms Script
application/javascript 2600:9000:225e:1600:7:e536:8b00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.brandcdn.com/autoscript/noteslive_vfhwuk5vnuvvvfe9/Notes_Live.js
Requested by: Host: noteslive.vip
URL: https://noteslive.vip/properties/sunsetcollection/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:1600:7:e536:8b00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3d5a00e566b182d56ec3d8d32c34be296634f20333811caa7affd90c8dd2b9b2

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://noteslive.vip/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 10:44:44 GMT
x-amz-version-id: vpybZmFqODUtH2kUwvahIzA6Fh.2cMim
via: 1.1 dde951f556570d42a581084479d8b0e8.cloudfront.net (CloudFront)
last-modified: Fri, 12 Apr 2024 22:33:48 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 59788
etag: "f475ec12ce143931f2210116757926dd"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 1706
x-amz-cf-id: jWncRcPyTiqI2NfEKUtiNc2rYXfN7mYIYV_JtPwi5_tDi5BuQR69vA==

GET
H3 200 cropped-cropped-cropped-Notes-logo-FNL-01.webp
noteslive.vip/wp-content/uploads/2023/06/ 35 KB
35 KB 22ms
21ms Image
image/webp 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://noteslive.vip/wp-content/uploads/2023/06/cropped-cropped-cropped-Notes-logo-FNL-01.webp
Requested by: Host: noteslive.vip
URL: https://noteslive.vip/properties/sunsetcollection/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c946e6fbc260b4d76da35ae6c0846dc47345e31c838f1ed5bf84bd9066401f0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://noteslive.vip/properties/sunsetcollection/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 17 Apr 2024 03:21:11 GMT
cf-cache-status: HIT
last-modified: Wed, 26 Jul 2023 18:33:12 GMT
server: cloudflare
age: 364089
etag: "64c166e8-8aa4"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 875948997f372c35-FRA
alt-svc: h3=":443"; ma=86400
content-length: 35492

GET
H3 200 Logo.png
noteslive.vip/wp-content/uploads/2023/07/ 11 KB
11 KB 42ms
41ms Image
image/webp 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://noteslive.vip/wp-content/uploads/2023/07/Logo.png
Requested by: Host: noteslive.vip
URL: https://noteslive.vip/properties/sunsetcollection/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e9f4a09a28dc6e0a980890ca515b704435e8d17b0ed321e5dd1c0ce5619cbd37

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://noteslive.vip/properties/sunsetcollection/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 17 Apr 2024 03:21:11 GMT
cf-cache-status: HIT
age: 364089
cf-polished: origFmt=png, origSize=13686
content-disposition: inline; filename="Logo.webp"
alt-svc: h3=":443"; ma=86400
content-length: 10814
cf-bgj: imgq:100,h2pri
last-modified: Thu, 27 Jul 2023 03:52:49 GMT
server: cloudflare
etag: "64c1ea11-3576"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 875948997f382c35-FRA

GET
H3 200 377-BBST_View_001-2-2-1.webp
noteslive.vip/wp-content/uploads/2023/07/ 52 KB
52 KB 533ms
532ms Image
image/webp 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://noteslive.vip/wp-content/uploads/2023/07/377-BBST_View_001-2-2-1.webp
Requested by: Host: noteslive.vip
URL: https://noteslive.vip/properties/sunsetcollection/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a62747da3f31e2aaf8c74b21e28893d57a6601d152d109f915dcd0387152bbc

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://noteslive.vip/properties/sunsetcollection/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 17 Apr 2024 03:21:12 GMT
cf-cache-status: MISS
last-modified: Wed, 26 Jul 2023 18:33:21 GMT
server: cloudflare
etag: "64c166f1-cfdc"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 875948997f3b2c35-FRA
alt-svc: h3=":443"; ma=86400
content-length: 53212

GET
H3 200 print-style.css
noteslive.vip/wp-content/themes/appetite/assets/css/ 561 B
498 B 43ms
41ms Stylesheet
text/css 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://noteslive.vip/wp-content/themes/appetite/assets/css/print-style.css?ver=1.0.0
Requested by: Host: noteslive.vip
URL: https://noteslive.vip/properties/sunsetcollection/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 58e01410e25acbbd6777bd634d1bb085b09b69c86a5da48de83b8c52c9a5d883

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://noteslive.vip/properties/sunsetcollection/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 17 Apr 2024 03:21:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 26 Jul 2023 18:34:42 GMT
server: cloudflare
age: 364086
etag: W/"64c16742-231"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8759489a1fa32c35-FRA
alt-svc: h3=":443"; ma=86400

GET
BLOB 200
OK f8c7af71-e046-4668-bde9-ecf37f24c091
https://noteslive.vip/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://noteslive.vip/f8c7af71-e046-4668-bde9-ecf37f24c091
Requested by: Host: noteslive.vip
URL: https://noteslive.vip/properties/sunsetcollection/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Length: 1185
Content-Type: text/javascript

GET
H3 200 Fire-Pit_RT-1920-tiny-2048x1249.jpg
noteslive.vip/wp-content/uploads/2023/08/ 437 KB
438 KB 574ms
573ms Image
image/jpeg 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://noteslive.vip/wp-content/uploads/2023/08/Fire-Pit_RT-1920-tiny-2048x1249.jpg
Requested by: Host: noteslive.vip
URL: https://noteslive.vip/properties/sunsetcollection/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ad7a6ea9e76cd71a2d9f58f947e3da89eeef57912d186c6df26c20f96f18132

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://noteslive.vip/properties/sunsetcollection/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 17 Apr 2024 03:21:12 GMT
cf-cache-status: MISS
last-modified: Fri, 11 Aug 2023 04:02:16 GMT
server: cloudflare
etag: "64d5b2c8-6d5c2"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 87594899df642c35-FRA
alt-svc: h3=":443"; ma=86400
content-length: 447938

GET
H3 200 Roths_View_001-2-cropped-2048x721.png
noteslive.vip/wp-content/uploads/2023/07/ 1 MB
1 MB 659ms
659ms Image
image/png 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://noteslive.vip/wp-content/uploads/2023/07/Roths_View_001-2-cropped-2048x721.png
Requested by: Host: noteslive.vip
URL: https://noteslive.vip/properties/sunsetcollection/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: b3d01bdc432ba8b685dbe0741f084da14b2d706938734242ed1b7585bbe07d4e

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://noteslive.vip/properties/sunsetcollection/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 17 Apr 2024 03:21:12 GMT
cf-cache-status: MISS
last-modified: Thu, 27 Jul 2023 03:40:30 GMT
server: cloudflare
etag: "64c1e72e-154b46"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 87594899df682c35-FRA
alt-svc: h3=":443"; ma=86400
content-length: 1395526

GET
H3 200 v2.js Show response
js.hsforms.net/forms/embed/ 482 KB
154 KB 57ms
19ms Script
application/javascript 104.18.142.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsforms.net/forms/embed/v2.js

Requested by

Host: noteslive.vip
URL: https://noteslive.vip/properties/sunsetcollection/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.142.119 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f171db8dc0eb7cec86c84ceac278dbf2fbe33770334635a2703186d14f4828b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://noteslive.vip/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: br
age: 533
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=forms-embed/static-1.5064/bundles/project-v2.js&cfRay=87593b9459a33735-FRA
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"b0047a8901d8ed9f81db3dcb5982114e"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: s-maxage=600, max-age=300
x-hs-target-asset: forms-embed/static-1.5064/bundles/project-v2.js
date: Wed, 17 Apr 2024 03:21:12 GMT
x-amz-version-id: 4lHA5dnNobe4YqKec9CE2kPtPUzRSBNR
via: 1.1 f57a09c5455a80253c61001d750462e6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: IAD12-P3
x-hubspot-correlation-id: cbeaa51d-1fda-4c88-83c7-ca997fd482db
x-cache: Hit from cloudfront
cache-tag: staticjsapp-forms-embed-v2-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 2
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-request-id: cbeaa51d-1fda-4c88-83c7-ca997fd482db
last-modified: Wed, 03 Apr 2024 11:15:05 UTC
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iA3yCpFNVXwGsWzV8O66JYAP%2FCR1EoAsOkNCL1i0Khi9Aql6SxepPVqBiNUHEy3i3hk4zygsQEP2jJjvSliice6sBAXzE1pxQXUstKQrp9b36dVoM6U2fyPwFgWETpVV"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status: HIT
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-68b7f7fbff-72bsp
cf-ray: 8759489a4ba071d3-FRA
x-amz-cf-id: ZiZvt-SIOr-HQFgHUDQRAgom4VF0wXNgtlgSrcSGLjv7fVA7aVwuGA==

GET
H/1.1 200
OK ebf001445e69f9a9993872fd246ebd99.gif
moderate9-v4.cleantalk.org/pixel/ 43 B
256 B 312ms
92ms Image
image/gif 51.81.55.251
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://moderate9-v4.cleantalk.org/pixel/ebf001445e69f9a9993872fd246ebd99.gif
Requested by: Host: noteslive.vip
URL: https://noteslive.vip/properties/sunsetcollection/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.81.55.251 , United States, ASN16276 (OVH, FR),
Reverse DNS: moderate9.cleantalk.org
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://noteslive.vip/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 17 Apr 2024 03:21:12 GMT
X-Server-IP: 51.81.55.251
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H3 200 fontawesome.min.css
noteslive.vip/wp-content/plugins/elementor/assets/lib/font-awesome/css/ 57 KB
13 KB 19ms
18ms Stylesheet
text/css 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://noteslive.vip/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3
Requested by: Host: noteslive.vip
URL: https://noteslive.vip/properties/sunsetcollection/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: fafc4160788beca657ec3e3041976281fb6d54a0e82bb4d22a433f7c6bb8b1d6

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://noteslive.vip/properties/sunsetcollection/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 17 Apr 2024 03:21:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 11 Apr 2024 02:08:01 GMT
server: cloudflare
age: 364090
etag: W/"66174601-e2d7"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8759489a0f852c35-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 solid.min.css
noteslive.vip/wp-content/plugins/elementor/assets/lib/font-awesome/css/ 669 B
510 B 21ms
18ms Stylesheet
text/css 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://noteslive.vip/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
Requested by: Host: noteslive.vip
URL: https://noteslive.vip/properties/sunsetcollection/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 37bab6cd583982e8eff58501a99d7c5c4d63664c1ca34f9e3b7cf526c5b73ae2

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://noteslive.vip/properties/sunsetcollection/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 17 Apr 2024 03:21:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 11 Apr 2024 02:08:01 GMT
server: cloudflare
age: 364090
etag: W/"66174601-29d"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8759489a0f882c35-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 eb-blocks-localize.js Show response
noteslive.vip/wp-content/plugins/essential-blocks/assets/js/ 0
160 B 22ms
19ms Script
application/javascript 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://noteslive.vip/wp-content/plugins/essential-blocks/assets/js/eb-blocks-localize.js?ver=4.5.9
Requested by: Host: noteslive.vip
URL: https://noteslive.vip/properties/sunsetcollection/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://noteslive.vip/properties/sunsetcollection/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 17 Apr 2024 03:21:12 GMT
cf-cache-status: HIT
last-modified: Sun, 14 Apr 2024 15:35:37 GMT
server: cloudflare
age: 206095
etag: "661bf7c9-0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8759489a0f8a2c35-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 custom-script.js Show response
noteslive.vip/wp-content/themes/appetite-child/assets/js/ 6 KB
2 KB 23ms
19ms Script
application/javascript 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://noteslive.vip/wp-content/themes/appetite-child/assets/js/custom-script.js?ver=1
Requested by: Host: noteslive.vip
URL: https://noteslive.vip/properties/sunsetcollection/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf9a7db0abd9b375ac54148d627c53f22bc3f339a02e033824f72c685f6b7678

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://noteslive.vip/properties/sunsetcollection/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 17 Apr 2024 03:21:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 26 Jul 2023 18:33:06 GMT
server: cloudflare
age: 364087
etag: W/"64c166e2-1766"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8759489a0f8d2c35-FRA
alt-svc: h3=":443"; ma=86400

GET
H2

200

isotope.pkgd.min.js Show response
unpkg.com/isotope-layout@3.0.6/dist/
Redirect Chain

https://unpkg.com/isotope-layout@3/dist/isotope.pkgd.min.js?ver=1
https://unpkg.com/isotope-layout@3/dist/isotope.pkgd.min.js
https://unpkg.com/isotope-layout@3.0.6/dist/isotope.pkgd.min.js

35 KB
10 KB

19ms
18ms

Script
application/javascript

2606:4700::6811:f5cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/isotope-layout@3.0.6/dist/isotope.pkgd.min.js

Requested by

Host: noteslive.vip
URL: https://noteslive.vip/properties/sunsetcollection/

Protocol

Server

2606:4700::6811:f5cb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

081ae9baaacc857c1c2cb51de6dbd0e1eb811c2761ef01a50df373f2f6eefe22

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://noteslive.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date: Wed, 17 Apr 2024 03:21:12 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 2971262
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01HRWFHER0CR41YT93JDY2H2C4-fra
server: cloudflare
etag: W/"8a75-xOWZTyTujI0s8tZgLwtWuQlqLpg"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8759489a98933618-FRA

Redirect headers

date: Wed, 17 Apr 2024 03:21:12 GMT
content-encoding: br
via: 1.1 fly.io
cf-cache-status: HIT
fly-request-id: 01HVN11QE6BV53MY122HZ7T6TG-fra
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 115
server: cloudflare
vary: Accept, Accept-Encoding
content-type: text/html; charset=utf-8
access-control-allow-origin: *
location: /isotope-layout@3.0.6/dist/isotope.pkgd.min.js
cache-control: public, s-maxage=600, max-age=60
cf-ray: 8759489a68833618-FRA

GET
H3 200 fit-rows.js Show response
noteslive.vip/wp-content/themes/appetite-child/assets/js/ 3 KB
1 KB 29ms
24ms Script
application/javascript 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://noteslive.vip/wp-content/themes/appetite-child/assets/js/fit-rows.js?ver=1
Requested by: Host: noteslive.vip
URL: https://noteslive.vip/properties/sunsetcollection/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7ea7d4a302f9b992ce65d4c6a615c0b995b5ce4aab2be3ecd84a46d9412a51f

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://noteslive.vip/properties/sunsetcollection/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 17 Apr 2024 03:21:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 26 Jul 2023 18:33:36 GMT
server: cloudflare
age: 364087
etag: W/"64c16700-c4f"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8759489a1f8f2c35-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 appetite.js Show response
noteslive.vip/wp-content/themes/appetite/assets/js/public/ 14 KB
4 KB 41ms
37ms Script
application/javascript 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://noteslive.vip/wp-content/themes/appetite/assets/js/public/appetite.js?ver=2.2.3
Requested by: Host: noteslive.vip
URL: https://noteslive.vip/properties/sunsetcollection/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6609c0152be15344bf8617a2da561d98d8d061136753fcb9e9765a1d9b4a7c9

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://noteslive.vip/properties/sunsetcollection/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 17 Apr 2024 03:21:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 26 Jul 2023 18:33:13 GMT
server: cloudflare
age: 364086
etag: W/"64c166e9-363e"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8759489a1f912c35-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 general.min.js Show response
noteslive.vip/wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/js/view/ 10 KB
4 KB 24ms
19ms Script
application/javascript 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://noteslive.vip/wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/js/view/general.min.js?ver=5.9.15
Requested by: Host: noteslive.vip
URL: https://noteslive.vip/properties/sunsetcollection/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc9ce60ecd8ad81f4255baec05cee96d4a32f484f1cc6975e11ac87a5de667f2

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://noteslive.vip/properties/sunsetcollection/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 17 Apr 2024 03:21:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 14 Apr 2024 15:35:36 GMT
server: cloudflare
age: 206094
etag: W/"661bf7c8-282f"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8759489a1f922c35-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 eael-8819.js Show response
noteslive.vip/wp-content/uploads/essential-addons-elementor/ 0
153 B 473ms
470ms Script
application/javascript 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://noteslive.vip/wp-content/uploads/essential-addons-elementor/eael-8819.js?ver=1712925117
Requested by: Host: noteslive.vip
URL: https://noteslive.vip/properties/sunsetcollection/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://noteslive.vip/properties/sunsetcollection/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 17 Apr 2024 03:21:12 GMT
cf-cache-status: MISS
last-modified: Sun, 14 Apr 2024 15:37:28 GMT
server: cloudflare
etag: "661bf838-0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8759489a1f932c35-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 eael-7321.js Show response
noteslive.vip/wp-content/uploads/essential-addons-elementor/ 6 KB
2 KB 431ms
427ms Script
application/javascript 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://noteslive.vip/wp-content/uploads/essential-addons-elementor/eael-7321.js?ver=1712925117
Requested by: Host: noteslive.vip
URL: https://noteslive.vip/properties/sunsetcollection/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: dbbd735fd657af996e065eac67ae2842e3bff3f8c47d57d97dc3dd5e23dd85c1

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://noteslive.vip/properties/sunsetcollection/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 17 Apr 2024 03:21:12 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 14 Apr 2024 15:36:25 GMT
server: cloudflare
etag: W/"661bf7f9-18b8"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8759489a1f942c35-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 webpack-pro.runtime.min.js Show response
noteslive.vip/wp-content/plugins/elementor-pro/assets/js/ 6 KB
3 KB 38ms
34ms Script
application/javascript 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://noteslive.vip/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.21.0
Requested by: Host: noteslive.vip
URL: https://noteslive.vip/properties/sunsetcollection/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 969e71d2c58889efb61cd106846e486fd055c9e94c3ad19ca545fce0ea709e1f

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://noteslive.vip/properties/sunsetcollection/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 17 Apr 2024 03:21:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 16 Apr 2024 02:07:55 GMT
server: cloudflare
age: 73709
etag: W/"661ddd7b-16c1"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8759489a1f952c35-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 webpack.runtime.min.js Show response
noteslive.vip/wp-content/plugins/elementor/assets/js/ 5 KB
2 KB 29ms
26ms Script
application/javascript 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://noteslive.vip/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.21.0
Requested by: Host: noteslive.vip
URL: https://noteslive.vip/properties/sunsetcollection/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 25ca7abf6b5b9becd0676818fde2d3b374badcff7867f95dbcbfebeac59a24c0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://noteslive.vip/properties/sunsetcollection/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 17 Apr 2024 03:21:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 15 Apr 2024 14:09:03 GMT
server: cloudflare
age: 128400
etag: W/"661d34ff-1385"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8759489a1f962c35-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 frontend-modules.min.js Show response
noteslive.vip/wp-content/plugins/elementor/assets/js/ 62 KB
18 KB 33ms
30ms Script
application/javascript 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://noteslive.vip/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.21.0
Requested by: Host: noteslive.vip
URL: https://noteslive.vip/properties/sunsetcollection/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 88a55f2f63b0693a5e880094799388b608eb0a80f666a7e8460f2ac82e7b3da5

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://noteslive.vip/properties/sunsetcollection/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 17 Apr 2024 03:21:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 15 Apr 2024 14:09:03 GMT
server: cloudflare
age: 128400
etag: W/"661d34ff-f721"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8759489a1f972c35-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 wp-polyfill-inert.min.js Show response
noteslive.vip/wp-includes/js/dist/vendor/ 8 KB
3 KB 28ms
25ms Script
application/javascript 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://noteslive.vip/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2
Requested by: Host: noteslive.vip
URL: https://noteslive.vip/properties/sunsetcollection/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://noteslive.vip/properties/sunsetcollection/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 17 Apr 2024 03:21:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 26 Jul 2023 18:34:33 GMT
server: cloudflare
age: 364086
etag: W/"64c16739-1feb"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8759489a1f982c35-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 regenerator-runtime.min.js Show response
noteslive.vip/wp-includes/js/dist/vendor/ 6 KB
3 KB 31ms
28ms Script
application/javascript 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://noteslive.vip/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0
Requested by: Host: noteslive.vip
URL: https://noteslive.vip/properties/sunsetcollection/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://noteslive.vip/properties/sunsetcollection/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 17 Apr 2024 03:21:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 13 Nov 2023 12:00:53 GMT
server: cloudflare
age: 364086
etag: W/"65520ff5-19e1"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8759489a1f992c35-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 wp-polyfill.min.js Show response
noteslive.vip/wp-includes/js/dist/vendor/ 38 KB
14 KB 30ms
27ms Script
application/javascript 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://noteslive.vip/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
Requested by: Host: noteslive.vip
URL: https://noteslive.vip/properties/sunsetcollection/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 17b79ece7ef9d1454a90156690d33d64387b67a7a7548fc826012512e287a937

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://noteslive.vip/properties/sunsetcollection/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 17 Apr 2024 03:21:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 07 Apr 2024 16:37:58 GMT
server: cloudflare
age: 364086
etag: W/"6612cbe6-96be"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8759489a1f9a2c35-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 hooks.min.js Show response
noteslive.vip/wp-includes/js/dist/ 4 KB
2 KB 38ms
35ms Script
application/javascript 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://noteslive.vip/wp-includes/js/dist/hooks.min.js?ver=2810c76e705dd1a53b18
Requested by: Host: noteslive.vip
URL: https://noteslive.vip/properties/sunsetcollection/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2cb546fbdda7995d374fffa4b2f6530bbcf57d014639ddf76de45df43d593045

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://noteslive.vip/properties/sunsetcollection/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 17 Apr 2024 03:21:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 07 Apr 2024 16:37:58 GMT
server: cloudflare
age: 364086
etag: W/"6612cbe6-10d3"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8759489a1f9b2c35-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 i18n.min.js Show response
noteslive.vip/wp-includes/js/dist/ 9 KB
4 KB 32ms
29ms Script
application/javascript 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://noteslive.vip/wp-includes/js/dist/i18n.min.js?ver=5e580eb46a90c2b997e6
Requested by: Host: noteslive.vip
URL: https://noteslive.vip/properties/sunsetcollection/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f313d12ea6124bd28fc4a6b7163d253bb83d5aeab5edce594880c5c3df475cbc

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://noteslive.vip/properties/sunsetcollection/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 17 Apr 2024 03:21:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 07 Apr 2024 16:37:58 GMT
server: cloudflare
age: 364086
etag: W/"6612cbe6-23b5"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8759489a1f9c2c35-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 frontend.min.js Show response
noteslive.vip/wp-content/plugins/elementor-pro/assets/js/ 24 KB
7 KB 38ms
35ms Script
application/javascript 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://noteslive.vip/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.21.0
Requested by: Host: noteslive.vip
URL: https://noteslive.vip/properties/sunsetcollection/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9a9329601265904d54c430182763d17b07563554581039a81ccd75dc74562a1

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://noteslive.vip/properties/sunsetcollection/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 17 Apr 2024 03:21:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 16 Apr 2024 02:07:55 GMT
server: cloudflare
age: 73709
etag: W/"661ddd7b-61ea"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8759489a1f9e2c35-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 waypoints.min.js Show response
noteslive.vip/wp-content/plugins/elementor/assets/lib/waypoints/ 12 KB
3 KB 45ms
42ms Script
application/javascript 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://noteslive.vip/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
Requested by: Host: noteslive.vip
URL: https://noteslive.vip/properties/sunsetcollection/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://noteslive.vip/properties/sunsetcollection/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 17 Apr 2024 03:21:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 11 Apr 2024 02:08:01 GMT
server: cloudflare
age: 364086
etag: W/"66174601-2fa6"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8759489a1f9f2c35-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 core.min.js Show response
noteslive.vip/wp-includes/js/jquery/ui/ 21 KB
7 KB 40ms
37ms Script
application/javascript 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://noteslive.vip/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
Requested by: Host: noteslive.vip
URL: https://noteslive.vip/properties/sunsetcollection/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca7dce2391845e8aec7da135f33fabd10f74eed28a532ac66fd01f761fcfb42f

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://noteslive.vip/properties/sunsetcollection/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 17 Apr 2024 03:21:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 26 Jul 2023 18:34:31 GMT
server: cloudflare
age: 364086
etag: W/"64c16737-53be"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8759489a1fa02c35-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 frontend.min.js Show response
noteslive.vip/wp-content/plugins/elementor/assets/js/ 39 KB
13 KB 43ms
41ms Script
application/javascript 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://noteslive.vip/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.21.0
Requested by: Host: noteslive.vip
URL: https://noteslive.vip/properties/sunsetcollection/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: ebd07e134eaa69ff679725da56a465facafc8a09c61ef8bf42ceead8f79f6562

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://noteslive.vip/properties/sunsetcollection/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 17 Apr 2024 03:21:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 15 Apr 2024 14:09:03 GMT
server: cloudflare
age: 128399
etag: W/"661d34ff-9c24"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8759489a1fa12c35-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 elements-handlers.min.js Show response
noteslive.vip/wp-content/plugins/elementor-pro/assets/js/ 37 KB
10 KB 36ms
33ms Script
application/javascript 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://noteslive.vip/wp-content/plugins/elementor-pro/assets/js/elements-handlers.min.js?ver=3.21.0
Requested by: Host: noteslive.vip
URL: https://noteslive.vip/properties/sunsetcollection/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a10ab2828a2618f138f34578efa80307b551fa2c318bbd3085622518fe89588

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://noteslive.vip/properties/sunsetcollection/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 17 Apr 2024 03:21:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 16 Apr 2024 02:07:55 GMT
server: cloudflare
age: 73709
etag: W/"661ddd7b-958a"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8759489a1fa22c35-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 owl.carousel.min.js Show response
cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.3.4/ 43 KB
11 KB 24ms
21ms Script
application/javascript 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.3.4/owl.carousel.min.js

Requested by

Host: noteslive.vip
URL: https://noteslive.vip/properties/sunsetcollection/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Origin: https://noteslive.vip
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 17 Apr 2024 03:21:12 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 298784
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 10158
last-modified: Mon, 04 May 2020 16:04:00 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03cf0-ad36"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F%2FMTDW3%2FGtv2tV1OGy2lXOxvoQ76aNWAF0nNcQBtxo8nd7RBf0XTRi7TW6RpC4783mE8J2Io9Z4EY8rI449%2Fl3dsRbo6njJktE5%2BLWG64Uxpqv%2B%2FSKRXzTSIzt5NN3VcCQVLPfxJ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8759489a1a5da031-FRA
expires: Mon, 07 Apr 2025 03:21:12 GMT

GET
H/1.1 200
OK ct-bot-detector.min.js Show response
moderate.cleantalk.org/1.1.19/ 13 KB
13 KB 21ms
20ms Script
application/javascript 2a01:4f8:c17:103c::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://moderate.cleantalk.org/1.1.19/ct-bot-detector.min.js
Requested by: Host: moderate.cleantalk.org
URL: https://moderate.cleantalk.org/ct-bot-detector-wrapper.js?ver=6.30
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:4f8:c17:103c::1 Bad Soden-Salmuenster, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: 14b042ee2dd1c20535bb4906e3d51aff57f7b80dd287dcd070e5312b3b318093

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://noteslive.vip/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 17 Apr 2024 03:21:12 GMT
Last-Modified: Wed, 31 Jan 2024 07:43:08 GMT
Server: nginx
ETag: "65b9fa0c-33f5"
Content-Type: application/javascript
Access-Control-Allow-Origin: : *
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13301
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 225 KB
81 KB 67ms
23ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W77JBSXK

Requested by

Host: noteslive.vip
URL: https://noteslive.vip/properties/sunsetcollection/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

baa63a55c0eff28356fa3cdf2a5cdc05fe67f8729e82a5e9a04faeba1c0d9648

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://noteslive.vip/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 17 Apr 2024 03:21:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 82904
x-xss-protection: 0
last-modified: Wed, 17 Apr 2024 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 17 Apr 2024 03:21:12 GMT

GET
H2 200 cv_pixel.js Show response
adservices.brandcdn.com/pixel/ 2 KB
1 KB 550ms
162ms Script
text/javascript 54.177.56.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adservices.brandcdn.com/pixel/cv_pixel.js
Requested by: Host: tag.brandcdn.com
URL: https://tag.brandcdn.com/autoscript/noteslive_vfhwuk5vnuvvvfe9/Notes_Live.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.177.56.40 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-177-56-40.us-west-1.compute.amazonaws.com
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: bc530c3c75bb87677cb79d645697759ea411ab9ca7ba55cb28d5e040ff44f603

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://noteslive.vip/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 17 Apr 2024 03:21:12 GMT
content-encoding: gzip
last-modified: Fri, 21 Apr 2023 11:03:33 GMT
server: Apache/2.4.52 (Ubuntu)
etag: "613-5f9d69bae4944-gzip"
vary: Accept-Encoding
content-type: text/javascript
accept-ranges: bytes
content-length: 745

GET
H/1.1

200
OK

iframe
d1eoo1tco6rr5e.cloudfront.net/i5bjofz/3iw741u/ Frame 975D
Redirect Chain

https://insight.adsrvr.org/tags/i5bjofz/3iw741u/iframe
https://d1eoo1tco6rr5e.cloudfront.net/i5bjofz/3iw741u/iframe

0
0

50ms
25ms

Document
text/html

18.66.186.148
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1eoo1tco6rr5e.cloudfront.net/i5bjofz/3iw741u/iframe
Requested by: Host: tag.brandcdn.com
URL: https://tag.brandcdn.com/autoscript/noteslive_vfhwuk5vnuvvvfe9/Notes_Live.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.186.148 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-186-148.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://noteslive.vip/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Accept-Ranges: bytes
Age: 37054
Cache-Control: max-age=86400
Connection: keep-alive
Content-Length: 138
Content-Type: text/html
Date: Wed, 17 Apr 2024 03:21:12 GMT
ETag: "a86f0341bffe9ea0c76b97ef26780120"
Last-Modified: Mon, 13 Feb 2023 18:48:49 GMT
Server: AmazonS3
Via: 1.1 551f2461af0b3bf4faaad831ee6e5b1e.cloudfront.net (CloudFront)
X-Amz-Cf-Id: CAbH2cg9U7oU34X4i0dd3_538Ykx2bbr3gxDyMNG0RBVHjpGDQTYdw==
X-Amz-Cf-Pop: MUC50-P1
X-Cache: Hit from cloudfront
x-amz-server-side-encryption: AES256

Redirect headers

content-length: 0
date: Wed, 17 Apr 2024 03:21:12 GMT
location: https://d1eoo1tco6rr5e.cloudfront.net/i5bjofz/3iw741u/iframe

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 218 KB
59 KB 51ms
7ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: tag.brandcdn.com
URL: https://tag.brandcdn.com/autoscript/noteslive_vfhwuk5vnuvvvfe9/Notes_Live.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

bda2cf571d7ea45f68afcdc87f968090dbf4bbdec2c7d6d19ce591b3980c296f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://noteslive.vip/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 17 Apr 2024 03:21:12 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57850
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=14, mss=1294, tbw=2787, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma: public
x-fb-debug: VPyRSWqPc0bvW5U5ndBmT9DBd1aSgEpVgX44E79NAnEUPK0fH+rGOcR07FATRGPtEo1VmGoYZiG4MjRf452Gug==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
insight.adsrvr.org/track/conv/ 70 B
148 B 102ms
32ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/conv/?adv=i5bjofz&ct=0:k6m8uay&fmt=3
Requested by: Host: noteslive.vip
URL: https://noteslive.vip/properties/sunsetcollection/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://noteslive.vip/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 17 Apr 2024 03:21:12 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2 200 /
insight.adsrvr.org/track/evnt/ 70 B
149 B 93ms
31ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/evnt/?adv=i5bjofz&ct=0:3iw741u&fmt=3
Requested by: Host: noteslive.vip
URL: https://noteslive.vip/properties/sunsetcollection/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://noteslive.vip/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 17 Apr 2024 03:21:12 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H/1.1

200
OK

iframe
d1eoo1tco6rr5e.cloudfront.net/i5bjofz/3iw741u/ Frame 44F4
Redirect Chain

https://insight.adsrvr.org/tags/i5bjofz/3iw741u/iframe
https://d1eoo1tco6rr5e.cloudfront.net/i5bjofz/3iw741u/iframe

0
0

50ms
50ms

Document
text/html

18.66.186.148
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1eoo1tco6rr5e.cloudfront.net/i5bjofz/3iw741u/iframe
Requested by: Host: tag.brandcdn.com
URL: https://tag.brandcdn.com/autoscript/noteslive_vfhwuk5vnuvvvfe9/Notes_Live.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.186.148 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-186-148.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://noteslive.vip/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Accept-Ranges: bytes
Age: 37054
Cache-Control: max-age=86400
Content-Length: 138
Content-Type: text/html
Date: Wed, 17 Apr 2024 03:21:12 GMT
ETag: "a86f0341bffe9ea0c76b97ef26780120"
Last-Modified: Mon, 13 Feb 2023 18:48:49 GMT
Server: AmazonS3
Via: 1.1 551f2461af0b3bf4faaad831ee6e5b1e.cloudfront.net (CloudFront)
X-Amz-Cf-Id: CAbH2cg9U7oU34X4i0dd3_538Ykx2bbr3gxDyMNG0RBVHjpGDQTYdw==
X-Amz-Cf-Pop: MUC50-P1
X-Cache: Hit from cloudfront
x-amz-server-side-encryption: AES256

Redirect headers

content-length: 0
date: Wed, 17 Apr 2024 03:21:12 GMT
location: https://d1eoo1tco6rr5e.cloudfront.net/i5bjofz/3iw741u/iframe

GET
H2 200 1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v29/ 47 KB
48 KB 44ms
9ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v29/1Ptug8zYS_SKggPNyC0ITw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CMontserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CLora%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRaleway%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CPoppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CInter%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.5.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8cbc049ddbd7ca67068451ce754401833499959c4c6ed7b98f664d42e0597808

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://noteslive.vip
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 10:42:03 GMT
x-content-type-options: nosniff
age: 319149
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48208
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 13 Apr 2025 10:42:03 GMT

GET
H3 200 Mask-group2-1.png
noteslive.vip/wp-content/uploads/2023/07/ 2 KB
3 KB 469ms
462ms Image
image/png 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://noteslive.vip/wp-content/uploads/2023/07/Mask-group2-1.png
Requested by: Host: noteslive.vip
URL: https://noteslive.vip/properties/sunsetcollection/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: cbf4c87fd61a95d81d4b2e8b84b520512d53fad1deeccde1581af72330e966af

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://noteslive.vip/properties/sunsetcollection/
Origin: https://noteslive.vip
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 17 Apr 2024 03:21:12 GMT
cf-cache-status: MISS
last-modified: Thu, 27 Jul 2023 04:12:27 GMT
server: cloudflare
etag: "64c1eeab-982"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8759489a4fb62c35-FRA
alt-svc: h3=":443"; ma=86400
content-length: 2434

GET
H3 200 Rectangle-1287.jpg
noteslive.vip/wp-content/uploads/2023/07/ 2 MB
2 MB 806ms
799ms Image
image/jpeg 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://noteslive.vip/wp-content/uploads/2023/07/Rectangle-1287.jpg
Requested by: Host: noteslive.vip
URL: https://noteslive.vip/properties/sunsetcollection/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 885a94e0f13e072c1cac958307d05a1da1dc7f21b8be360f283a34ce06e1295e

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://noteslive.vip/properties/sunsetcollection/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 17 Apr 2024 03:21:12 GMT
cf-cache-status: MISS
last-modified: Thu, 27 Jul 2023 04:49:52 GMT
server: cloudflare
etag: "64c1f770-1a88d6"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8759489a4fb82c35-FRA
alt-svc: h3=":443"; ma=86400
content-length: 1738966

GET
H3 200 Group-40273.webp
noteslive.vip/wp-content/uploads/2023/07/ 3 KB
3 KB 588ms
580ms Image
image/webp 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://noteslive.vip/wp-content/uploads/2023/07/Group-40273.webp
Requested by: Host: noteslive.vip
URL: https://noteslive.vip/properties/sunsetcollection/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1bd35b8a831b9e53e4a1faa8226375e690d2655ae4dd2356c737b98e16474ade

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://noteslive.vip/properties/sunsetcollection/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 17 Apr 2024 03:21:12 GMT
cf-cache-status: MISS
last-modified: Thu, 27 Jul 2023 04:52:13 GMT
server: cloudflare
etag: "64c1f7fd-aec"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8759489a4fb92c35-FRA
alt-svc: h3=":443"; ma=86400
content-length: 2796

GET
H2 200 pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 8 KB
8 KB 35ms
21ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://noteslive.vip
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 03:51:39 GMT
x-content-type-options: nosniff
age: 343773
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7748
x-xss-protection: 0
last-modified: Fri, 22 Mar 2024 00:01:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 13 Apr 2025 03:51:39 GMT

GET
H3 200 fa-solid-900.woff2
noteslive.vip/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/ 76 KB
77 KB 22ms
18ms Font
font/woff2 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://noteslive.vip/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
Requested by: Host: noteslive.vip
URL: https://noteslive.vip/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=3.21.0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://noteslive.vip/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=3.21.0
Origin: https://noteslive.vip
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 17 Apr 2024 03:21:12 GMT
cf-cache-status: HIT
last-modified: Thu, 11 Apr 2024 02:08:01 GMT
server: cloudflare
age: 364086
etag: "66174601-13174"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8759489a5fbb2c35-FRA
alt-svc: h3=":443"; ma=86400
content-length: 78196

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
32 KB 31ms
17ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat%3A400%2C400i%2C700%2C700i%7CLato%3A400%2C700%2C400italic%2C700italic&subset=latin%2Clatin-ext%2Ccyrillic%2Ccyrillic-ext&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://noteslive.vip
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 17:34:04 GMT
x-content-type-options: nosniff
age: 121628
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 15 Apr 2025 17:34:04 GMT

GET
H2 200 pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 8 KB
8 KB 38ms
24ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://noteslive.vip
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 10:16:35 GMT
x-content-type-options: nosniff
age: 320677
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7816
x-xss-protection: 0
last-modified: Fri, 22 Mar 2024 00:00:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 13 Apr 2025 10:16:35 GMT

GET
H2 200 pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 8 KB
8 KB 36ms
22ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://noteslive.vip
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 18:34:04 GMT
x-content-type-options: nosniff
age: 290828
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8000
x-xss-protection: 0
last-modified: Fri, 22 Mar 2024 00:00:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 13 Apr 2025 18:34:04 GMT

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v21/ 8 KB
8 KB 37ms
24ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://noteslive.vip
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 13:26:32 GMT
x-content-type-options: nosniff
age: 309280
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7884
x-xss-protection: 0
last-modified: Fri, 22 Mar 2024 00:00:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 13 Apr 2025 13:26:32 GMT

GET
H2 200 743752553931112 Show response
connect.facebook.net/signals/config/ 56 KB
12 KB 69ms
67ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/743752553931112?v=2.9.153&r=stable&domain=noteslive.vip&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5cbd62cb9381d7660c9887bdb364a82872160009c31299cec15defa729a50d5e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://noteslive.vip/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 17 Apr 2024 03:21:12 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=12, rtx=0, c=65, mss=1294, tbw=63224, tp=-1, tpl=-1, uplat=61, ullat=0
pragma: public
x-fb-debug: gOyArpW6uUF4VBxWZy5vA1e/h5jNXXF6R/EHI9cxornPfd6nESg1MN9HGghTE74EzLZdi/+Anbb208zR13hj/w==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 json Show response
forms.hsforms.com/embed/v3/form/20251493/ff203978-06bb-4354-9d13-4cb62c1c845d/ 14 KB
4 KB 156ms
137ms XHR
application/json 104.19.175.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hsforms.com/embed/v3/form/20251493/ff203978-06bb-4354-9d13-4cb62c1c845d/json?hs_static_app=forms-embed&hs_static_app_version=1.5064&X-HubSpot-Static-App-Info=forms-embed-1.5064

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/embed/v2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.175.188 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e42c1eac09e6ceeb8d579205cae4b81b8b55aeaddc2b907803b2dd14e37204aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept: application/json, text/plain, */*
Referer: https://noteslive.vip/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-origin-hublet: na1
date: Wed, 17 Apr 2024 03:21:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 8c16bf7f-e5d3-43ff-8114-87c172214e5f
x-envoy-upstream-service-time: 11
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 8c16bf7f-e5d3-43ff-8114-87c172214e5f
server: cloudflare
vary: origin
access-control-allow-methods: OPTIONS, GET
content-type: application/json;charset=utf-8
access-control-allow-origin: https://noteslive.vip
x-evy-trace-virtual-host: all
access-control-expose-headers: X-Origin-Hublet
access-control-max-age: 180
access-control-allow-credentials: false
cache-control: max-age=0, no-cache, no-store
x-robots-tag: none
access-control-allow-headers: *
cf-ray: 8759489aef3365d4-FRA
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-9fd6b4b-d69gq

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://noteslive.vip
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 03:50:46 GMT
x-content-type-options: nosniff
age: 343826
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 13 Apr 2025 03:50:46 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
252 B 40ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-RE4DQ039LT&gtm=45je44f0v874100276za200&_p=1713324072000&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&gdid=dZTNiMT&cid=391027083.1713324072&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1713324072&sct=1&seg=0&dl=https%3A%2F%2Fnoteslive.vip%2Fproperties%2Fsunsetcollection%2F&dt=Sunset%20Hospitality%20Collection&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=3839
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RE4DQ039LT
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://noteslive.vip/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 17 Apr 2024 03:21:12 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://noteslive.vip
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 292 KB
98 KB 28ms
27ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-MX17S4JR1K&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W77JBSXK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

eb624b7d5764158edcad0caf25180f052cb42fcf7d9bf383e4e8f29a53dae4c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://noteslive.vip/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 17 Apr 2024 03:21:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 100108
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 17 Apr 2024 03:21:12 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 346 KB
111 KB 32ms
31ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-327521584&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W77JBSXK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ecf9b1403365e3fdb035f94afb4d33335379cc444472d9fa76f4c250cb85c18b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://noteslive.vip/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 17 Apr 2024 03:21:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 113667
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 17 Apr 2024 03:21:12 GMT

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/11305234616/ 3 KB
2 KB 53ms
28ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/11305234616/?random=1713324072171&cv=11&fst=1713324072171&bg=ffffff&guid=ON&async=1&gtm=45be44f0za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fnoteslive.vip%2Fproperties%2Fsunsetcollection%2F&label=tRxpCIKS59MYELjh4I4q&hn=www.googleadservices.com&frm=0&tiba=Sunset%20Hospitality%20Collection&did=dZTNiMT&gdid=dZTNiMT&npa=1&pscdl=noapi&auid=1816245810.1713324072&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&ec_mode=a&fdr=SA&data=event%3Dconversion&em=tv.1&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11305234616

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

05101c075a872a7a564e9b78087af9b30ec8b00eeb67560fd0e45473487c60dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://noteslive.vip/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 17 Apr 2024 03:21:12 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1585
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 15ms
15ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-MHF0PLLHHY&gtm=45je44f0v898439239za200&_p=1713324072000&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&gdid=dZTNiMT&cid=391027083.1713324072&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1713324072&sct=1&seg=0&dl=https%3A%2F%2Fnoteslive.vip%2Fproperties%2Fsunsetcollection%2F&dt=Sunset%20Hospitality%20Collection&en=page_view&_fv=1&_ss=1&_ee=1&tfd=3875
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MHF0PLLHHY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://noteslive.vip/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 17 Apr 2024 03:21:12 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://noteslive.vip
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 6161135984013065 Show response
connect.facebook.net/signals/config/ 20 KB
3 KB 64ms
64ms Script
application/x-javascript 157.240.252.13
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/6161135984013065?v=2.9.153&r=stable&domain=noteslive.vip&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105%2C184%2C183%2C185%2C190%2C191%2C192%2C188%2C180%2C122%2C150%2C179%2C181%2C113%2C144%2C135%2C139%2C119%2C174%2C216%2C106%2C217%2C152%2C110%2C133%2C126%2C114

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra3.fbcdn.net

Software

Resource Hash

37975b86f4fdb264b7ca4b88a050340eea8934411599fb1ea81c5b6cc79c314d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://noteslive.vip/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 17 Apr 2024 03:21:12 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=7, rtx=0, c=23, mss=1232, tbw=4629, tp=12, tpl=0, uplat=57, ullat=0
pragma: public
x-fb-debug: u4kvn6nUHsLy9XpSFAERYBoZQUBC2+ZZkav2GuqeNbUpd4iIurSoJXj21Kbj6R+osMIAYEMc8k3XeqJ3JKMXnw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
273 B 28ms
7ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=743752553931112&ev=PageView&dl=https%3A%2F%2Fnoteslive.vip%2Fproperties%2Fsunsetcollection%2F&rl=&if=false&ts=1713324072217&sw=1600&sh=1200&v=2.9.153&r=stable&ec=0&o=4126&fbp=fb.1.1713324072217.116948732&ler=empty&cdl=API_unavailable&it=1713324072083&coo=false&rqm=GET

Requested by

Host: noteslive.vip
URL: https://noteslive.vip/properties/sunsetcollection/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://noteslive.vip/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=10, mss=1294, tbw=2759, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 17 Apr 2024 03:21:12 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 14ms
13ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-MX17S4JR1K&gtm=45je44f0v9118603362z89135183502za200&_p=1713324072000&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=391027083.1713324072&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1713324072&sct=1&seg=0&dl=https%3A%2F%2Fnoteslive.vip%2Fproperties%2Fsunsetcollection%2F&dt=Sunset%20Hospitality%20Collection&en=page_view&_fv=1&_ss=1&tfd=3922
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MX17S4JR1K&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://noteslive.vip/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 17 Apr 2024 03:21:12 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://noteslive.vip
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-conversion/11305234616/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11305234616/?random=294249009&cv=11&fst=1713324072171&bg=ffffff&guid=ON&async=1&gtm=45be44f0za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=...
https://www.google.com/pagead/1p-conversion/11305234616/?random=294249009&cv=11&fst=1713324072171&bg=ffffff&guid=ON&async=1&gtm=45be44f0za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&u...
https://www.google.de/pagead/1p-conversion/11305234616/?random=294249009&cv=11&fst=1713324072171&bg=ffffff&guid=ON&async=1&gtm=45be44f0za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&ur...

42 B
64 B

36ms
21ms

Image
image/gif

216.58.206.35
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/11305234616/?random=294249009&cv=11&fst=1713324072171&bg=ffffff&guid=ON&async=1&gtm=45be44f0za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fnoteslive.vip%2Fproperties%2Fsunsetcollection%2F&label=tRxpCIKS59MYELjh4I4q&hn=www.googleadservices.com&frm=0&tiba=Sunset%20Hospitality%20Collection&did=dZTNiMT&gdid=dZTNiMT&npa=1&pscdl=noapi&auid=1816245810.1713324072&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&ec_mode=a&fdr=SA&data=event%3Dconversion&em=tv.1&fmt=3&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECCJjBsQI&pscrd=IhMInILWxaXIhQMVr-MRCB2s4wgTMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6Fmh0dHBzOi8vbm90ZXNsaXZlLnZpcC8&is_vtc=1&cid=CAQSGwB7FLtq_Uo6Lk_sXYc8jiHUau1XW-n2RL3Ncg&random=3145234867&ipr=y

Requested by

Host: noteslive.vip
URL: https://noteslive.vip/properties/sunsetcollection/

Protocol

Server

216.58.206.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://noteslive.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Apr 2024 03:21:12 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 17 Apr 2024 03:21:12 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/11305234616/?random=294249009&cv=11&fst=1713324072171&bg=ffffff&guid=ON&async=1&gtm=45be44f0za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fnoteslive.vip%2Fproperties%2Fsunsetcollection%2F&label=tRxpCIKS59MYELjh4I4q&hn=www.googleadservices.com&frm=0&tiba=Sunset%20Hospitality%20Collection&did=dZTNiMT&gdid=dZTNiMT&npa=1&pscdl=noapi&auid=1816245810.1713324072&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&ec_mode=a&fdr=SA&data=event%3Dconversion&em=tv.1&fmt=3&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECCJjBsQI&pscrd=IhMInILWxaXIhQMVr-MRCB2s4wgTMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6Fmh0dHBzOi8vbm90ZXNsaXZlLnZpcC8&is_vtc=1&cid=CAQSGwB7FLtq_Uo6Lk_sXYc8jiHUau1XW-n2RL3Ncg&random=3145234867&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
103 B 8ms
8ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=6161135984013065&ev=PageView&dl=https%3A%2F%2Fnoteslive.vip%2Fproperties%2Fsunsetcollection%2F&rl=&if=false&ts=1713324072285&sw=1600&sh=1200&v=2.9.153&r=stable&a=tmgoogletagmanager&ec=0&o=4126&fbp=fb.1.1713324072217.116948732&ler=empty&cdl=API_unavailable&it=1713324072083&coo=false&rqm=GET

Requested by

Host: noteslive.vip
URL: https://noteslive.vip/properties/sunsetcollection/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://noteslive.vip/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=10, rtx=0, c=10, mss=1294, tbw=3111, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 17 Apr 2024 03:21:12 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 wp-emoji-release.min.js Show response
noteslive.vip/wp-includes/js/ 18 KB
5 KB 16ms
16ms Script
application/javascript 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://noteslive.vip/wp-includes/js/wp-emoji-release.min.js?ver=6.5.2
Requested by: Host: noteslive.vip
URL: https://noteslive.vip/properties/sunsetcollection/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://noteslive.vip/properties/sunsetcollection/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 17 Apr 2024 03:21:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 07 Apr 2024 16:37:58 GMT
server: cloudflare
age: 206091
etag: W/"6612cbe6-4926"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8759489d28e62c35-FRA
alt-svc: h3=":443"; ma=86400

POST
H/1.1 200
OK api2.0 Show response
moderate.cleantalk.org/ 153 B
386 B 343ms
306ms XHR
application/json 2a01:4f8:c17:103c::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://moderate.cleantalk.org/api2.0
Requested by: Host: moderate.cleantalk.org
URL: https://moderate.cleantalk.org/1.1.19/ct-bot-detector.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:4f8:c17:103c::1 Bad Soden-Salmuenster, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: c70978cae1df20cdd61cf5a07b34a6bbf7e37459f584bbf5e5b9480fa7b8546f

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://noteslive.vip/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 17 Apr 2024 03:21:12 GMT
X-Server-IP: 2a01:4f8:c17:103c::1
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/json

GET
H3 304 v2.js Show response
js.hsforms.net/forms/embed/ Frame 80F0 482 KB
1 KB 16ms
15ms Script
application/javascript 104.18.142.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsforms.net/forms/embed/v2.js

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/embed/v2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.142.119 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f171db8dc0eb7cec86c84ceac278dbf2fbe33770334635a2703186d14f4828b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Referer
If-None-Match: W/"b0047a8901d8ed9f81db3dcb5982114e"
If-Modified-Since: Wed, 03 Apr 2024 11:15:05 UTC
sec-ch-ua-platform: "Win32"

Response headers

age: 533
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=forms-embed/static-1.5064/bundles/project-v2.js&cfRay=87593b9459a33735-FRA
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"b0047a8901d8ed9f81db3dcb5982114e"
vary: Accept-Encoding
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: s-maxage=600, max-age=300
x-hs-target-asset: forms-embed/static-1.5064/bundles/project-v2.js
date: Wed, 17 Apr 2024 03:21:12 GMT
x-amz-version-id: 4lHA5dnNobe4YqKec9CE2kPtPUzRSBNR
via: 1.1 f57a09c5455a80253c61001d750462e6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: IAD12-P3
x-hubspot-correlation-id: cbeaa51d-1fda-4c88-83c7-ca997fd482db
x-cache: Hit from cloudfront
cache-tag: staticjsapp-forms-embed-v2-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 2
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-request-id: cbeaa51d-1fda-4c88-83c7-ca997fd482db
last-modified: Wed, 03 Apr 2024 11:15:05 UTC
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dr0UT5%2Bx9vummY%2FXfQ9YzU5O%2B%2FawvMzfB3crQlkgjeau%2Bj4aiFo9d46QUBo8F1KPU6Gsigo7gOblNhHvhUbQFqpEZfFnuDNYUXwHlmpHPPg86PfvuQPOiesTsLGcQeK1"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status: HIT
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-68b7f7fbff-72bsp
cf-ray: 8759489d5d1671d3-FRA
x-amz-cf-id: ZiZvt-SIOr-HQFgHUDQRAgom4VF0wXNgtlgSrcSGLjv7fVA7aVwuGA==

GET
H3 200 text-editor.2c35aafbe5bf0e127950.bundle.min.js Show response
noteslive.vip/wp-content/plugins/elementor/assets/js/ 1 KB
864 B 16ms
16ms Script
application/javascript 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://noteslive.vip/wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js
Requested by: Host: noteslive.vip
URL: https://noteslive.vip/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.21.0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce7e0647d9420928cc3d294f452c4d94516baef58bba12b02103d01ad4242152

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://noteslive.vip/properties/sunsetcollection/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 17 Apr 2024 03:21:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 11 Apr 2024 02:08:01 GMT
server: cloudflare
age: 364083
etag: W/"66174601-550"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8759489d79012c35-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 accordion.8799675460c73eb48972.bundle.min.js Show response
noteslive.vip/wp-content/plugins/elementor/assets/js/ 4 KB
2 KB 15ms
15ms Script
application/javascript 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://noteslive.vip/wp-content/plugins/elementor/assets/js/accordion.8799675460c73eb48972.bundle.min.js
Requested by: Host: noteslive.vip
URL: https://noteslive.vip/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.21.0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: a105f8c84f4630cf886a22569bf537db51ed4b283d407156f8fd04eb7b94300a

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://noteslive.vip/properties/sunsetcollection/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 17 Apr 2024 03:21:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 15 Apr 2024 14:09:03 GMT
server: cloudflare
age: 33327
etag: W/"661d34ff-e9f"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8759489d79042c35-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 counters.gif
forms.hsforms.com/embed/v3/ 35 B
882 B 142ms
125ms Image
image/gif 104.19.175.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-DEFINITION_SUCCESS&count=1

Requested by

Host: noteslive.vip
URL: https://noteslive.vip/properties/sunsetcollection/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.175.188 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://noteslive.vip/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 17 Apr 2024 03:21:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: bdf4fa11-a9c2-450a-89fd-395ea13ccd4a
x-envoy-upstream-service-time: 2
alt-svc: h3=":443"; ma=86400
content-length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: bdf4fa11-a9c2-450a-89fd-395ea13ccd4a
server: cloudflare
vary: origin
content-type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-9fd6b4b-8mfdp
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none
cf-ray: 8759489dde252c7b-FRA

GET
H2 200 css2
fonts.googleapis.com/ Frame 80F0 5 KB
715 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Raleway:wght@400;500;700&display=swap

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/embed/v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5d754371d3a7775df0de06ed9e7837e4f46a86b55f8101d62015aba3746ab67a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Wed, 17 Apr 2024 03:21:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 17 Apr 2024 02:42:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 17 Apr 2024 03:21:12 GMT

GET
H3 200 counters.gif
forms-na1.hsforms.com/embed/v3/ 35 B
885 B 160ms
142ms Image
image/gif 104.18.80.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms-na1.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-RENDER_SUCCESS&count=1

Requested by

Host: noteslive.vip
URL: https://noteslive.vip/properties/sunsetcollection/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.80.204 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://noteslive.vip/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 17 Apr 2024 03:21:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 886eaebe-eaa7-4cb1-8bb7-27460ea31531
x-envoy-upstream-service-time: 1
alt-svc: h3=":443"; ma=86400
content-length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 886eaebe-eaa7-4cb1-8bb7-27460ea31531
server: cloudflare
vary: origin
content-type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-9fd6b4b-qlpqc
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none
cf-ray: 8759489e09ec65d3-FRA

GET
H2 200 1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v29/ Frame 80F0 47 KB
0 44ms
9ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v29/1Ptug8zYS_SKggPNyC0ITw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://noteslive.vip
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 10:42:03 GMT
x-content-type-options: nosniff
age: 319149
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48208
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 13 Apr 2025 10:42:03 GMT

GET
H2 200 cv
adservices.brandcdn.com/pixel/ Frame 2C42 0
0 489ms
164ms Document
text/html 54.177.56.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adservices.brandcdn.com/pixel/cv?aid=349448&cv_ck=d9ec18d6-b6f5-4007-9c38-d0592862ba7e&m=noteslive.vip&r=
Requested by: Host: adservices.brandcdn.com
URL: https://adservices.brandcdn.com/pixel/cv_pixel.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.177.56.40 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-177-56-40.us-west-1.compute.amazonaws.com
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://noteslive.vip/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
content-encoding: gzip
content-length: 1137
content-location: cv.html
content-type: text/html
date: Wed, 17 Apr 2024 03:21:13 GMT
etag: "1002-5f9d69bae4944;5f9d69bae4944
last-modified: Fri, 21 Apr 2023 11:03:33 GMT
server: Apache/2.4.52 (Ubuntu)
tcn: choice
vary: negotiate,Accept-Encoding

GET
H2 200 cv
adservices.brandcdn.com/pixel/ Frame AE9C 0
0 489ms
489ms Document
text/html 54.177.56.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adservices.brandcdn.com/pixel/cv?aid=349448&cv_ck=d9ec18d6-b6f5-4007-9c38-d0592862ba7e&m=noteslive.vip&r=
Requested by: Host: adservices.brandcdn.com
URL: https://adservices.brandcdn.com/pixel/cv_pixel.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.177.56.40 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-177-56-40.us-west-1.compute.amazonaws.com
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://noteslive.vip/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
content-encoding: gzip
content-length: 1137
content-location: cv.html
content-type: text/html
date: Wed, 17 Apr 2024 03:21:13 GMT
etag: "1002-5f9d69bae4944;5f9d69bae4944
last-modified: Fri, 21 Apr 2023 11:03:33 GMT
server: Apache/2.4.52 (Ubuntu)
tcn: choice
vary: negotiate,Accept-Encoding

GET
H3 200 cropped-Notes-logo-icon-01-1-32x32.png
noteslive.vip/wp-content/uploads/2022/03/ 706 B
869 B 461ms
461ms Other
image/png 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://noteslive.vip/wp-content/uploads/2022/03/cropped-Notes-logo-icon-01-1-32x32.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: b2e00ae67979c6af7b0ad358dbdb2adf006a993fbd8cefeb22e4501823789644

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://noteslive.vip/properties/sunsetcollection/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 17 Apr 2024 03:21:14 GMT
cf-cache-status: MISS
last-modified: Wed, 26 Jul 2023 18:33:07 GMT
server: cloudflare
etag: "64c166e3-2c2"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 875948a68d332c35-FRA
alt-svc: h3=":443"; ma=86400
content-length: 706

Verdicts & Comments Add Verdict or Comment

170 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.noteslive.vip/	1970-01-20 19:55:25	Name: __cf_bm Value: Gcc_BYI2LJhXY99vA1gO0DrWLp5mUamKUPV.uXLai5g-1713324071-1.0.1.1-U5MPqvx_vQJMZTua.64Ax2Om1hEMcT78BuwKOdfTB5e5mj3KEVNSEPHCOTM4EK6PQL7T_6VkLniBt4vuMLL38w
.hsforms.net/	1970-01-20 19:55:25	Name: __cf_bm Value: ul9bqCj_kEhk68ggxcoby8bri4Fd8cvxyMSVRbfPoKg-1713324072-1.0.1.1-uISby8NpvymUp68591TOPNktSQNHrGs.yEgNl_9KTpDlPbCzcI62cTZcp_gQlkSerEBkGs4vAKDdZ3y0.mt3hw
.noteslive.vip/	1970-01-21 05:31:24	Name: _ga_RE4DQ039LT Value: GS1.1.1713324072.1.0.1713324072.0.0.0
.noteslive.vip/	1970-01-21 05:31:24	Name: _ga Value: GA1.1.391027083.1713324072
.noteslive.vip/	1970-01-20 22:05:00	Name: _gcl_au Value: 1.1.1816245810.1713324072
.noteslive.vip/	1970-01-21 05:31:24	Name: _ga_MHF0PLLHHY Value: GS1.1.1713324072.1.0.1713324072.0.0.0
.noteslive.vip/	1970-01-20 22:05:00	Name: _fbp Value: fb.1.1713324072217.116948732
.noteslive.vip/	1970-01-21 05:31:24	Name: _ga_MX17S4JR1K Value: GS1.1.1713324072.1.0.1713324072.0.0.0
.doubleclick.net/	1970-01-20 19:55:24	Name: test_cookie Value: CheckForPermission
.hsforms.com/	1970-01-20 19:55:25	Name: __cf_bm Value: ZiRlDuU2Ahh.hfznQO5MvnSouiU_ZxdTPP3E9bJExPQ-1713324072-1.0.1.1-8sO06jHqj849MVdhuY_5dN1jOfxyK2of_u8YMKw9kOZczaZBXkS3xDib8dyhkUjHST78Z9veOpXzLosakThDxQ
.hsforms.com/	1969-12-31 23:59:59	Name: _cfuvid Value: 3vdZxYQG7UK8loTH4nN3_HVYdolu3gEdbuPwiNj7XWg-1713324072778-0.0.1.1-604800000
noteslive.vip/	1970-01-21 04:41:00	Name: brandcdn_uid Value: d9ec18d6-b6f5-4007-9c38-d0592862ba7e
adservices.brandcdn.com/	1970-01-21 04:41:00	Name: brandcdn_uid Value: d9ec18d6-b6f5-4007-9c38-d0592862ba7e
adservices.brandcdn.com/	1970-01-20 20:05:28	Name: AWSALBCORS Value: U20VB51IkF65OWcBMtXQY9tzLi1kc5Csea4lMCGVaHlVSwVHG8JJ91dZXlLGrEmfScM52P4QKs3jIW2s/UULKQeTX5FyXv5xVrUSCFiwwHI0iVDhRXOokxiA7s3E

22 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://noteslive.vip/properties/sunsetcollection/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://connect.facebook.net/signals/config/743752553931112?v=2.9.153&r=stable&domain=noteslive.vip&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105(Line 97) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://noteslive.vip/properties/sunsetcollection/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://noteslive.vip/properties/sunsetcollection/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://noteslive.vip/properties/sunsetcollection/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://noteslive.vip/properties/sunsetcollection/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://noteslive.vip/properties/sunsetcollection/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://noteslive.vip/properties/sunsetcollection/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://noteslive.vip/properties/sunsetcollection/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://noteslive.vip/properties/sunsetcollection/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://noteslive.vip/properties/sunsetcollection/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://noteslive.vip/properties/sunsetcollection/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://noteslive.vip/properties/sunsetcollection/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://noteslive.vip/properties/sunsetcollection/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://noteslive.vip/properties/sunsetcollection/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://noteslive.vip/properties/sunsetcollection/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://noteslive.vip/properties/sunsetcollection/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://noteslive.vip/properties/sunsetcollection/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://noteslive.vip/properties/sunsetcollection/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://noteslive.vip/properties/sunsetcollection/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://noteslive.vip/properties/sunsetcollection/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://noteslive.vip/properties/sunsetcollection/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservices.brandcdn.com
cdnjs.cloudflare.com
connect.facebook.net
d1eoo1tco6rr5e.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
forms-na1.hsforms.com
forms.hsforms.com
googleads.g.doubleclick.net
insight.adsrvr.org
js.hsforms.net
moderate.cleantalk.org
moderate9-v4.cleantalk.org
noteslive.vip
region1.google-analytics.com
sunsetownersclub.com
tag.brandcdn.com
unpkg.com
www.facebook.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
104.17.24.14
104.18.142.119
104.18.80.204
104.19.175.188
141.193.213.10
142.250.185.194
157.240.252.13
172.217.16.194
172.217.16.196
18.66.186.148
2001:4860:4802:32::36
216.58.206.35
2600:9000:225e:1600:7:e536:8b00:93a1
2606:4700::6811:f5cb
2a00:1450:4001:80e::2003
2a00:1450:4001:828::200a
2a00:1450:4001:82b::2008
2a01:4f8:c17:103c::1
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
3.33.152.147
35.71.131.137
51.81.55.251
52.223.40.198
54.177.56.40
05101c075a872a7a564e9b78087af9b30ec8b00eeb67560fd0e45473487c60dc
081ae9baaacc857c1c2cb51de6dbd0e1eb811c2761ef01a50df373f2f6eefe22
0ad7a6ea9e76cd71a2d9f58f947e3da89eeef57912d186c6df26c20f96f18132
0bc32c16a963f587d3d0d69da37f1ddf1269221fc7df0907f420624614ab2963
0c946e6fbc260b4d76da35ae6c0846dc47345e31c838f1ed5bf84bd9066401f0
14b042ee2dd1c20535bb4906e3d51aff57f7b80dd287dcd070e5312b3b318093
17b79ece7ef9d1454a90156690d33d64387b67a7a7548fc826012512e287a937
1bd35b8a831b9e53e4a1faa8226375e690d2655ae4dd2356c737b98e16474ade
1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c
1fc0b0b37e65e4471aac871b109135b7c08c2f6d5418577553128741bda5a9d5
214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0
25ca7abf6b5b9becd0676818fde2d3b374badcff7867f95dbcbfebeac59a24c0
2a10ab2828a2618f138f34578efa80307b551fa2c318bbd3085622518fe89588
2cb546fbdda7995d374fffa4b2f6530bbcf57d014639ddf76de45df43d593045
37975b86f4fdb264b7ca4b88a050340eea8934411599fb1ea81c5b6cc79c314d
37bab6cd583982e8eff58501a99d7c5c4d63664c1ca34f9e3b7cf526c5b73ae2
383fc0a2c8d9b1c598523d56e3e6c24522a86a4cf8808410b8182476e4607971
3d5a00e566b182d56ec3d8d32c34be296634f20333811caa7affd90c8dd2b9b2
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
4f2c1f098f7a28dbab913d292da562c06b45d6495ec9a60e6cbc6b99564ef5e4
4ff079893cbfe8eebd0d49b7c8bcbeba131173b3e0da0e13210ad611869e0e36
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
58e01410e25acbbd6777bd634d1bb085b09b69c86a5da48de83b8c52c9a5d883
5a62747da3f31e2aaf8c74b21e28893d57a6601d152d109f915dcd0387152bbc
5b84c4b766d4eccc89786e31780963387c8f1124d2040fc0d757a37ac02f4f22
5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c
5cbd62cb9381d7660c9887bdb364a82872160009c31299cec15defa729a50d5e
5d754371d3a7775df0de06ed9e7837e4f46a86b55f8101d62015aba3746ab67a
67ac597bed179b5842d996fad80472c6b9514edde408ade8b892161bcf9e9c88
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6f35273b8502706ee06854d797337ab40bc1b3a7421960a2ceb5392ac85a0f54
7bfddafd9c981f2277a76f7f0613a3146343bd66777a26e9c7c1097d9a148741
7d8bc5e59ebb8f4c3f335b2db8008553c3f88599c67eba2fb5d2f35fd0ab2e59
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
885a94e0f13e072c1cac958307d05a1da1dc7f21b8be360f283a34ce06e1295e
887040d844e8fe5e6794e6de88e54238db586f416d853fa4293bfa51d20d44ba
88a55f2f63b0693a5e880094799388b608eb0a80f666a7e8460f2ac82e7b3da5
8cbc049ddbd7ca67068451ce754401833499959c4c6ed7b98f664d42e0597808
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
924b0dc630d1c5dff9fa31aead9509775b1d476bfe0a5ac2977b2f11205a26ac
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
969e71d2c58889efb61cd106846e486fd055c9e94c3ad19ca545fce0ea709e1f
a105f8c84f4630cf886a22569bf537db51ed4b283d407156f8fd04eb7b94300a
a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d
a80d4f393fe6858d03fa840c5c30179e3c0497923fa72ac7178e9f3039811f94
aaf08be6ae4ed211293a6d4280e2d052e1f332eb0066a0dc0192fd8a3a9f39d2
abeffbea799bfe76da3333b156daf8d7f1aab02ce4210efdfd73e265941412b3
b2e00ae67979c6af7b0ad358dbdb2adf006a993fbd8cefeb22e4501823789644
b35b7a047b0b9fe81847eb415079eeae347f19cab08236746b5839897440eb8d
b3d01bdc432ba8b685dbe0741f084da14b2d706938734242ed1b7585bbe07d4e
b6609c0152be15344bf8617a2da561d98d8d061136753fcb9e9765a1d9b4a7c9
b9d7b8f5404018a17132e52fa513993588f08d5b73899ac08f23793546cbe3ce
baa63a55c0eff28356fa3cdf2a5cdc05fe67f8729e82a5e9a04faeba1c0d9648
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
bc530c3c75bb87677cb79d645697759ea411ab9ca7ba55cb28d5e040ff44f603
bc9ce60ecd8ad81f4255baec05cee96d4a32f484f1cc6975e11ac87a5de667f2
bda2cf571d7ea45f68afcdc87f968090dbf4bbdec2c7d6d19ce591b3980c296f
be18e6049924d017a996ef614140feb39fbffdbf25e5ed65576d22c18cda6a2c
bf9a7db0abd9b375ac54148d627c53f22bc3f339a02e033824f72c685f6b7678
c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c2be9ab417d9ce189a79d3fa0d2e543bc13c22b0687af9b7594301b3d0439bd3
c55902832fb84522d02ea1a60a30747403a140d8651fa748f13ba398b0c0df3a
c57e64fcb72bddafa9c38de574441c3e69ac6c961df96b0cad34da83658bd196
c70978cae1df20cdd61cf5a07b34a6bbf7e37459f584bbf5e5b9480fa7b8546f
ca7dce2391845e8aec7da135f33fabd10f74eed28a532ac66fd01f761fcfb42f
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cbf4c87fd61a95d81d4b2e8b84b520512d53fad1deeccde1581af72330e966af
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
ce7e0647d9420928cc3d294f452c4d94516baef58bba12b02103d01ad4242152
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef
d7ea7d4a302f9b992ce65d4c6a615c0b995b5ce4aab2be3ecd84a46d9412a51f
d87ddf917b7a1449ab45e2b8e3c98354629bdd65b6659c37e6023bbea1ce1386
da96b12617ce83e0562918004b9bc04f8403a87c004a7c8558260037aaf4e8c0
dbbd735fd657af996e065eac67ae2842e3bff3f8c47d57d97dc3dd5e23dd85c1
dcbc06b113673514f9ae310f4b5fa431720372fcf4e9b8473a888c300c9509f6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e42c1eac09e6ceeb8d579205cae4b81b8b55aeaddc2b907803b2dd14e37204aa
e70e9a94ba85c4c49cf03cb6addf2deb658da1880617ec7b4952c2ffb13d660c
e9f4a09a28dc6e0a980890ca515b704435e8d17b0ed321e5dd1c0ce5619cbd37
eb624b7d5764158edcad0caf25180f052cb42fcf7d9bf383e4e8f29a53dae4c8
ebd07e134eaa69ff679725da56a465facafc8a09c61ef8bf42ceead8f79f6562
ecf9b1403365e3fdb035f94afb4d33335379cc444472d9fa76f4c250cb85c18b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f171db8dc0eb7cec86c84ceac278dbf2fbe33770334635a2703186d14f4828b2
f313d12ea6124bd28fc4a6b7163d253bb83d5aeab5edce594880c5c3df475cbc
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f9a9329601265904d54c430182763d17b07563554581039a81ccd75dc74562a1
fafc4160788beca657ec3e3041976281fb6d54a0e82bb4d22a433f7c6bb8b1d6
fd842f89e2bd55034a8c3c63f289619df49270681112e23ec4b42e45e5a63f8a

noteslive.vip Open in urlscan Pro 141.193.213.10 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

107 Requests

97 %HTTPS

36 %IPv6

20 Domains

23 Subdomains

22 IPs

3 Countries

5036 kBTransfer

9091 kBSize

14 Cookies

2 Outgoing links

Page URL History

Redirected requests

107 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

noteslive.vip Open in urlscan Pro
141.193.213.10 Public Scan

Screenshot
Live screenshot

Full Image

107
Requests

97 %
HTTPS

36 %
IPv6

20
Domains

23
Subdomains

22
IPs

3
Countries

5036 kB
Transfer

9091 kB
Size

14
Cookies

107 HTTP transactions
0 data transactions