urlscan.io logo urlscan.io
SecurityTrails logo

onotepad.com Open in urlscan Pro
2606:4700:3036::681c:325  Public Scan

Go To Rescan Add Verdict Report
URL: https://onotepad.com/note/vlaktpo6uyi/1030244
Submission: On December 26 via manual from IN
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 20 IPs in 8 countries across 19 domains to perform 45 HTTP transactions. The main IP is 2606:4700:3036::681c:325, located in United States and belongs to CLOUDFLARENET, US. The main domain is onotepad.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 4th 2020. Valid for: a year.
This is the only time onotepad.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

10    2606:4700:3036::681c:325 (United States)

ASN13335 (CLOUDFLARENET, US)
onotepad.com
1    2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
3    2001:4de0:ac19::1:b:2a (Netherlands)

ASN20446 (HIGHWINDS3, US)
maxcdn.bootstrapcdn.com
4    65.9.68.54 (Seattle, United States)

ASN16509 (AMAZON-02, US)
cdn.anotepad.com
1    2606:4700:3036::6812:2c38 (United States)

ASN13335 (CLOUDFLARENET, US)
pngimage.net
1    2606:4700::6810:a723 (United States)

ASN13335 (CLOUDFLARENET, US)
ajax.cloudflare.com
1    2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:81e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
7    151.139.241.23 (Dallas, United States)

ASN33438 (HIGHWINDS2, US)
ads.themoneytizer.com
1    2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    145.239.193.145 (France)

ASN16276 (OVH, FR)
g.themoneytizer.net
1    198.148.27.133 (New York, United States)

ASN19189 (PULSEPOINT, US)
tag.contextweb.com
1    185.86.137.17 (France)

ASN201081 (SMARTADSERVER, FR)
ww1097.smartadserver.com
1    2a02:26f0:6c00::210:ba0b (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)
ced-ns.sascdn.com
1    2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
2    145.239.192.166 (France)

ASN16276 (OVH, FR)
tag.leadplace.fr
1    51.89.9.254 (Germany)

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu
onetag-sys.com
1    2606:4700:10::6816:1957 (United States)

ASN13335 (CLOUDFLARENET, US)
spl.zeotap.com
2    2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
Domain Requested by
10 onotepad.com onotepad.com
7 ads.themoneytizer.com ajax.cloudflare.com
ads.themoneytizer.com
4 cdn.anotepad.com onotepad.com
cdn.anotepad.com
3 ajax.googleapis.com ajax.cloudflare.com
3 maxcdn.bootstrapcdn.com onotepad.com
ajax.cloudflare.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 tag.leadplace.fr ads.themoneytizer.com
tag.leadplace.fr
2 fonts.gstatic.com fonts.googleapis.com
1 spl.zeotap.com ads.themoneytizer.com
1 onetag-sys.com ads.themoneytizer.com
1 gum.criteo.com ads.themoneytizer.com
1 ced-ns.sascdn.com
1 ww1097.smartadserver.com 1 redirects
1 tag.contextweb.com ads.themoneytizer.com
1 g.themoneytizer.net ads.themoneytizer.com
1 www.googletagmanager.com ajax.cloudflare.com
1 fonts.googleapis.com onotepad.com
1 ajax.cloudflare.com onotepad.com
1 pngimage.net onotepad.com
1 cdnjs.cloudflare.com onotepad.com
0 id5-sync.com Failed
45 21

This site contains links to these domains. Also see Links.

Domain
mydomainscan.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-08-04 -
2021-08-04		 a year crt.sh
*.bootstrapcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2020-09-22 -
2021-10-12		 a year crt.sh
*.anotepad.com
Amazon		 2020-03-16 -
2021-04-16		 a year crt.sh
ajax.cloudflare.com
DigiCert ECC Secure Server CA		 2020-08-11 -
2022-08-16		 2 years crt.sh
upload.video.google.com
GTS CA 1O1		 2020-11-10 -
2021-02-02		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2020-11-10 -
2021-02-02		 3 months crt.sh
*.themoneytizer.com
Sectigo RSA Domain Validation Secure Server CA		 2019-02-15 -
2021-02-14		 2 years crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-11-10 -
2021-02-02		 3 months crt.sh
g.themoneytizer.net
GoGetSSL RSA DV CA		 2019-10-16 -
2022-01-17		 2 years crt.sh
*.contextweb.com
DigiCert SHA2 Secure Server CA		 2020-05-07 -
2022-05-12		 2 years crt.sh
*.sascdn.com
DigiCert Secure Site ECC CA-1		 2020-10-14 -
2021-11-11		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2020-11-17 -
2021-02-14		 3 months crt.sh
*.leadplace.fr
Gandi Standard SSL CA 2		 2020-09-11 -
2021-09-12		 a year crt.sh
onetag-sys.com
Let's Encrypt Authority X3		 2020-11-02 -
2021-01-31		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://onotepad.com/note/vlaktpo6uyi/1030244
Frame ID: 8A9685DAAD5BEE06B2D0FE0319405A49
Requests: 42 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1608971011696
Frame ID: D1F8F403AD96E45A9C8401F40DE39578
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/?env=mWeb&uc=2&zdid=1258&eventType=map
Frame ID: 8808BCEAC9522BADC069E5A70E0B78C1
Requests: 1 HTTP requests in this frame

Frame: https://tag.leadplace.fr/wckr.php?id=MTIZ
Frame ID: 8EB59682E5FA81D96C99B245EABED1FC
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • html /<link [^>]+(?:\/([\d.]+)\/)?animate\.(?:min\.)?css/i
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link [^>]*href="[^"]+lightbox(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
  • html /<link [^>]*href="[^"]+owl\.carousel(?:\.min)?\.css/i

Page Statistics

45
Requests

98 %
HTTPS

65 %
IPv6

19
Domains

21
Subdomains

20
IPs

8
Countries

417 kB
Transfer

1350 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32
  • https://ww1097.smartadserver.com/config.js?nwid=1097 HTTP 302
  • https://ced-ns.sascdn.com/diff/js/smart.js
Request Chain 42
  • https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/12/0/9/1.gif?gdpr=1&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/12/19/8/2.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/12/19/8/2.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/12/19/8/2.gif?puid=76ab48178ec7e98baacde49303e25fd6&gdpr=1&gdpr_consent= HTTP 302
  • https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F101%2F7%2F3.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F101%2F7%2F3.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/12/101/7/3.gif?puid=31397b4a-0ad4-434b-a249-409c3a8a6447&gdpr=1&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F108%2F6%2F4.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F108%2F6%2F4.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/12/108/6/4.gif?puid=a3fe6cf1-4753-11eb-9573-128f1f307cee&gdpr=1&gdpr_consent= HTTP 302
  • https://loadus.exelator.com/load/?p=1082&g=204&j=r&gdpr=1&gdpr_consent=&ru=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F103%2F5%2F5.gif%3Fpuid%3D%25%25UID%25%25%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://loadus.exelator.com/load/?p=1082&g=204&j=r&gdpr=1&gdpr_consent=&ru=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F103%2F5%2F5.gif%3Fpuid%3D%25%25UID%25%25%26gdpr%3D1%26gdpr_consent%3D&xl8blockcheck=1 HTTP 302
  • https://id5-sync.com/c/12/103/5/5.gif?puid=e8a41f3b6f9de764d5a3eacbcb20ba67&gdpr=1&gdpr_consent= HTTP 302
  • https://sync.adotmob.com/cookie/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F106%2F4%2F6.gif%3Fpuid%3D%7Bamob_user_id%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/12/106/4/6.gif?puid=05af220302d78eccb2a50f79&gdpr=1&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/id5/1/get?gdpr=1&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F112%2F3%2F7.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/12/112/3/7.gif?puid=${UIPID}&gdpr=1&gdpr_consent= HTTP 302
  • https://match.prod.bidr.io/cookie-sync/id5 HTTP 303
  • https://match.prod.bidr.io/cookie-sync/id5?_bee_ppp=1 HTTP 303
  • https://id5-sync.com/k/155.gif?id5AccountNum=155&numCascadesAllowed=9&puid=AACYIU6_zeYAABD9bAn7Dg

45 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 1030244
onotepad.com/note/vlaktpo6uyi/ 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onotepad.com/note/vlaktpo6uyi/1030244
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681c:325 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d455df66b848f140a80f35c72223a4cbac2b4d3da10e80d1f13ed329cd4b6d37

Request headers

:method
GET
:authority
onotepad.com
:scheme
https
:path
/note/vlaktpo6uyi/1030244
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 26 Dec 2020 08:23:31 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d7c457f605e718dbc71737cb16c7192ff1608971011; expires=Mon, 25-Jan-21 08:23:31 GMT; path=/; domain=.onotepad.com; HttpOnly; SameSite=Lax; Secure
vary
Accept-Encoding
x-turbo-charged-by
LiteSpeed
cf-cache-status
DYNAMIC
cf-request-id
073fbe5bd300000eaf560f0000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Tbhx434AideDNq8l%2BTP8vmZDg9p5yMiNwtimsgB2aXGtPRbvdEkokvKi8kMHsgIBjJHAZi1T%2BNPDEhspmGU5fYX3lxiz6Pqx541uZ4n5dom7wzP8t4QeyJM%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
60796672eb6e0eaf-FRA
content-encoding
br
bootstrap.min.css
onotepad.com/css/ 		138 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://onotepad.com/css/bootstrap.min.css
Requested by
Host: onotepad.com
URL: https://onotepad.com/note/vlaktpo6uyi/1030244
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681c:325 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31df1e69ea3aece8a8bae5c08bcb7f5e977cb76f886897b301355359b66a48ec

Request headers

Referer
https://onotepad.com/note/vlaktpo6uyi/1030244
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 26 Dec 2020 08:23:31 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
168556
cf-request-id
073fbe5d3500000eaf71aa0000000001
last-modified
Tue, 05 Nov 2019 03:10:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=DoRIpNKMijlAIzsye2Sj%2Bfff1EQLpUz5%2FLwV1qL2x0rV5yl4Qxs1VbswGbafnuipxZtL2ESGWCXMT4I0bC3X6yByBmKXqrw8v6g1BgHNwtMGc1apdOyHEYs%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
607966752e900eaf-FRA
expires
Thu, 31 Dec 2020 09:34:15 GMT
line-icons.css
onotepad.com/css/ 		12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://onotepad.com/css/line-icons.css
Requested by
Host: onotepad.com
URL: https://onotepad.com/note/vlaktpo6uyi/1030244
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681c:325 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b13eb35473cda9fccb3e1494efcba7a63f8a85345b51db8e7e2e131b61ea45cc

Request headers

Referer
https://onotepad.com/note/vlaktpo6uyi/1030244
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 26 Dec 2020 08:23:31 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
525766
cf-polished
origSize=14828
cf-bgj
minify
cf-request-id
073fbe5d3500000eaf1c05a000000001
last-modified
Tue, 05 Nov 2019 03:10:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=uo0xx3%2BFmEs0yz6CveaRIgdyLNegjE5mDQvCMsjAhhjAqkKJobXVD1bbCStmhmY2zVS9nIF%2FUnpoIJy97uPBjSqGWIb2ICQe3GInj74Y4rs9T2aLE%2BFiqfc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
607966752e920eaf-FRA
expires
Sun, 27 Dec 2020 06:20:45 GMT
owl.carousel.css
onotepad.com/css/ 		1 KB
700 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://onotepad.com/css/owl.carousel.css
Requested by
Host: onotepad.com
URL: https://onotepad.com/note/vlaktpo6uyi/1030244
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681c:325 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f64e3acf8069f6c79c2cee38cba6d1d5680687e41a87f4e3272493f667f7d6f4

Request headers

Referer
https://onotepad.com/note/vlaktpo6uyi/1030244
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 26 Dec 2020 08:23:31 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
168556
cf-polished
origSize=2404
cf-bgj
minify
cf-request-id
073fbe5d3600000eaf40a85000000001
last-modified
Tue, 05 Nov 2019 03:10:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=JEU2YkkR9jKCEB4DQ9DPfm5il%2B6eS0ij2NzJrWFcrNkb65x%2Br1LWeRm3WwMMXogPl21P6HLzUU7ewJ6zRA7KN95lFyhH32GZB4%2FACzqcs1B3R%2BtBtQyf5dQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
607966752e940eaf-FRA
expires
Thu, 31 Dec 2020 09:34:15 GMT
owl.theme.css
onotepad.com/css/ 		1 KB
623 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://onotepad.com/css/owl.theme.css
Requested by
Host: onotepad.com
URL: https://onotepad.com/note/vlaktpo6uyi/1030244
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681c:325 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b178ee68bac541f00e44b6adc26f866045c3921e844e218e309ad41029d7361f

Request headers

Referer
https://onotepad.com/note/vlaktpo6uyi/1030244
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 26 Dec 2020 08:23:31 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
168556
cf-polished
origSize=1666
cf-bgj
minify
cf-request-id
073fbe5d3600000eaf8e843000000001
last-modified
Tue, 05 Nov 2019 03:10:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=q1edPEf8GT7lA2XrqRAzMljJPJSsXUYOPCAtx8xEJ58hYBLoN1990TSAKA%2Bnm2ZAZiB%2F3GLHr2eAqrpQhT07AErSe5fzCvvzN1%2BHGkb7oAI5raQswxM8xMM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
607966752e960eaf-FRA
expires
Thu, 31 Dec 2020 09:34:15 GMT
animate.css
onotepad.com/css/ 		55 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://onotepad.com/css/animate.css
Requested by
Host: onotepad.com
URL: https://onotepad.com/note/vlaktpo6uyi/1030244
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681c:325 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6de242265cf0c8ac812427bcfafd48416f1deebf9164d4185be216b6d3081cea

Request headers

Referer
https://onotepad.com/note/vlaktpo6uyi/1030244
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 26 Dec 2020 08:23:31 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
168556
cf-polished
origSize=69727
cf-bgj
minify
cf-request-id
073fbe5d3600000eaf50062000000001
last-modified
Tue, 05 Nov 2019 03:10:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=O4XecphIabKmGgecsdH7Rj8DDY8X9PuSG%2Fwu6RXtfmB3RKLmW9yuk%2Fzf2EzCFvlwT02d%2B6ymjqK6y6R%2Bqkp5K5cnN9xDlUQhHCKQffRclpXkkW9i%2B5OZKGM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
607966752e970eaf-FRA
expires
Thu, 31 Dec 2020 09:34:15 GMT
magnific-popup.css
onotepad.com/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://onotepad.com/css/magnific-popup.css
Requested by
Host: onotepad.com
URL: https://onotepad.com/note/vlaktpo6uyi/1030244
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681c:325 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65ab95b0a57d4fa12ccb83a19088bfc1a593c982dc9fe6f1e7ecc1eb8ab313d0

Request headers

Referer
https://onotepad.com/note/vlaktpo6uyi/1030244
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 26 Dec 2020 08:23:31 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
525766
cf-polished
origSize=7302
cf-bgj
minify
cf-request-id
073fbe5d3700000eaf90a7a000000001
last-modified
Tue, 05 Nov 2019 03:10:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=9AaQwgfwnKTzUyFbkF5%2BYt32PZGsbwGDfj8HjPwUDhI3xkJ5RD2N96Fh8UIAvX%2B%2BdfQGL6BO9YmdBiXTULrBSV%2BxmXGriaQ4u5B6%2F%2Ba7GEcy%2BMUT31Mq1Ao%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
607966752e980eaf-FRA
expires
Sun, 27 Dec 2020 06:20:45 GMT
nivo-lightbox.css
onotepad.com/css/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://onotepad.com/css/nivo-lightbox.css
Requested by
Host: onotepad.com
URL: https://onotepad.com/note/vlaktpo6uyi/1030244
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681c:325 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a820955bec8f3d7454ee14edd2f40181c69c41e2f546b7ab1e5afb6e42b832a6

Request headers

Referer
https://onotepad.com/note/vlaktpo6uyi/1030244
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 26 Dec 2020 08:23:31 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
525766
cf-polished
origSize=5772
cf-bgj
minify
cf-request-id
073fbe5d3700000eaf1706e000000001
last-modified
Tue, 05 Nov 2019 03:10:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=mWTLDi4zG32t%2F84um%2B9Uc6N7LuU75D2xZedyaiczx7EoCttBKM%2FUBJ48R5GnNX6iO4Q55y7wTQZng2Fl5Li6j9nllCNC1EdgYc%2B%2BP%2F%2B8YTUym8E5WAtjyL4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
607966752e990eaf-FRA
expires
Sun, 27 Dec 2020 06:20:45 GMT
main.css
onotepad.com/css/ 		35 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://onotepad.com/css/main.css
Requested by
Host: onotepad.com
URL: https://onotepad.com/note/vlaktpo6uyi/1030244
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681c:325 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3646f6f0a22ef57c7d238ce1c443606c84376ff3f316fb0f44e976d71d604307

Request headers

Referer
https://onotepad.com/note/vlaktpo6uyi/1030244
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 26 Dec 2020 08:23:31 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
525766
cf-polished
origSize=48211
cf-bgj
minify
cf-request-id
073fbe5d3700000eaf4d110000000001
last-modified
Tue, 05 Nov 2019 03:10:06 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2p%2FoOfqplxirLTta7meCpS4Sal%2BXbNXCzCXTLALeElAjqsdrRUUuGi97q6zhRLR%2Fx3130USrPvBYfUWtvyXK%2FwuNZB11yQ6fYSBEuZ9VZR8w3rtAiXlipRw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
607966752e9a0eaf-FRA
expires
Sun, 27 Dec 2020 06:20:45 GMT
responsive.css
onotepad.com/css/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://onotepad.com/css/responsive.css
Requested by
Host: onotepad.com
URL: https://onotepad.com/note/vlaktpo6uyi/1030244
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681c:325 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
954771cbc3fb955a8b5276f2c7fb4534305896de0ea3c421049be9b198f07365

Request headers

Referer
https://onotepad.com/note/vlaktpo6uyi/1030244
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 26 Dec 2020 08:23:31 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
168556
cf-polished
origSize=9107
cf-bgj
minify
cf-request-id
073fbe5d3f00000eaf56104000000001
last-modified
Tue, 05 Nov 2019 03:10:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=5TfS8dECJlMSD%2BD8kBdZYjlXzb5iOesfCDe2LUmyiPhpeSoQFlE%2ByCEE2OlANqbrgMjg3uMCFHmVgtVcHycIPrJAEL8eIxm8NSjJLD14SWytfOKlrANh5%2Bg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
607966752e9c0eaf-FRA
expires
Thu, 31 Dec 2020 09:34:15 GMT
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 		30 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: onotepad.com
URL: https://onotepad.com/note/vlaktpo6uyi/1030244
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://onotepad.com/note/vlaktpo6uyi/1030244
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 26 Dec 2020 08:23:31 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
43015
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
content-length
5631
cf-request-id
073fbe5d4200004a9712953000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-7918"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Q89NPwPL%2F5V9ba2WWVZIZH6mg%2F3DiAP6TfA%2Fwu7dXxsls20ol%2FllXcqCHfBxKLuylMMNgOQ2twz3NcfMtp32r4b%2FVWnQWY2%2FbZ9c8iuNAiBdiAZLDuL5%2FX%2B9QgGemN5XAw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
60796675392d4a97-FRA
expires
Thu, 16 Dec 2021 08:23:31 GMT
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ 		118 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
Requested by
Host: onotepad.com
URL: https://onotepad.com/note/vlaktpo6uyi/1030244
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://onotepad.com
Referer
https://onotepad.com/note/vlaktpo6uyi/1030244
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 26 Dec 2020 08:23:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 12 Dec 2018 18:34:07 GMT
etag
"1544639647"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
19740
bootstrap-theme.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ 		23 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap-theme.min.css
Requested by
Host: onotepad.com
URL: https://onotepad.com/note/vlaktpo6uyi/1030244
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
653e073e97423adda5bc3917a241ee8497dd38a48f14bcde0098a4e54fd0fa5e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://onotepad.com
Referer
https://onotepad.com/note/vlaktpo6uyi/1030244
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 26 Dec 2020 08:23:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 12 Dec 2018 18:34:07 GMT
etag
"1544639647"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
2776
site-css
cdn.anotepad.com/bundles/ 		10 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.anotepad.com/bundles/site-css?v=AIVj9wmKxIywoY-neyK9aJb6ZmrzAV-16QI7OM6zx-s1
Requested by
Host: onotepad.com
URL: https://onotepad.com/note/vlaktpo6uyi/1030244
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.68.54 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
441dfbf2d6e7e8ce0dd1fc034012a2da2a814b9d1423382de5a2c703afe66ebd

Request headers

Referer
https://onotepad.com/note/vlaktpo6uyi/1030244
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 17 Nov 2020 22:49:44 GMT
content-encoding
gzip
last-modified
Tue, 17 Nov 2020 22:49:45 GMT
server
Microsoft-IIS/8.5
x-aspnet-version
4.0.30319
age
3317625
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css; charset=utf-8
via
1.1 c2b4a332b09677da722930ae336c8bfc.cloudfront.net (CloudFront)
cache-control
public
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
a1eQaVaw_LfGqyTBxmfQ8rr_XnGtAyKuJCUDiOtH46OpZUZd2NEYCA==
expires
Wed, 17 Nov 2021 22:49:45 GMT
notepad-logo-png-1.png
pngimage.net/wp-content/uploads/2018/06/ 		50 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pngimage.net/wp-content/uploads/2018/06/notepad-logo-png-1.png
Requested by
Host: onotepad.com
URL: https://onotepad.com/note/vlaktpo6uyi/1030244
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6812:2c38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a02471c3b2173674e75b1afccff315c2d7432768d70af4f4e206931010df29d0

Request headers

Referer
https://onotepad.com/note/vlaktpo6uyi/1030244
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 26 Dec 2020 08:23:31 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
6728
content-length
51206
cf-request-id
073fbe5d450000061491a2e000000001
last-modified
Sat, 20 Jun 2020 15:35:52 GMT
server
cloudflare
etag
"c806-5a885c3c77255"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=h2lGiEoZhK7UzbNE%2F07hYHR9764VSaaRFpLERT8JofrbJRANJzHBD4kyNJkGnX5bzcgSEHlS5bqji%2Bd9Wt0yNZ8tSYDQtyqW34RTLGCYIjRx489uSQ8ghyo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
607966753d780614-FRA
badge_applestore.png
cdn.anotepad.com/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.anotepad.com/images/badge_applestore.png
Requested by
Host: onotepad.com
URL: https://onotepad.com/note/vlaktpo6uyi/1030244
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.68.54 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
7f9164a13476744c911fea7dbab9a2924750f69f82ec1d51d2a09e64638952c0

Request headers

Referer
https://onotepad.com/note/vlaktpo6uyi/1030244
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 23 Dec 2020 20:00:16 GMT
via
1.1 c2b4a332b09677da722930ae336c8bfc.cloudfront.net (CloudFront)
etag
"82bdb9576c9d51:0"
last-modified
Sun, 12 Jan 2020 18:32:03 GMT
server
Microsoft-IIS/8.5
age
217393
x-powered-by
ASP.NET
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=604800
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-length
3050
x-amz-cf-id
Lv-Fb9LWRkIWVMnE9J-JoyVKr3x1ig9Uh4a6IcF7w4A3j_N9r9X6rQ==
badge_playstore.png
cdn.anotepad.com/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.anotepad.com/images/badge_playstore.png
Requested by
Host: onotepad.com
URL: https://onotepad.com/note/vlaktpo6uyi/1030244
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.68.54 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
f45f42097ab97da2bd3034f5f7331e2283a38f7147638825cd71912fe8dcbbb6

Request headers

Referer
https://onotepad.com/note/vlaktpo6uyi/1030244
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 26 Dec 2020 07:09:04 GMT
via
1.1 c2b4a332b09677da722930ae336c8bfc.cloudfront.net (CloudFront)
last-modified
Sun, 12 Jan 2020 18:32:03 GMT
server
Microsoft-IIS/8.5
age
4570
x-powered-by
ASP.NET
etag
"bf8eda9576c9d51:0"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=604800
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-length
3709
x-amz-cf-id
iPz_2CGTfFiUXEsrJngqQq2xR1hSBKWzumSAZ2tGPweaKt-RWiDGSQ==
rocket-loader.min.js
ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Requested by
Host: onotepad.com
URL: https://onotepad.com/note/vlaktpo6uyi/1030244
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:a723 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://onotepad.com/note/vlaktpo6uyi/1030244
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 26 Dec 2020 08:23:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
cf-request-id
073fbe5d3600001f41659a6000000001
last-modified
Thu, 17 Dec 2020 18:39:38 GMT
server
cloudflare
x-frame-options
DENY
etag
W/"5fdba5ea-3016"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=goKSaDcH6FOP%2BKudTlLK5B4GQJLcU4Ws%2FPoe8wHJDDlq5jkFAfGVas58Kzxswlp295%2FOKW1VTVTo3p8kuGSoku%2B2CkItnmoIJ1enQW4o%2BMSham1cdzxI%2BbhWVP5viUJL"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
6079667529541f41-FRA
expires
Mon, 28 Dec 2020 08:23:31 GMT
css
fonts.googleapis.com/ 		4 KB
803 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Poppins:400,600|Roboto
Requested by
Host: onotepad.com
URL: https://onotepad.com/css/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4f2e44e27922c5b68c16723d2e640904f56c1e9080c7de98c9f93aa713ea7abd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://onotepad.com/css/main.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 26 Dec 2020 08:23:31 GMT
server
ESF
date
Sat, 26 Dec 2020 08:23:31 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 26 Dec 2020 08:23:31 GMT
folder.png
cdn.anotepad.com/Images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.anotepad.com/Images/folder.png
Requested by
Host: cdn.anotepad.com
URL: https://cdn.anotepad.com/bundles/site-css?v=AIVj9wmKxIywoY-neyK9aJb6ZmrzAV-16QI7OM6zx-s1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.68.54 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
3f4199dd8e5efa85f97883c7da666ab58f585f9b1c741b76f83b725c31e74bd2

Request headers

Referer
https://cdn.anotepad.com/bundles/site-css?v=AIVj9wmKxIywoY-neyK9aJb6ZmrzAV-16QI7OM6zx-s1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 19 Dec 2020 16:21:30 GMT
via
1.1 c2b4a332b09677da722930ae336c8bfc.cloudfront.net (CloudFront)
last-modified
Wed, 15 Sep 2010 07:46:24 GMT
server
Microsoft-IIS/8.5
age
576119
x-powered-by
ASP.NET
etag
"0485b18aa54cb1:0"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=604800
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-length
1884
x-amz-cf-id
yW24VX-mM_8Zn00iQivgYRt7zGzxDak-Qkg50bmWe2oO1nN3H-573A==
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:400,600|Roboto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://onotepad.com
Referer
https://fonts.googleapis.com/css?family=Poppins:400,600|Roboto
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 22 Dec 2020 17:20:25 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:50 GMT
server
sffe
age
313386
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11016
x-xss-protection
0
expires
Wed, 22 Dec 2021 17:20:25 GMT
pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2
fonts.gstatic.com/s/poppins/v15/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v15/pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:400,600|Roboto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://onotepad.com
Referer
https://fonts.googleapis.com/css?family=Poppins:400,600|Roboto
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 25 Dec 2020 15:47:18 GMT
x-content-type-options
nosniff
last-modified
Thu, 05 Nov 2020 22:01:13 GMT
server
sffe
age
59773
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7900
x-xss-protection
0
expires
Sat, 25 Dec 2021 15:47:18 GMT
jquery-ui.min.js
ajax.googleapis.com/ajax/libs/jqueryui/1.11.4/ 		235 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jqueryui/1.11.4/jquery-ui.min.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c4d8dbe77feb63e5a61bee0bead4e5f66e8fa6a927599bd1b74aced52467273c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://onotepad.com/note/vlaktpo6uyi/1030244
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 26 Dec 2020 07:31:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3102
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
64481
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 26 Dec 2021 07:31:49 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.3/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://onotepad.com/note/vlaktpo6uyi/1030244
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 26 Dec 2020 07:31:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3102
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33507
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 26 Dec 2021 07:31:49 GMT
requestform.js
ads.themoneytizer.com/s/ 		261 B
419 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/requestform.js?siteId=56659&formatId=28
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx / PHP/5.4.45
Resource Hash
eb65dc5a0c6098b5b4bde3b012a485b52d8a4b5e5958b08cdcd806a763a5f21b

Request headers

Referer
https://onotepad.com/note/vlaktpo6uyi/1030244
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 26 Dec 2020 08:23:31 GMT
content-encoding
gzip
server
nginx
x-powered-by
PHP/5.4.45
vary
Accept-Encoding
x-cache
HIT
content-type
text/html; charset=UTF-8
cache-control
max-age=86400
accept-ranges
bytes
content-length
211
expires
Sun, 27 Dec 2020 08:23:31 GMT
gen.js
ads.themoneytizer.com/s/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/gen.js?type=28
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx / PHP/5.4.45
Resource Hash
df8c0a338715a333687f5a25f14e5baedc7781aed18495b55a693734fed62e3b

Request headers

Referer
https://onotepad.com/note/vlaktpo6uyi/1030244
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 26 Dec 2020 08:23:31 GMT
content-encoding
gzip
server
nginx
x-powered-by
PHP/5.4.45
vary
Accept-Encoding
x-cache
HIT
content-type
text/html; charset=UTF-8
cache-control
max-age=86400
accept-ranges
bytes
content-length
3356
expires
Sun, 27 Dec 2020 08:22:57 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.4.1/ 		86 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://onotepad.com/note/vlaktpo6uyi/1030244
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 26 Dec 2020 06:30:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6808
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30774
x-xss-protection
0
last-modified
Mon, 13 May 2019 14:37:17 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 26 Dec 2021 06:30:03 GMT
js
www.googletagmanager.com/gtag/ 		96 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-134987322-5
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c45dad7a996f10bb09ade6e31366835194e1b5ce8a4c902ced5f2b300aa8a6f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://onotepad.com/note/vlaktpo6uyi/1030244
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 26 Dec 2020 08:23:31 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39021
x-xss-protection
0
last-modified
Sat, 26 Dec 2020 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 26 Dec 2020 08:23:31 GMT
requestform.js
ads.themoneytizer.com/s/ 		260 B
418 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/requestform.js?siteId=56659&formatId=6
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx / PHP/5.4.45
Resource Hash
cfba43a9c23f165afb3ee8eef520fe5852e208a3d8d93aaa36f9438dc2345a8d

Request headers

Referer
https://onotepad.com/note/vlaktpo6uyi/1030244
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 26 Dec 2020 08:23:31 GMT
content-encoding
gzip
server
nginx
x-powered-by
PHP/5.4.45
vary
Accept-Encoding
x-cache
HIT
content-type
text/html; charset=UTF-8
cache-control
max-age=86400
accept-ranges
bytes
content-length
210
expires
Sun, 27 Dec 2020 08:23:31 GMT
gen.js
ads.themoneytizer.com/s/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/gen.js?type=6
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx / PHP/5.4.45
Resource Hash
df8c0a338715a333687f5a25f14e5baedc7781aed18495b55a693734fed62e3b

Request headers

Referer
https://onotepad.com/note/vlaktpo6uyi/1030244
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 26 Dec 2020 08:23:31 GMT
content-encoding
gzip
server
nginx
x-powered-by
PHP/5.4.45
vary
Accept-Encoding
x-cache
HIT
content-type
text/html; charset=UTF-8
cache-control
max-age=86400
accept-ranges
bytes
content-length
3356
expires
Sun, 27 Dec 2020 08:22:35 GMT
/
g.themoneytizer.net/g/ 		26 B
271 B 		Script
General
Check archive.org
Download Go to
Full URL
https://g.themoneytizer.net/g/
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=6
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.193.145 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
dd62a18699d0f8d6f1cc0bfde2252c82b3fa16b63a4c12e875db57354fb633ec

Request headers

Referer
https://onotepad.com/note/vlaktpo6uyi/1030244
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 26 Dec 2020 08:23:31 GMT
Server
nginx
X-IPLB-Request-ID
D98AC71C:2F46_91EFC191:01BB_5FE6F303_6FD3978:25376
X-IPLB-Instance
29821
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
moneybile.js
ads.themoneytizer.com/ 		38 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/moneybile.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx /
Resource Hash
4006e0481f9cfffd3a579c3dcbdad1b6953e844c1e3c76a8d9f86844c98d87a3

Request headers

Referer
https://onotepad.com/note/vlaktpo6uyi/1030244
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 26 Dec 2020 08:23:31 GMT
content-encoding
gzip
last-modified
Mon, 13 Jul 2020 16:40:37 GMT
server
nginx
etag
"7ff1-981e-5aa5559ba8e59"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript
cache-control
max-age=86400
accept-ranges
bytes
content-length
16267
expires
Sun, 27 Dec 2020 08:22:59 GMT
getjs.static.js
tag.contextweb.com/ 		30 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.contextweb.com/getjs.static.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.148.27.133 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
envoy /
Resource Hash
7b95feb0faa8a803225604b1353755447550ce19b3b167143402a44aba46e011

Request headers

Referer
https://onotepad.com/note/vlaktpo6uyi/1030244
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 26 Dec 2020 08:23:31 GMT
content-encoding
gzip
x-envoy-upstream-service-time
2
server
envoy
content-length
10423
content-type
application/x-javascript; charset=utf-8
smart.js
ced-ns.sascdn.com/diff/js/
Redirect Chain
  • https://ww1097.smartadserver.com/config.js?nwid=1097
  • https://ced-ns.sascdn.com/diff/js/smart.js
32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ced-ns.sascdn.com/diff/js/smart.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba0b , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
6e8c871975be29bb26543d00cd18fa047e4b4375c0f5618d29be2d6d3be67386

Request headers

Referer
https://onotepad.com/note/vlaktpo6uyi/1030244
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 26 Dec 2020 08:23:31 GMT
Content-Encoding
gzip
Last-Modified
Tue, 10 Nov 2020 10:03:04 GMT
Server
AkamaiNetStorage
ETag
"adbdf97f38751662c160738a7d673f87:1605002589.581548"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9998

Redirect headers

location
https://ced-ns.sascdn.com/diff/js/smart.js
date
Sat, 26 Dec 2020 08:23:31 GMT
content-length
0
sync
gum.criteo.com/ 		49 B
370 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=147&r=2&j=criteoCallback
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://onotepad.com/note/vlaktpo6uyi/1030244
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
date
Sat, 26 Dec 2020 08:23:30 GMT
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
780
content-length
165
expires
60
libJsLP.js
tag.leadplace.fr/ 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.leadplace.fr/libJsLP.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=6
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.192.166 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
7438f67555b8caa3a0a6f5d41b9508499b62f181ae504364661b2a52e500363b

Request headers

Referer
https://onotepad.com/note/vlaktpo6uyi/1030244
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 26 Dec 2020 08:23:31 GMT
Last-Modified
Mon, 14 Dec 2020 17:31:01 GMT
Server
nginx/1.14.2
X-IPLB-Request-ID
D98AC71C:9B16_91EFC0A6:01BB_5FE6F303_1E4038B3:11285
ETag
"5fd7a155-dfd"
X-IPLB-Instance
30196
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
3581
/
onetag-sys.com/usync/ Frame D1F8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1608971011696
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.89.9.254 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

:method
GET
:authority
onetag-sys.com
:scheme
https
:path
/usync/?pubId=2a897e3f18e6769&cb=1608971011696
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://onotepad.com/note/vlaktpo6uyi/1030244
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://onotepad.com/note/vlaktpo6uyi/1030244

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
strict-transport-security
max-age=2592000
/
spl.zeotap.com/ Frame 8808 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?env=mWeb&uc=2&zdid=1258&eventType=map
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
spl.zeotap.com
:scheme
https
:path
/?env=mWeb&uc=2&zdid=1258&eventType=map
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://onotepad.com/note/vlaktpo6uyi/1030244
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://onotepad.com/note/vlaktpo6uyi/1030244

Response headers

date
Sat, 26 Dec 2020 08:23:31 GMT
content-type
text/html
set-cookie
__cfduid=d314dfd29d592e0b1cb5b31e6383ac34f1608971011; expires=Mon, 25-Jan-21 08:23:31 GMT; path=/; domain=.zeotap.com; HttpOnly; SameSite=Lax zc=4ee06bd2-ff32-4fdd-7a51-801c8efa8b9b; Path=/; Domain=.zeotap.com; Max-Age=63072000; SameSite=None; Secure zsc=%0Dc%A4%E7X%0C%21%B6%80%A1%24%DE%18%C5%CC%94%27%EEim%B21%1FY%B6M8%26%CFxn%02F%09%CE%0A%0B%D7Jy%09%B4%EA%C0%DEt%23%BD%F2%DAZ%29%23+h%FEll%E1%05U8%7B%FA%BD%25X%25%CE%0A%CB%BE%BF%1CF5.%B5%D0f%18%DF%94%D7%C7%CC_%3B%09r%81%5E%60%F4G%DC%FF%0C%90%F7%C9%89%A8%C2%ED; Path=/; Domain=.zeotap.com; Max-Age=86400; SameSite=None; Secure
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://onotepad.com
vary
Origin
via
1.1 google
cf-cache-status
DYNAMIC
cf-request-id
073fbe5e800000c2819d9d3000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
607966773c4ec281-FRA
content-encoding
br
requestform3.js
ads.themoneytizer.com/s/ 		46 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/requestform3.js?siteId=56659&formatId=6
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=56659&formatId=6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx / PHP/5.4.45
Resource Hash
863306a1a234d4b9b625d98ed21303013a41cddb7e8d8d893d985ed93f4afeaf

Request headers

Referer
https://onotepad.com/note/vlaktpo6uyi/1030244
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 26 Dec 2020 08:23:31 GMT
content-encoding
gzip
server
nginx
x-powered-by
PHP/5.4.45
vary
Accept-Encoding
x-cache
HIT
content-type
text/html; charset=UTF-8
cache-control
max-age=86400
accept-ranges
bytes
expires
Sun, 27 Dec 2020 08:23:31 GMT
analytics.js
www.google-analytics.com/ 		46 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-134987322-5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://onotepad.com/note/vlaktpo6uyi/1030244
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Oct 2020 03:00:57 GMT
server
Golfe2
age
5604
date
Sat, 26 Dec 2020 06:50:07 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18817
expires
Sat, 26 Dec 2020 08:50:07 GMT
requestform3.js
ads.themoneytizer.com/s/ 		48 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/requestform3.js?siteId=56659&formatId=28
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=56659&formatId=28
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx / PHP/5.4.45
Resource Hash
d78ae51c50ccc7ee9bb5a8f8a6b296635182b787a49dc4ad4c6f8b1aa0b5ccec

Request headers

Referer
https://onotepad.com/note/vlaktpo6uyi/1030244
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 26 Dec 2020 08:23:31 GMT
content-encoding
gzip
server
nginx
x-powered-by
PHP/5.4.45
vary
Accept-Encoding
x-cache
HIT
content-type
text/html; charset=UTF-8
cache-control
max-age=86400
accept-ranges
bytes
expires
Sun, 27 Dec 2020 08:23:31 GMT
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ 		36 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://onotepad.com
Referer
https://onotepad.com/note/vlaktpo6uyi/1030244
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 26 Dec 2020 08:23:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 12 Dec 2018 18:33:51 GMT
etag
"1544639631"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
9832
collect
www.google-analytics.com/j/ 		1 B
384 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j87&a=1246201693&t=pageview&_s=1&dl=https%3A%2F%2Fonotepad.com%2Fnote%2Fvlaktpo6uyi%2F1030244&ul=en-us&de=UTF-8&dt=Online%20Notepad%20-%20free%20at%20Onotepad.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=1787228213&gjid=1654616708&cid=1356369122.1608971012&tid=UA-134987322-5&_gid=876959486.1608971012&_r=1&gtm=2oubu0&z=2062332239
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://onotepad.com/note/vlaktpo6uyi/1030244
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 26 Dec 2020 08:23:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://onotepad.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
155.gif
id5-sync.com/k/
Redirect Chain
  • https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent=
  • https://id5-sync.com/c/12/0/9/1.gif?gdpr=1&gdpr_consent=
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/12/19/8/2.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
  • https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/12/19/8/2.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
  • https://id5-sync.com/c/12/19/8/2.gif?puid=76ab48178ec7e98baacde49303e25fd6&gdpr=1&gdpr_consent=
  • https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F101%2F7%2F3.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
  • https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F101%2F7%2F3.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
  • https://id5-sync.com/c/12/101/7/3.gif?puid=31397b4a-0ad4-434b-a249-409c3a8a6447&gdpr=1&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F108%2F6%2F4.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_cons...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F108%2F6%2F4.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdp...
  • https://id5-sync.com/c/12/108/6/4.gif?puid=a3fe6cf1-4753-11eb-9573-128f1f307cee&gdpr=1&gdpr_consent=
  • https://loadus.exelator.com/load/?p=1082&g=204&j=r&gdpr=1&gdpr_consent=&ru=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F103%2F5%2F5.gif%3Fpuid%3D%25%25UID%25%25%26gdpr%3D1%26gdpr_consent%3D
  • https://loadus.exelator.com/load/?p=1082&g=204&j=r&gdpr=1&gdpr_consent=&ru=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F103%2F5%2F5.gif%3Fpuid%3D%25%25UID%25%25%26gdpr%3D1%26gdpr_consent%3D&xl8blockcheck=1
  • https://id5-sync.com/c/12/103/5/5.gif?puid=e8a41f3b6f9de764d5a3eacbcb20ba67&gdpr=1&gdpr_consent=
  • https://sync.adotmob.com/cookie/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F106%2F4%2F6.gif%3Fpuid%3D%7Bamob_user_id%7D%26gdpr%3D1%26gdpr_consent%3D
  • https://id5-sync.com/c/12/106/4/6.gif?puid=05af220302d78eccb2a50f79&gdpr=1&gdpr_consent=
  • https://uipglob.semasio.net/id5/1/get?gdpr=1&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F112%2F3%2F7.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D1%26gdpr_consent%3D
  • https://id5-sync.com/c/12/112/3/7.gif?puid=${UIPID}&gdpr=1&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/id5
  • https://match.prod.bidr.io/cookie-sync/id5?_bee_ppp=1
  • https://id5-sync.com/k/155.gif?id5AccountNum=155&numCascadesAllowed=9&puid=AACYIU6_zeYAABD9bAn7Dg
0
0
wckr.php
tag.leadplace.fr/ Frame 8EB5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tag.leadplace.fr/wckr.php?id=MTIZ
Requested by
Host: tag.leadplace.fr
URL: https://tag.leadplace.fr/libJsLP.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.192.166 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash

Request headers

Host
tag.leadplace.fr
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://onotepad.com/note/vlaktpo6uyi/1030244
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://onotepad.com/note/vlaktpo6uyi/1030244

Response headers

Server
nginx/1.14.2
Date
Sat, 26 Dec 2020 08:23:31 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
X-IPLB-Request-ID
D98AC71C:9B16_91EFC0A6:01BB_5FE6F303_1E4038BF:11285
X-IPLB-Instance
30196

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
id5-sync.com
URL
https://id5-sync.com/k/155.gif?id5AccountNum=155&numCascadesAllowed=9&puid=AACYIU6_zeYAABD9bAn7Dg

Verdicts & Comments Add Verdict or Comment

66 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| __cfQR function| confiantWrap number| themoneytizer_async object| geo object| node object| eucountries object| sas object| generic function| criteoCallback object| criteo_gum object| pwidget_config object| iframe function| loadScriptTemelio function| whenFormatFctDefined function| whenDefined object| s object| x function| gtag object| dataLayer object| google_tag_manager function| $ function| jQuery object| google_tag_data string| GoogleAnalyticsObject function| ga function| MobileDetect object| md object| gaplugins object| gaGlobal object| gaData object| jQuery111305314027885712449 boolean| __cfRLUnblockHandlers string| moneytizergeo object| libJsLeadPlace object| sas_ads boolean| sas_ajax object| sas_manager object| sas_unrenderedFormats undefined| sas_callAd undefined| sas_callAds function| sas_render function| SmartAdServerAjaxOneCall function| SmartAdServer_iframe function| SmartAdServer function| SmartAdServerAjax function| sas_gcf function| sas_appendToContainer function| sascc function| sasmobile function| sas_addCleanListener function| sas_cleanAds function| sas_cleanAd number| sas_renderMode object| pp

1 Cookies

Domain/Path Name / Value
.onotepad.com/ Name: __cfduid
Value: d7c457f605e718dbc71737cb16c7192ff1608971011

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.themoneytizer.com
ajax.cloudflare.com
ajax.googleapis.com
cdn.anotepad.com
cdnjs.cloudflare.com
ced-ns.sascdn.com
fonts.googleapis.com
fonts.gstatic.com
g.themoneytizer.net
gum.criteo.com
id5-sync.com
maxcdn.bootstrapcdn.com
onetag-sys.com
onotepad.com
pngimage.net
spl.zeotap.com
tag.contextweb.com
tag.leadplace.fr
ww1097.smartadserver.com
www.google-analytics.com
www.googletagmanager.com
id5-sync.com
145.239.192.166
145.239.193.145
151.139.241.23
185.86.137.17
198.148.27.133
2001:4de0:ac19::1:b:2a
2606:4700:10::6816:1957
2606:4700:3036::6812:2c38
2606:4700:3036::681c:325
2606:4700::6810:135e
2606:4700::6810:a723
2a00:1450:4001:801::200a
2a00:1450:4001:802::200a
2a00:1450:4001:808::2008
2a00:1450:4001:809::200e
2a00:1450:4001:81e::2003
2a02:2638:1::13
2a02:26f0:6c00::210:ba0b
51.89.9.254
65.9.68.54
005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
31df1e69ea3aece8a8bae5c08bcb7f5e977cb76f886897b301355359b66a48ec
3646f6f0a22ef57c7d238ce1c443606c84376ff3f316fb0f44e976d71d604307
3f4199dd8e5efa85f97883c7da666ab58f585f9b1c741b76f83b725c31e74bd2
4006e0481f9cfffd3a579c3dcbdad1b6953e844c1e3c76a8d9f86844c98d87a3
41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c
441dfbf2d6e7e8ce0dd1fc034012a2da2a814b9d1423382de5a2c703afe66ebd
4f2e44e27922c5b68c16723d2e640904f56c1e9080c7de98c9f93aa713ea7abd
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
653e073e97423adda5bc3917a241ee8497dd38a48f14bcde0098a4e54fd0fa5e
65ab95b0a57d4fa12ccb83a19088bfc1a593c982dc9fe6f1e7ecc1eb8ab313d0
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6de242265cf0c8ac812427bcfafd48416f1deebf9164d4185be216b6d3081cea
6e8c871975be29bb26543d00cd18fa047e4b4375c0f5618d29be2d6d3be67386
7438f67555b8caa3a0a6f5d41b9508499b62f181ae504364661b2a52e500363b
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7b95feb0faa8a803225604b1353755447550ce19b3b167143402a44aba46e011
7f9164a13476744c911fea7dbab9a2924750f69f82ec1d51d2a09e64638952c0
863306a1a234d4b9b625d98ed21303013a41cddb7e8d8d893d985ed93f4afeaf
954771cbc3fb955a8b5276f2c7fb4534305896de0ea3c421049be9b198f07365
a02471c3b2173674e75b1afccff315c2d7432768d70af4f4e206931010df29d0
a820955bec8f3d7454ee14edd2f40181c69c41e2f546b7ab1e5afb6e42b832a6
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e
b13eb35473cda9fccb3e1494efcba7a63f8a85345b51db8e7e2e131b61ea45cc
b178ee68bac541f00e44b6adc26f866045c3921e844e218e309ad41029d7361f
c45dad7a996f10bb09ade6e31366835194e1b5ce8a4c902ced5f2b300aa8a6f7
c4d8dbe77feb63e5a61bee0bead4e5f66e8fa6a927599bd1b74aced52467273c
cfba43a9c23f165afb3ee8eef520fe5852e208a3d8d93aaa36f9438dc2345a8d
d455df66b848f140a80f35c72223a4cbac2b4d3da10e80d1f13ed329cd4b6d37
d78ae51c50ccc7ee9bb5a8f8a6b296635182b787a49dc4ad4c6f8b1aa0b5ccec
dd62a18699d0f8d6f1cc0bfde2252c82b3fa16b63a4c12e875db57354fb633ec
df8c0a338715a333687f5a25f14e5baedc7781aed18495b55a693734fed62e3b
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
eb65dc5a0c6098b5b4bde3b012a485b52d8a4b5e5958b08cdcd806a763a5f21b
f45f42097ab97da2bd3034f5f7331e2283a38f7147638825cd71912fe8dcbbb6
f64e3acf8069f6c79c2cee38cba6d1d5680687e41a87f4e3272493f667f7d6f4
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c