urlscan.io logo urlscan.io
SecurityTrails logo

notepad-setup.top Open in urlscan Pro
2606:4700:3030::ac43:d8e8  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://notepad-setup.top/
Effective URL: https://notepad-setup.top/
Submission Tags: falconsandbox
Submission: On January 28 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 45 IPs in 6 countries across 35 domains to perform 135 HTTP transactions. The main IP is 2606:4700:3030::ac43:d8e8, located in United States and belongs to CLOUDFLARENET, US. The main domain is notepad-setup.top.
TLS certificate: Issued by GTS CA 1P5 on January 25th 2023. Valid for: 3 months.
This is the only time notepad-setup.top was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 28 2606:4700:303... 13335 (CLOUDFLAR...)
12 185.59.220.194 60068 (CDN77 ^_^)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 143.204.215.42 16509 (AMAZON-02)
5 13.224.195.78 16509 (AMAZON-02)
1 52.33.28.104 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
4 52.213.179.146 16509 (AMAZON-02)
2 2001:4860:480... 15169 (GOOGLE)
1 13.225.78.36 16509 (AMAZON-02)
1 2.19.44.144 16625 (AKAMAI-AS)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
2 13.225.78.86 16509 (AMAZON-02)
3 2606:4700:10:... 13335 (CLOUDFLAR...)
2 13.224.189.97 16509 (AMAZON-02)
2 13.225.78.107 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:21f... 16509 (AMAZON-02)
2 162.19.138.117 16276 (OVH)
1 2001:41d0:701... 16276 (OVH)
13 2600:9000:20e... 16509 (AMAZON-02)
3 162.19.138.116 16276 (OVH)
4 2600:1901:0:4... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
10 2600:9000:20e... 16509 (AMAZON-02)
1 52.29.218.170 16509 (AMAZON-02)
1 104.18.33.19 13335 (CLOUDFLAR...)
1 35.157.0.151 16509 (AMAZON-02)
1 37.252.171.52 29990 (ASN-APPNEX)
1 2600:1901:0:d... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 34.120.133.55 396982 (GOOGLE-CL...)
1 52.213.21.133 16509 (AMAZON-02)
2 15.197.193.217 16509 (AMAZON-02)
1 13.248.245.213 16509 (AMAZON-02)
1 172.64.151.162 13335 (CLOUDFLAR...)
2 104.109.78.125 16625 (AKAMAI-AS)
1 7 69.173.144.138 26667 (RUBICONPR...)
2 3 52.46.151.131 16509 (AMAZON-02)
1 72.251.241.196 32475 (SINGLEHOP...)
1 1 34.111.151.213 396982 (GOOGLE-CL...)
1 1 3.67.159.22 16509 (AMAZON-02)
1 1 3.65.84.173 16509 (AMAZON-02)
135 45
28    2606:4700:3030::ac43:d8e8 (United States)

ASN13335 (CLOUDFLARENET, US)
notepad-setup.top
12    185.59.220.194 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: 185-59-220-194.bunnyinfra.net
static1.makeuseofimages.com
static0.makeuseofimages.com
2    2606:4700::6810:7aaf (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
2    2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    143.204.215.42 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-42.fra53.r.cloudfront.net
cdn.viglink.com
5    13.224.195.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-195-78.fra2.r.cloudfront.net
c.amazon-adsystem.com
1    52.33.28.104 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-33-28-104.us-west-2.compute.amazonaws.com
seg.ad.gt
2    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
4    52.213.179.146 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-179-146.eu-west-1.compute.amazonaws.com
api.viglink.com
2    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    13.225.78.36 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-36.fra2.r.cloudfront.net
launchpad.privacymanager.io
1    2.19.44.144 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-44-144.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
1    2606:4700:20::681a:b19 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.hadronid.net
1    2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
2    13.225.78.86 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-86.fra2.r.cloudfront.net
geo.privacymanager.io
3    2606:4700:10::ac43:17ea (United States)

ASN13335 (CLOUDFLARENET, US)
id.hadron.ad.gt
a.ad.gt
2    13.224.189.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-97.fra2.r.cloudfront.net
link.monetizer101.com
2    13.225.78.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-107.fra2.r.cloudfront.net
tagan.adlightning.com
1    2a00:1450:400d:802::2002 (Ireland)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2600:9000:21f3:2a00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
2    162.19.138.117 (France)

ASN16276 (OVH, FR)
PTR: ns31533568.ip-162-19-138.eu
lb.eu-1-id5-sync.com
1    2001:41d0:701:1000::31d2 (France)

ASN16276 (OVH, FR)
lbs.eu-1-id5-sync.com
13    2600:9000:20eb:8a00:1a:5235:f980:93a1 (United States)

ASN16509 (AMAZON-02, US)
live.primis.tech
3    162.19.138.116 (France)

ASN16276 (OVH, FR)
PTR: ns31533567.ip-162-19-138.eu
id5-sync.com
4    2600:1901:0:4277::1 (Kansas City, United States)

ASN15169 (GOOGLE, US)
aloofvest.com
2    2a00:1450:400d:80e::200a (Ireland)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
10    2600:9000:20eb:4000:1:6448:6d00:93a1 (United States)

ASN16509 (AMAZON-02, US)
video.primis.tech
1    52.29.218.170 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-218-170.eu-central-1.compute.amazonaws.com
prebid-server.rubiconproject.com
1    104.18.33.19 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
1    35.157.0.151 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-0-151.eu-central-1.compute.amazonaws.com
tlx.3lift.com
1    37.252.171.52 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
1    2600:1901:0:d733::1 (Kansas City, United States)

ASN15169 (GOOGLE, US)
scarfsmash.com
3    2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2606:4700:3034::6815:4466 (United States)

ASN13335 (CLOUDFLARENET, US)
images.getadmiral.com
1    34.120.133.55 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 55.133.120.34.bc.googleusercontent.com
api.rlcdn.com
1    52.213.21.133 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-21-133.eu-west-1.compute.amazonaws.com
id.crwdcntrl.net
2    15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
1    13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
1    172.64.151.162 (United States)

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
2    104.109.78.125 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-78-125.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
7    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel.rubiconproject.com
3    52.46.151.131 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    72.251.241.196 (Amsterdam, Netherlands)

ASN32475 (SINGLEHOP-LLC, US)
cm.adgrx.com
1    34.111.151.213 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 213.151.111.34.bc.googleusercontent.com
dmp.brand-display.com
1    3.67.159.22 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-67-159-22.eu-central-1.compute.amazonaws.com
i.w55c.net
1    3.65.84.173 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-65-84-173.eu-central-1.compute.amazonaws.com
pm.w55c.net
Apex Domain
Subdomains		 Transfer
28 notepad-setup.top
notepad-setup.top
634 KB
23 primis.tech
live.primis.tech — Cisco Umbrella Rank: 2488
video.primis.tech — Cisco Umbrella Rank: 6030
3 MB
12 makeuseofimages.com
static1.makeuseofimages.com — Cisco Umbrella Rank: 48206
static0.makeuseofimages.com — Cisco Umbrella Rank: 360693
85 KB
10 rubiconproject.com
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 900
eus.rubiconproject.com — Cisco Umbrella Rank: 537
token.rubiconproject.com — Cisco Umbrella Rank: 548
pixel.rubiconproject.com — Cisco Umbrella Rank: 308
13 KB
8 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 291
s.amazon-adsystem.com — Cisco Umbrella Rank: 271
102 KB
5 viglink.com
cdn.viglink.com — Cisco Umbrella Rank: 8869
api.viglink.com — Cisco Umbrella Rank: 12507
30 KB
4 aloofvest.com
aloofvest.com — Cisco Umbrella Rank: 22568
2 KB
4 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 948
id5-sync.com — Cisco Umbrella Rank: 389
19 KB
4 ad.gt
seg.ad.gt — Cisco Umbrella Rank: 9151
id.hadron.ad.gt — Cisco Umbrella Rank: 4308
a.ad.gt — Cisco Umbrella Rank: 3393
4 KB
3 gstatic.com
fonts.gstatic.com
82 KB
3 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1097
lbs.eu-1-id5-sync.com — Cisco Umbrella Rank: 1314
1 KB
3 privacymanager.io
launchpad.privacymanager.io — Cisco Umbrella Rank: 5742
geo.privacymanager.io — Cisco Umbrella Rank: 1665
9 KB
3 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 190
googleads.g.doubleclick.net — Cisco Umbrella Rank: 29
136 KB
2 w55c.net
i.w55c.net — Cisco Umbrella Rank: 1584
pm.w55c.net — Cisco Umbrella Rank: 693
1 KB
2 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 304
655 B
2 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 499
eb2.3lift.com — Cisco Umbrella Rank: 329
663 B
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 34
2 KB
2 adlightning.com
tagan.adlightning.com — Cisco Umbrella Rank: 1725
72 KB
2 monetizer101.com
link.monetizer101.com — Cisco Umbrella Rank: 134070
23 KB
2 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2456
300 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 40
126 KB
2 unpkg.com
unpkg.com — Cisco Umbrella Rank: 777
4 KB
1 brand-display.com
dmp.brand-display.com — Cisco Umbrella Rank: 1502
349 B
1 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1283
283 B
1 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 577
2 KB
1 crwdcntrl.net
id.crwdcntrl.net — Cisco Umbrella Rank: 1439
318 B
1 rlcdn.com
api.rlcdn.com — Cisco Umbrella Rank: 763
361 B
1 getadmiral.com
images.getadmiral.com — Cisco Umbrella Rank: 40097
1 KB
1 scarfsmash.com
scarfsmash.com — Cisco Umbrella Rank: 72211
80 KB
1 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 203
832 B
1 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 472
573 B
1 adsafeprotected.com
static.adsafeprotected.com — Cisco Umbrella Rank: 616
464 B
1 hadronid.net
cdn.hadronid.net — Cisco Umbrella Rank: 2971
11 KB
1 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1177
17 KB
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 186
27 KB
135 35
Domain Requested by
28 notepad-setup.top 1 redirects notepad-setup.top
13 live.primis.tech notepad-setup.top
live.primis.tech
10 video.primis.tech live.primis.tech
8 static0.makeuseofimages.com notepad-setup.top
5 c.amazon-adsystem.com notepad-setup.top
c.amazon-adsystem.com
live.primis.tech
4 pixel.rubiconproject.com 1 redirects
4 aloofvest.com notepad-setup.top
4 api.viglink.com cdn.viglink.com
4 static1.makeuseofimages.com notepad-setup.top
3 s.amazon-adsystem.com 2 redirects
3 token.rubiconproject.com eus.rubiconproject.com
3 fonts.gstatic.com fonts.googleapis.com
3 id5-sync.com cdn.id5-sync.com
live.primis.tech
2 eus.rubiconproject.com live.primis.tech
eus.rubiconproject.com
2 match.adsrvr.org live.primis.tech
2 fonts.googleapis.com notepad-setup.top
2 lb.eu-1-id5-sync.com cdn.id5-sync.com
live.primis.tech
2 tagan.adlightning.com notepad-setup.top
2 link.monetizer101.com notepad-setup.top
link.monetizer101.com
2 id.hadron.ad.gt cdn.hadronid.net
2 geo.privacymanager.io launchpad.privacymanager.io
2 region1.google-analytics.com www.googletagmanager.com
2 securepubads.g.doubleclick.net www.googletagservices.com
2 www.googletagmanager.com notepad-setup.top
www.googletagmanager.com
2 unpkg.com 1 redirects notepad-setup.top
1 pm.w55c.net 1 redirects
1 i.w55c.net 1 redirects
1 dmp.brand-display.com 1 redirects
1 cm.adgrx.com
1 js-sec.indexww.com live.primis.tech
1 eb2.3lift.com live.primis.tech
1 id.crwdcntrl.net live.primis.tech
1 api.rlcdn.com live.primis.tech
1 images.getadmiral.com
1 scarfsmash.com notepad-setup.top
1 ib.adnxs.com live.primis.tech
1 tlx.3lift.com live.primis.tech
1 htlb.casalemedia.com live.primis.tech
1 prebid-server.rubiconproject.com live.primis.tech
1 lbs.eu-1-id5-sync.com cdn.id5-sync.com
1 static.adsafeprotected.com notepad-setup.top
1 a.ad.gt notepad-setup.top
1 googleads.g.doubleclick.net notepad-setup.top
1 cdn.id5-sync.com notepad-setup.top
1 cdn.hadronid.net notepad-setup.top
1 secure.cdn.fastclick.net notepad-setup.top
1 launchpad.privacymanager.io notepad-setup.top
1 seg.ad.gt notepad-setup.top
1 cdn.viglink.com notepad-setup.top
1 www.googletagservices.com notepad-setup.top
135 50

This site contains links to these domains. Also see Links.

Domain
www.makeuseof.com
getadmiral.com
Subject Issuer Validity Valid
*.notepad-setup.top
GTS CA 1P5		 2023-01-25 -
2023-04-25		 3 months crt.sh
static1.makeuseofimages.com
R3		 2023-01-27 -
2023-04-27		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
viglink.com
Amazon		 2022-10-13 -
2023-11-11		 a year crt.sh
c.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-18		 a year crt.sh
*.ad.gt
Amazon		 2022-05-10 -
2023-06-08		 a year crt.sh
*.privacymanager.io
Amazon		 2022-08-26 -
2023-09-24		 a year crt.sh
secure.cdn.fastclick.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-02 -
2023-12-02		 a year crt.sh
*.hadronid.net
GTS CA 1P5		 2022-12-14 -
2023-03-14		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-07 -
2023-06-06		 a year crt.sh
static0.makeuseofimages.com
R3		 2023-01-27 -
2023-04-27		 3 months crt.sh
*.monetizer101.com
Amazon		 2022-10-24 -
2023-11-22		 a year crt.sh
*.adlightning.com
Amazon		 2022-06-09 -
2023-07-07		 a year crt.sh
static.adsafeprotected.com
Amazon		 2022-08-06 -
2023-09-04		 a year crt.sh
*.eu-1-id5-sync.com
R3		 2023-01-25 -
2023-04-25		 3 months crt.sh
*.primis.tech
Amazon RSA 2048 M01		 2022-10-24 -
2023-11-22		 a year crt.sh
*.id5-sync.com
R3		 2023-01-25 -
2023-04-25		 3 months crt.sh
aloofvest.com
R3		 2022-11-15 -
2023-02-13		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.3lift.com
Amazon		 2022-05-13 -
2023-06-11		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
scarfsmash.com
R3		 2023-01-22 -
2023-04-22		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
getadmiral.com
Cloudflare Inc ECC CA-3		 2022-04-12 -
2023-04-12		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2022-05-01 -
2023-06-02		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2022-03-01 -
2023-03-28		 a year crt.sh

This page contains 7 frames:

Primary Page: https://notepad-setup.top/
Frame ID: DF1506D4EEA68E65996CD2A3BE70C471
Requests: 96 HTTP requests in this frame

Frame: https://notepad-setup.top/?_=%2Fstatic%2Fcookie-sync.html%23D0ZmU6%2BV0dz%2B%2FB91B6Ga1OONyH%2F3dRGyhE8S
Frame ID: 6DEBF16B95EF2584C8F394467E7DE54B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230124/r20190131/zrt_lookup.html
Frame ID: FAA2892DBDE3AE6A1D50D1C3DD9B4D15
Requests: 1 HTTP requests in this frame

Frame: https://live.primis.tech/live/liveView.php?s=108507&subId=[MUO-Reg-Org]&x=728&y=410&cbuster=1674895900&pubUrlAuto=https%3A%2F%2Fnotepad-setup.top%2F&isDoublePreroll=1&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Frame ID: 2DAE96E6E99B606CC54506E3F0959346
Requests: 22 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?us_privacy=1---&
Frame ID: 2DAB19F1F456D8F7DAEC48C41DC43B08
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 0633A30FA431004430BE3ACAD3717F84
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=0&us_privacy=1---
Frame ID: 9F315A1A859D6B7E702B19C15285D458
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Onyx Boox Note Air 2 Review: The Best 10.3-inch eReader and Digital Notepad of 2022user-signalchecklistsettings-toggle-horizontal

Page URL History Show full URLs

  1. http://notepad-setup.top/ HTTP 301
    https://notepad-setup.top/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Page Statistics

135
Requests

96 %
HTTPS

40 %
IPv6

35
Domains

50
Subdomains

45
IPs

6
Countries

4105 kB
Transfer

8423 kB
Size

14
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://notepad-setup.top/ HTTP 301
    https://notepad-setup.top/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21
  • https://unpkg.com/web-vitals@3/dist/web-vitals.attribution.iife.js HTTP 302
  • https://unpkg.com/web-vitals@3.1.1/dist/web-vitals.attribution.iife.js
Request Chain 116
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&us_privacy=1--- HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&us_privacy=1---&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=GuzV4NXTRAetGyuEwgYh9g&rk=usync-na&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=GuzV4NXTRAetGyuEwgYh9g&gdpr=0
Request Chain 118
  • https://dmp.brand-display.com/cm/api/rubicon?gdpr=0&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=538100&nid=5446&put=be8ebc3e-edf0-3525-492f23c7
Request Chain 120
  • https://i.w55c.net/ping_match.gif?ei=RUBICON&rurl=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4210%26nid%3D1523%26put%3D_wfivefivec_%26expires%3D30&gdpr=0&us_privacy=1--- HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=RUBICON&rurl=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4210%26nid%3D1523%26put%3D_wfivefivec_%26expires%3D30&gdpr=0&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4210&nid=1523&put=6lhefvEa1PlGW25&expires=30&gdpr=0&us_privacy=1---

135 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
notepad-setup.top/
Redirect Chain
  • http://notepad-setup.top/
  • https://notepad-setup.top/
927 KB
151 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://notepad-setup.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:d8e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0cfe0e4dd888db715508c496430992827c21e9faccf5de2bc4bfcc6a0bc545e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store
cf-cache-status
DYNAMIC
cf-ray
79087cc2cf7e9be0-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 28 Jan 2023 08:51:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bYXGbXPBnE5%2FjAoNlq67UNWld1jClbGSKXq0qyGsscTKXQjv0C1Np9Jh79bzKoeHd8E63IXsf%2FlL1PAh4hue18UlZYFtni1rnu5fn9stOgjou2VHY623LMdPjYuB4jBnhfTmLQPjf0K9GCAJ07BnSA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

CF-RAY
79087cc28abc696a-FRA
Cache-Control
max-age=3600
Connection
keep-alive
Date
Sat, 28 Jan 2023 08:51:38 GMT
Expires
Sat, 28 Jan 2023 09:51:38 GMT
Location
https://notepad-setup.top/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u%2FyBsD%2FQhV%2FSacAa1XK3dmIud5YCpsa78HK%2FyVMFYSafD9j9NweDklQY6qu%2BUemwD7JlQ%2BTFCMEICLCYQEFlcVP9fpYcbU2S%2B2Allr69MxL6EqF%2BVwkUCjXF8bsy63KBPPEt0Ge%2FClifcm2xHzc%2Bwg%3D%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
/
notepad-setup.top/ 		37 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://notepad-setup.top/?q=50&fit=contain&w=1140&h=&dpr=1.5&_=%2Fwordpress%2Fwp-content%2Fuploads%2F2022%2F09%2Fboox-air-2-awarded-editors-choice.jpg%23D0ZmU6%2BV0dzg6hdlQK%2FKiOiJxnbwYwLzgUkSznzT1YgEXX8%3D
Requested by
Host: notepad-setup.top
URL: https://notepad-setup.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:d8e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2601712adcbc521edc93cb124cd334eb6426b56e1604b110ce01e0aa52f612b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notepad-setup.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 28 Jan 2023 08:51:39 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fTAM7LQr02TNOsDxCE6PlwZBA5AnkdsnQoGk6WG8mIKnQyFypQS7cws46FPvjAnfy8EI1OIS38B0BQgkfK2wnMgH%2BbZo7jb8IwSKz9yvwxx9KePjhiI6Hbo1ehpTxcBCw2%2Fn8vpMqYgW2zZFQshJBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/avif
cf-ray
79087cc74f049be0-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
38337
/
notepad-setup.top/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://notepad-setup.top/?_=%2Fpublic%2Fbuild%2Ffonts%2Froboto%2Froboto-regular.woff2%23D0ZmU6%2BV0dzk6QE%2FRK2Qw%2FCbyHzjPgTzig%3D%3D
Requested by
Host: notepad-setup.top
URL: https://notepad-setup.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:d8e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3

Request headers

Referer
https://notepad-setup.top/
Origin
https://notepad-setup.top
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 28 Jan 2023 08:51:39 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ad6HwDbJa8OvozeEHu4qSM0%2ByR52g8yaIpn%2FJH%2BqifCdA3c3CQWnl2pHO7yEts5%2FV%2B3T3E1Ll3%2FutOCgEXP%2FzGHq%2BBuJineFVZdEYp%2F5CE8ZL3K3VbFMOaZtScYFPOBHXv683qZam%2Fyl4nfBAyYnhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cf-ray
79087cc74f0c9be0-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15736
/
notepad-setup.top/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://notepad-setup.top/?_=%2Fpublic%2Fbuild%2Ffonts%2Froboto%2Froboto-italic.woff2%23D0ZmU6%2BV0dzk6QE%2FRK2Qw%2FCbyHzjPgTzig%3D%3D
Requested by
Host: notepad-setup.top
URL: https://notepad-setup.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:d8e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
401e6c25801ba2d59795d05a6dd973f95566b41070d3939ba9307d65860ae50e

Request headers

Referer
https://notepad-setup.top/
Origin
https://notepad-setup.top
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 28 Jan 2023 08:51:39 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yf4sGHp%2FkqK6PbK9lKmgw8IxtjyTG2gx369L%2BfeQFAkDG8A1Tz9pik4UJxqcTsfL0edKEO8vAow8dSNunuIcqYGWzdhX1y9iBR2ENVjFFi8Eb7nMJq54ETm9ZP82VsK7w1tpb0Jn4ZHA9XFYUXsUCg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cf-ray
79087cc74f0e9be0-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
17324
/
notepad-setup.top/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://notepad-setup.top/?_=%2Fpublic%2Fbuild%2Ffonts%2Froboto%2Froboto-700.woff2%23D0ZmU6%2BV0dzk6QE%2FRK2Qw%2FCbyHzjPgTzig%3D%3D
Requested by
Host: notepad-setup.top
URL: https://notepad-setup.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:d8e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4d07892cde715d50bb69c1982df496385d1dfd8f9d1867c31f19a3c8634cfae

Request headers

Referer
https://notepad-setup.top/
Origin
https://notepad-setup.top
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 28 Jan 2023 08:51:39 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EzhDQWQkSJd6X8xrv6XrhG42XGnB2z0B6mKrIXLKFen%2FSfQcIW9ohcK3zZLFtXCW4j4qQ5OQKK6tCgWQDBbYywweMKRiU7enlg6fc3peX2zZCs5DpzBUGHSAPiGcA5h3Fsy%2FcEq9AHoaXNPBrTueIA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cf-ray
79087cc74f119be0-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15816
/
notepad-setup.top/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://notepad-setup.top/?_=%2Fpublic%2Fbuild%2Ffonts%2Ficons%2Ficomoon.woff2%23D0ZmU6%2BV0dzk6QE%2FRK2Qw%2FCbyHzjPgTzig%3D%3D
Requested by
Host: notepad-setup.top
URL: https://notepad-setup.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:d8e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e030dc9c696efb237ce86789956f52d51730e5deb5c20285bca9612dbdc8bc8b

Request headers

Referer
https://notepad-setup.top/
Origin
https://notepad-setup.top
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 28 Jan 2023 08:51:39 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l36yjAutqgTZsYoPh%2Bm11p6C4OF%2FcXgAOPg1LRmKznC9d%2FnJs9VXrUskLrCYJKT2fqypXciWjqWeD9PmK8BnMxNikvx2PA0LKaidazPauBIBe5Afht7TqW31E3riFeVL194GMMlu64ihSYJh%2Bi%2FwdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cf-ray
79087cc74f139be0-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
12916
/
notepad-setup.top/ 		24 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://notepad-setup.top/?_=%2Fpublic%2Fbuild%2Ffonts%2Ficons%2Ficomoon.woff%23D0ZmU6%2BV0dzk6QE%2FRK2Qw%2FCbyHzjPgTzig%3D%3D
Requested by
Host: notepad-setup.top
URL: https://notepad-setup.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:d8e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
abed00e3dd02509ec2ca038999352ed2603153c804846559d4e1eb78995ecf8f

Request headers

Referer
https://notepad-setup.top/
Origin
https://notepad-setup.top
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 28 Jan 2023 08:51:39 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NYN9bh5SmkanH%2BolcErHCJLm3Jf64tRfcZ3EYXmvcL3ReWHTlW%2Ba%2Bs%2BILL8262drQHTJrjeLNDTeL3iH%2FQWqgiVGa7KCKcQplYSBXt0P5L8JJubFd3fJaY%2FLqPAFzC2%2BJRghQ9ZywWfT1oEpJRuw5g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
cf-ray
79087cc74f169be0-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
24900
/
notepad-setup.top/ 		224 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://notepad-setup.top/?id=G-BQB02LSDHV&_=%2Fgtag%2Fjs%23D0ZmU6%2BV0dzk6QE%2FTqOUwemN2XLifQbyhkca3TXVycs%3D
Requested by
Host: notepad-setup.top
URL: https://notepad-setup.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:d8e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f0804ed670f8eb8956cf167da830b8413d728f8d0d8131a5c8c7f631f4b6d869

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notepad-setup.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 28 Jan 2023 08:51:39 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eJRWWUXx1a4CakpmwmlHUxiWQQCniW%2FtYkBL4LeR7aBnOYKhFtmiIEPxkhv5M4sX9I5jD4SPR0Ml2JfXEC8R3i7mOOAqgKzCGUOqZS%2F90%2B5InLMZJMmEBuxyKeIW2YhPc3YBNWHytNB3UH2MEPCswQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cf-ray
79087ccaeb82bba4-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
/
notepad-setup.top/ 		311 KB
43 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://notepad-setup.top/?_=%2Fpublic%2Fbuild%2Farticle-product-review.148d6bd6.css%23D0ZmU6%2BV0dzk6QE%2FRK2Qw%2FCbyHzjPgTzig%3D%3D
Requested by
Host: notepad-setup.top
URL: https://notepad-setup.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:d8e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7d8e023420d4971557afdfbd1bde90b26d7488907c3d8993564e320ba2b2b9a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notepad-setup.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 28 Jan 2023 08:51:39 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jBzs%2FxEo34vWzyuEof3vTN3R3dmcqqS30ItcYmiRj6jUzrA01P5f9eowTeggxOOQZdzbh5EmAZsKSn04dNQF%2F%2Fde%2F3BVFz0m6Qp2Aa0t%2BaSON4lHvpeoUrGsJxCume%2BlX%2BrX%2B2GsgWwMgp7oCXCy0w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css;charset=UTF-8
cf-ray
79087cc74f089be0-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
/
notepad-setup.top/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://notepad-setup.top/?_=%2Fpublic%2Fbuild%2Fvalnet-header.38f02c41.js%23D0ZmU6%2BV0dzk6QE%2FRK2Qw%2FCbyHzjPgTzig%3D%3D
Requested by
Host: notepad-setup.top
URL: https://notepad-setup.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:d8e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
51489103b165d141f38eb02e87cb836e3c0e1719fcb39625ab1aa8016099c0c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notepad-setup.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 28 Jan 2023 08:51:39 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZEXi%2FLazjb%2FnrnEJ0L08eD6Tq0yFFCiSVH0lkY6IiqyuOSu4Ib3uzl5TvQ8oPNTVPbyoBrgymEiNTnhdR0A3cMNo9SKTNzUItPQtek%2BELKPwm5MocYHOV38A8eGgBrGaCWVlyouyVMtDNiUqxfHQ9g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cf-ray
79087ccaeb83bba4-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
/
notepad-setup.top/ 		39 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://notepad-setup.top/?_=%2Fvalnet%2Fop.js%23D0ZmU6%2BV0dzn%2FxFwR%2BKawumBynvxfg7ygA4cwHY%3D
Requested by
Host: notepad-setup.top
URL: https://notepad-setup.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:d8e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a786828acd09faff9e508f375899ea497a1c22a3dde8c2c79f27a15f38a1a3a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notepad-setup.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 28 Jan 2023 08:51:39 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ck1u%2B%2F0M45YI%2BHbeMuzoxu6N7TFtlhljUZXC9d25eBOcV5SsyJgZiQTwXna%2B0%2FbAI6%2BjdgQn%2FqeZ7ye9AjE0Jf4IaHGxNYJrjNlsxvIABWruWDBQ6MnY4MIEj2GsgxyqHYDsed9FOjaJ1ns%2BZ8%2FmBw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cf-ray
79087ccaeb84bba4-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
/
notepad-setup.top/ 		147 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://notepad-setup.top/?_=%2Fpagead%2Fjs%2Fadsbygoogle.js%23D0ZmU6%2BV0dzj%2FxF0SKjJiOKHwnTpdRTliUQWzHrCz8kJHHFMsQ%3D%3D
Requested by
Host: notepad-setup.top
URL: https://notepad-setup.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:d8e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
937f3d59a81e2a4ea2a2f70ad605e62465d54c8ecb39ae7decdeb2cb4f5973ec

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notepad-setup.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 28 Jan 2023 08:51:39 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5hYvbRwqbkx7QlMHKPWAXEsBk6ZMhQRTnF8%2BHfY1P1fNa42M9CNzyKquQYYUZYWPh6sFO4WjDaTHwoe6RcOc71N0uQg3zxp99f95d090AF1jNvD34Xscs09NzcJyuM%2FxCtKRVXHMiaC3%2BRo8cgXqUg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cf-ray
79087ccaeb85bba4-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
/
notepad-setup.top/ 		25 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://notepad-setup.top/?_=%2Flatest%2Flaunchpad.bundle.js%23D0ZmU6%2BV0dz%2F%2FwN%2FSqSLx%2BHG3WHsZgb%2Fnk0ewXrRw9RJW30%3D
Requested by
Host: notepad-setup.top
URL: https://notepad-setup.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:d8e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b9d318b3157ccbfc3bb00e82a446613294f9a592c01537662386bd848882b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notepad-setup.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 28 Jan 2023 08:51:39 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b3%2FYXcHt4UF3luhcu4Pd%2BPfxiZUcqO%2F8EsR0DESmk1A0zi9m1ieWe7MIiFm%2F27Kt7dE6IbDllHhVJDMPnoOk1FEsGSXwF0fKo2nNzItPWxVWnrb%2FZXK%2BY3b7p2g6F3Y3RfcfRNDwgwqSfKwFKxEmVA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cf-ray
79087cc74f199be0-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
/
notepad-setup.top/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://notepad-setup.top/?_=%2Fb1c80b5e-e909-4d5d-ba94-1d63bb1c4212%2Flaunchpad-liveramp.js%23D0ZmU6%2BV0dz%2F%2FwN%2FSqSLx%2BHF2mHkYBf5lQ4P3XLAx8UeX3NNvcibgb33GQ%3D%3D
Requested by
Host: notepad-setup.top
URL: https://notepad-setup.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:d8e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1fd2f32ff8f7faa45f37f017373f5aed9e8fa2592777558dceb6279d2c6b6c1f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notepad-setup.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 28 Jan 2023 08:51:39 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NTDjFonafACkzri5J1WB1wudjA05PM%2FLeAPN%2Ff4i4qHJAMwoBKzcKotcBBO6AXE%2BIuMSI6jTSmlioLehOvkXazFIQynJy14glmTKqcRUxcBlnsFPVyCTDJ6Jddx4X%2BasIlDz4K%2FsvbV08Ln%2F%2BPX6Kg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript;charset=UTF-8
cf-ray
79087ccaeb86bba4-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
/
notepad-setup.top/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://notepad-setup.top/?_=%2Fpublic%2Fbuild%2Fimages%2Fmuo-logo-full-colored-light.svg%23D0ZmU6%2BV0dzk6QE%2FRK2Qw%2FCbyHzjPgTzig%3D%3D
Requested by
Host: notepad-setup.top
URL: https://notepad-setup.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:d8e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd23de031552a01a4a69b8c051f986b5368d714185cf8b02f352dd8e3f2561df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notepad-setup.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 28 Jan 2023 08:51:39 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zFQ7%2F6yucNi%2BjG92q0N9FxnSQIWlNS%2BCesFB6Jejth3Jnd2zCaJMzapGpmzhlUGCvVKiD7xQ6Jxzl%2BG%2FFNWHfh1tyU0tLywvx18YpU1lgfTWpb%2FiY40B42l1Xx8Jbx%2F9z48boSl2rnjX1wZoPkg2CQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cf-ray
79087ccaeb87bba4-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
boox-air-2-awarded-editors-choice.jpg
static1.makeuseofimages.com/wordpress/wp-content/uploads/2022/09/ 		37 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static1.makeuseofimages.com/wordpress/wp-content/uploads/2022/09/boox-air-2-awarded-editors-choice.jpg?q=50&fit=contain&w=1140&h=&dpr=1.5
Requested by
Host: notepad-setup.top
URL: https://notepad-setup.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.59.220.194 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
185-59-220-194.bunnyinfra.net
Software
BunnyCDN-DE1-713 /
Resource Hash
b2601712adcbc521edc93cb124cd334eb6426b56e1604b110ce01e0aa52f612b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notepad-setup.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 28 Jan 2023 08:51:39 GMT
cdn-edgestorageid
1082
cdn-cachedat
01/27/2023 21:33:15
cdn-pullzone
1165051
content-disposition
inline; filename="boox-air-2-awarded-editors-choice.avif"
content-length
38337
x-request-id
yjJIvKR5j1hUfklvLCYiX
server
BunnyCDN-DE1-713
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
"xoRvuS4ZnHisEg6BUerMT0PfO_5il3YVAh1-hGgkyj4/RIndwSTNlUnBmX29IcjVCR2ROWlJhNmci"
access-control-allow-methods
GET, OPTIONS
content-type
image/avif
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
1bdb6511-4d52-4155-8068-50426668f87a
cache-control
public, max-age=31919000
cdn-requestid
476f3f2bbf90f26f7dd70130d20926ed
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
email-decode.min.js
notepad-setup.top/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://notepad-setup.top/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: notepad-setup.top
URL: https://notepad-setup.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:d8e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notepad-setup.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 28 Jan 2023 08:51:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 23 Jan 2023 11:05:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"63ce6a10-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sIPWGjul5TiQLXksRDl%2B%2FxluFj4%2BZYSaxH6pvRE2RAasvWZNWj7qS6MySILq%2BQQne5YKklPREyY7ogzrh1RM8y4Bjz%2BZuadNvoLcDkOC5PIDeZyHTJUsijMtiFBreJnsMB7YVyrc6B6i2XG0rEM%2BnA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
79087ccaeb7fbba4-FRA
expires
Mon, 30 Jan 2023 08:51:39 GMT
/
notepad-setup.top/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://notepad-setup.top/?_=%2Fwidget%2Fcode%2F1424.js%23D0ZmU6%2BV0dz%2F9xh6B6GUyOCcxGngYlas1g4cwHY%3D
Requested by
Host: notepad-setup.top
URL: https://notepad-setup.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:d8e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
72c412b210de9247ec883755029c564b93f3a22f8f91f522063162cfa428aa87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notepad-setup.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 28 Jan 2023 08:51:39 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rg2khMiAzPXWYJDE7v4xYnGipn%2BusywyI11%2Bm358uUaK27NW%2F4hfaH5KKhuec4vAeCRUQ%2BbD8Kb0wmJX5aQttA0P8Ks36iNwsHfGy9gWY8qHUXmSSAhgCRdULMh0joCvttbg7OnUGcLr36XrrflsPA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cf-ray
79087ccaeb88bba4-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
/
notepad-setup.top/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://notepad-setup.top/?_=%2Fpublic%2Fbuild%2Fvalnet-footer.f1af4736.js%23D0ZmU6%2BV0dzk6QE%2FRK2Qw%2FCbyHzjPgTzig%3D%3D
Requested by
Host: notepad-setup.top
URL: https://notepad-setup.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:d8e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4195236eb117ef669a3eff5c6f7c19ee06e483e2f15531469f62fc1a2852e9c6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notepad-setup.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 28 Jan 2023 08:51:39 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pc1UyIQXV%2B7qC4VcR6KaM7pKBG04HrVkuIwhZ2%2BW52kXwJHrbHrvgde20uGqny3DzEnt1hHNnEser%2BfNiXDueeqkxesO1CCI9Rc%2B5RPBD9A%2F20bdylkfE%2BKafTEFzkL3d33sIH%2FFEl%2BEFqHkP36Uwg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cf-ray
79087ccaeb89bba4-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
/
notepad-setup.top/ 		25 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://notepad-setup.top/?_=%2Fpublic%2Fbuild%2Fvalnet-footer-article.2076c304.js%23D0ZmU6%2BV0dzk6QE%2FRK2Qw%2FCbyHzjPgTzig%3D%3D
Requested by
Host: notepad-setup.top
URL: https://notepad-setup.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:d8e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36cf2479602a9aea6922ac8ac7413235d1696c522589065378698e96f0e8995d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notepad-setup.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 28 Jan 2023 08:51:39 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kdVG%2FE5oTOvS4QIIT2iAlh3AvhXMnbzfIVznzJ82xvJVA9p9VL6w9QacXAHYZ1hesIXTVknzzVC%2B3JFUZk9Os8FZXgAosUjFIRu%2FTY1yoLCbw5UpgivJ02Sl39W5pbTDiNskcnQnYqem2%2FeqKDWAGg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cf-ray
79087ccaeb8bbba4-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
/
notepad-setup.top/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://notepad-setup.top/?_=%2Fpublic%2Fbuild%2Fvalnet-footer-buyersGuide.a5b24388.js%23D0ZmU6%2BV0dzk6QE%2FRK2Qw%2FCbyHzjPgTzig%3D%3D
Requested by
Host: notepad-setup.top
URL: https://notepad-setup.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:d8e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1178dde60f1bb0f50d423b806951b819e06f2489de18ea16260edf3819d77217

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notepad-setup.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 28 Jan 2023 08:51:39 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ojS%2BzrKsxWog66IpdqufJIB3zGKAJ7shipaWnpcjjpZtMK4bjvWr8bRwPd0T3HaYNOA3l0Yp9wUnp%2BsBs3TZOCJ8iLZ7gNFdYOJQWlYkjJEnseiVRhq9NHUvz4MM3LxDgWcEGjP%2FwAsUoX9Wfrnz0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cf-ray
79087ccaeb8ebba4-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
/
notepad-setup.top/ 		63 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://notepad-setup.top/?v=1674509870&_=%2Fadsninja_client.js%23D0ZmU6%2BV0dzy%2BgV%2FQKKRx6uLzA%3D%3D
Requested by
Host: notepad-setup.top
URL: https://notepad-setup.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:d8e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
06f9845067a408e5eeb5f3ced5c3ba8eb8a4568d451d69a2166fb697a44ff58c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notepad-setup.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 28 Jan 2023 08:51:39 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sB09bWXtTuUvtdSZfaNkPBi90c03EyJHTwnVZSDJ2qWw%2BBDLhErnrU6fBsN1gl9Qgxj5CHmPgjIXmxvYYHj1gljKnWSeQZyG3NkzowC7uABA%2BS79mEfGf7qgYUV69urjDOZI2ivNlJas9Izsq4sN9A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cf-ray
79087ccaeb8fbba4-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
web-vitals.attribution.iife.js
unpkg.com/web-vitals@3.1.1/dist/
Redirect Chain
  • https://unpkg.com/web-vitals@3/dist/web-vitals.attribution.iife.js
  • https://unpkg.com/web-vitals@3.1.1/dist/web-vitals.attribution.iife.js
10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/web-vitals@3.1.1/dist/web-vitals.attribution.iife.js
Requested by
Host: notepad-setup.top
URL: https://notepad-setup.top/
Protocol
H2
Server
2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c117ba569159a2a2daeb0c8fb94eed5d76e4780337bc87169f2d095175463b6d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notepad-setup.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 28 Jan 2023 08:51:39 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
1507763
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01GPEV964EX2NJCH5TSCW037MA-fra
server
cloudflare
etag
W/"2761-hSsgfzU89eN56ycstyO5aJpFKKw"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
79087ccb49eabb7d-FRA

Redirect headers

date
Sat, 28 Jan 2023 08:51:39 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
fly-request-id
01GQVRYMGFSYDRKX8D90Q3MTDC-fra
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
256
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
location
/web-vitals@3.1.1/dist/web-vitals.attribution.iife.js
cache-control
public, s-maxage=600, max-age=60
cf-ray
79087ccb099abb7d-FRA
gtm.js
www.googletagmanager.com/ 		128 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TBXVR8R
Requested by
Host: notepad-setup.top
URL: https://notepad-setup.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0d8796f34f3382f78df61bcc4b9742654ffee16780caf4c2ae04e0344ab07e7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notepad-setup.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 28 Jan 2023 08:51:39 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49015
x-xss-protection
0
last-modified
Sat, 28 Jan 2023 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 28 Jan 2023 08:51:39 GMT
/
notepad-setup.top/ 		577 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://notepad-setup.top/?_=%2Fv2gkdtcolbyyvETUl8BRxrOr2e50_I7MAvHoA1avRR_S9Erkyjiz8Kn0%23D0ZmU6%2BV0dzy8hl%2BT7qe1fHGznzo
Requested by
Host: notepad-setup.top
URL: https://notepad-setup.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:d8e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
836a32d58eb59ce390cfcb05a830664f254cfaec8452408a6fe468ce154c2f1d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notepad-setup.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 28 Jan 2023 08:51:39 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BxzTK534BYsU0J8lYEruPUQoVeBXW598ucYI1cGOfXtH7XrYlB0ZdloWdlAPDV50B74CVsC2S6mDIG1dxBJwWgz1xCH4wyKXNXaPTMDoMWPdffusKo1C51XE10sYmIX%2B4dbiwIAe35khXsr4Ggvvfw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
cf-ray
79087ccaeb90bba4-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
/
notepad-setup.top/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://notepad-setup.top/?_=%2Fv2iqpkB3dQ3ulvMaF68ut78WYFBZnHICbwJ4bXoCGwW7phyyw6rFWwD_O1iGdjOcIv5EMEbi1%23D0ZmU6%2BV0dzy8hl%2BT7qe1fHGznzo
Requested by
Host: notepad-setup.top
URL: https://notepad-setup.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:d8e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97a449cbc62e283f23b095028dd6d47b66ebe35e8e68ed0ed4a20a89b517dfc7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notepad-setup.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 28 Jan 2023 08:51:39 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SRiNiU%2Be9knzyKweMcisMNLuHj6DPr1KfzrGNQjBSV6ConoFQQRp3%2Fvv6XqDPjv1YZ8RvShrLCJUuEZx%2F4KPAIxLOddY%2F0FjDDK%2FQ3eX8ddjxmmtujhM7YwjgMU9IKAUlp9SP3WtjkFHpE4AgrYuFA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
cf-ray
79087ccaeb92bba4-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
gpt.js
www.googletagservices.com/tag/js/ 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: notepad-setup.top
URL: https://notepad-setup.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5f9fc03eee3d731cd12ddaffd694c2853bb19e5e4d31a57849908799410a2fac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notepad-setup.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 28 Jan 2023 08:51:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27594
x-xss-protection
0
server
sffe
etag
"1465 / 560 of 1000 / last-modified: 1674860937"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 28 Jan 2023 08:51:39 GMT
vglnk.js
cdn.viglink.com/api/ 		81 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viglink.com/api/vglnk.js
Requested by
Host: notepad-setup.top
URL: https://notepad-setup.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-42.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
73073ed7160406dcfbe826dcabd7ec807cf2aa72afe0303424f518767120cf2e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notepad-setup.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 22 Jan 2023 10:37:32 GMT
content-encoding
gzip
via
1.1 d01ad8df731d3f120823f9e20df55146.cloudfront.net (CloudFront)
last-modified
Wed, 02 Dec 2020 18:57:12 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
512047
etag
"072eaf64a771815874455704fca9301b"
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
28567
x-amz-cf-id
D24nbFPsekWAbGWJKJYZ-jLBwJS7AVZs1CFnlqwONcsV_pMJeyvdAQ==
apstag.js
c.amazon-adsystem.com/aax2/ 		191 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: notepad-setup.top
URL: https://notepad-setup.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.195.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-195-78.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c0d19353c945d66184d063ccb4c33fa2e2014c35b8a7a8a56416e34531f90e92

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notepad-setup.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 28 Jan 2023 08:38:48 GMT
content-encoding
gzip
via
1.1 75a13c74495137fb5435dc4030981df6.cloudfront.net (CloudFront), 1.1 e976f829f2d1c4787d42d0595ae7cf74.cloudfront.net (CloudFront)
last-modified
Wed, 25 Jan 2023 21:28:24 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA2-C1
age
772
x-amz-server-side-encryption
AES256
etag
W/"676ff20d9a1610954eca1e1b18855dbf"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
nXUWRyDwYi4thRdi6tmvgzKnSU3NgaSON_dwfAss9Ve1gv1sdtpAJw==
segments.js
seg.ad.gt/api/v1/ 		0
52 B 		Script
General
Check archive.org
Download Go to
Full URL
https://seg.ad.gt/api/v1/segments.js?partner_id=269&url=https%3A%2F%2Fnotepad-setup.top%2F
Requested by
Host: notepad-setup.top
URL: https://notepad-setup.top/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.33.28.104 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-33-28-104.us-west-2.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notepad-setup.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 28 Jan 2023 08:51:39 GMT
server
nginx/1.20.0
/
notepad-setup.top/ Frame 6DEB 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://notepad-setup.top/?_=%2Fstatic%2Fcookie-sync.html%23D0ZmU6%2BV0dz%2B%2FB91B6Ga1OONyH%2F3dRGyhE8S
Requested by
Host: notepad-setup.top
URL: https://notepad-setup.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:d8e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e8fce31f4f11b5d05b1bb1c66a5478b13107c304f7ca35746a336a248b9e994

Request headers

Referer
https://notepad-setup.top/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
79087ccb9c90bba4-FRA
content-encoding
br
content-type
text/html;charset=UTF-8
date
Sat, 28 Jan 2023 08:51:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6bEsEQndzaoG4gUTNRxIR%2F1FL97Qyamt5FyVXYz5Cp0kTfZk7RTgJDnahprJrk5jLywwV6V5k%2B2A7%2FlmGKxRKyn031Wn7sdrbehhkI1365NvECtjzFdxBoQZY1AZ5Znzn4fg8euuKS7JXpLBTVnp%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
pubads_impl_2023012301.js
securepubads.g.doubleclick.net/gpt/ 		385 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012301.js?cb=31071867
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
79e66558ee620ce57bc0a6be17a96c32074065e763b49f0be5551799623943a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notepad-setup.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 27 Jan 2023 14:44:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
65238
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
133281
x-xss-protection
0
last-modified
Mon, 23 Jan 2023 09:36:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 27 Jan 2024 14:44:21 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		39 B
584 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=notepad-setup.top
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6e0ad36cadba072b731b4438d9c013ad3659d94390485f314b4a9a98d8a9037b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notepad-setup.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 28 Jan 2023 08:51:39 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Sat, 28 Jan 2023 08:51:39 GMT
/
notepad-setup.top/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://notepad-setup.top/?_=%2Fpublic%2Fbuild%2Fimages%2Fmuo-logo-full-white.4cb68477.svg%23D0ZmU6%2BV0dzk6QE%2FRK2Qw%2FCbyHzjPgTzig%3D%3D
Requested by
Host: notepad-setup.top
URL: https://notepad-setup.top/?_=%2Fpublic%2Fbuild%2Farticle-product-review.148d6bd6.css%23D0ZmU6%2BV0dzk6QE%2FRK2Qw%2FCbyHzjPgTzig%3D%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:d8e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a19c16200fd418a277a18eb823f8289458bfaebb8a8b16340c6bd7cca8cb94b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notepad-setup.top/?_=%2Fpublic%2Fbuild%2Farticle-product-review.148d6bd6.css%23D0ZmU6%2BV0dzk6QE%2FRK2Qw%2FCbyHzjPgTzig%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 28 Jan 2023 08:51:40 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RejUDl2i7wSqHtkpVTVAmjyi%2FsfemaHQ%2FtpXiJBIZoLKUWyF61MGTDA1Bsmsr4%2BXGJaUlwTEJTRP0IPJV6NTYBRa5oL28YWmoTlJxT62ceXWx6F7SHMm26XLAhJRB%2FV%2F%2Fr9nYoRyecQm3Q3qHzynew%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cf-ray
79087ccbacbfbba4-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
js
www.googletagmanager.com/gtag/ 		224 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-BQB02LSDHV&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TBXVR8R
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2717c6be895dfdfb028cfe3bc3695b1b6e7fcd1144cc12a1ec5108ec67ed5493
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notepad-setup.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 28 Jan 2023 08:51:39 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
79553
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 28 Jan 2023 08:51:39 GMT
ping
api.viglink.com/api/ 		272 B
722 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.viglink.com/api/ping
Requested by
Host: cdn.viglink.com
URL: https://cdn.viglink.com/api/vglnk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.179.146 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-179-146.eu-west-1.compute.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
b0ee2f6699cdb043d49460eb8e0b055b00f7326671957f30e01e53d20d74cdda

Request headers

Referer
https://notepad-setup.top/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Sat, 28 Jan 2023 08:51:38 GMT
Server
Apache-Coyote/1.1
P3P
CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin
https://notepad-setup.top
Content-Type
text/javascript;charset=UTF-8
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
272
Expires
Thu, 01 Jan 1970 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
255 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-BQB02LSDHV&gtm=2oe1p0&_p=1045518655&cid=81787994.1674895900&ul=en-us&sr=1600x1200&uaW=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1674895899&sct=1&seg=0&dl=https%3A%2F%2Fnotepad-setup.top%2F&dt=Onyx%20Boox%20Note%20Air%202%20Review%3A%20The%20Best%2010.3-inch%20eReader%20and%20Digital%20Notepad%20of%202022&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.post_id=2010352&ep.article_template=product-review&ep.browser_user_agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F109.0.5414.119%20Safari%2F537.36&ep.author=kyamada&ep.jr_editor=&ep.sr_editor=jbruce&ep.primary_category=Product%20Reviews&ep.tags=%7CProduct%20Reviews%7CeReader%7CAndroid%20Tablet%7CTranscription%7CE-Ink%7C&ep.payment_category=product_review&ep.content_type=Product%20Review&ep.intent=Affiliate&ep.network_category=hardware&ep.is_amp_traffic=false&ep.template=content-all&ep.is_ad_block=false&ep.classification=Standard&ep.is_subscribed_premium=false&ep.subscription_plan=free&ep.ip_address=23.227.193.100&ep.date_published=20220921&ep.date_republished=20220921
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BQB02LSDHV&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notepad-setup.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 28 Jan 2023 08:51:39 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://notepad-setup.top
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
config
c.amazon-adsystem.com/cdn/prod/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3741&u=https%3A%2F%2Fnotepad-setup.top
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.195.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-195-78.fra2.r.cloudfront.net
Software
Server /
Resource Hash
c8e6aabcb4f149060381cfcda01a4a6799da2167d83545605678b5e83e9c7ed5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notepad-setup.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 28 Jan 2023 08:51:38 GMT
via
1.1 e976f829f2d1c4787d42d0595ae7cf74.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA2-C1
x-cache
Miss from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://notepad-setup.top
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
1297
x-amz-cf-id
aBbvA8MN6Gh8RDVcx_B2Af03fzaK73BSXavjFBfWJJI89kRQr5W24w==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.195.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-195-78.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notepad-setup.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id
1R3b4YI9dI20q9Y7Gq1DHxVUnq3Fp2gn
content-encoding
gzip
via
1.1 e976f829f2d1c4787d42d0595ae7cf74.cloudfront.net (CloudFront)
date
Fri, 27 Jan 2023 12:26:44 GMT
x-amz-cf-pop
FRA2-C1
age
73496
x-cache
Hit from cloudfront
last-modified
Fri, 23 Dec 2022 01:05:48 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
ZoV7qyFPbpWtY1qKEIt86f92LWEogyNoPMHpyei1_LmL7ecTwu3Q5Q==
launchpad.bundle.js
launchpad.privacymanager.io/1/ 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://launchpad.privacymanager.io/1/launchpad.bundle.js
Requested by
Host: notepad-setup.top
URL: https://notepad-setup.top/?_=%2Fb1c80b5e-e909-4d5d-ba94-1d63bb1c4212%2Flaunchpad-liveramp.js%23D0ZmU6%2BV0dz%2F%2FwN%2FSqSLx%2BHF2mHkYBf5lQ4P3XLAx8UeX3NNvcibgb33GQ%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-36.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b9d318b3157ccbfc3bb00e82a446613294f9a592c01537662386bd848882b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notepad-setup.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id
IBczV1acfLsLLKzHm11PkizTXPxE9_cH
content-encoding
gzip
via
1.1 03d509e8374e9f42668961b5e0201348.cloudfront.net (CloudFront)
date
Sat, 28 Jan 2023 08:10:19 GMT
x-amz-cf-pop
FRA2-C2
age
2481
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/LaunchPadLibraryBuild-prod:f09170b2-5416-4e55-be91-38e5eec207ec
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
a78f2a5a4864424e54348ce47b156abb
last-modified
Thu, 10 Mar 2022 13:10:48 GMT
server
AmazonS3
etag
W/"3e312624cdc2445a38a716f92dc3c0cd"
vary
Accept-Encoding
content-type
application/x-javascript
x-amz-meta-codebuild-content-sha256
e4ad213b137401d20a50fe1692169cc5f8b39867b6fe39afed7e307e1b9c967e
cache-control
must-revalidate,public,max-age=3600
x-amz-cf-id
tKcw0lRMCXvwjWlCBZO2A6tIArBsX9zk1UO2G1vUmLlr5u97vlOPNQ==
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ 		53 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: notepad-setup.top
URL: https://notepad-setup.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.44.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-44-144.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0767c070293f17944c5246f47d8c610131ee16556a032dc3b5820bdac5ec725f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notepad-setup.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 28 Jan 2023 08:51:39 GMT
content-encoding
gzip
last-modified
Thu, 13 Oct 2022 18:14:48 GMT
server
Apache
etag
"d4ed-5eaee7c12df48-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17131
expires
Sat, 28 Jan 2023 09:06:39 GMT
hadron.js
cdn.hadronid.net/ 		55 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fnotepad-setup.top%2F&ref=&_it=amazon&partner_id=269
Requested by
Host: notepad-setup.top
URL: https://notepad-setup.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13f329a0d3e082589a14177df4778b45ea8cb3826ce3b945fcbb0721baca5825

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notepad-setup.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 28 Jan 2023 08:51:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
FNK044PCM9Y7VVCR
age
5971
x-amz-id-2
AlHhfnaYFu7DcAqm/AZXcFZz8Z4At5Hcn9XqhUxeA24L5T6B/l+VTePOXZCvBx0dhJEtzYQ2PVA=
cf-bgj
minify
last-modified
Fri, 18 Nov 2022 10:57:44 GMT
server
cloudflare
etag
W/"2280e2148e4ee3c06f679f8fac039778"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Ha%2B7uaF2LK5YzvyPlyjv8qkH8EZ%2FXchhzzxM%2BgrVy6pElUyHc8toWIgfmxAuL7IJW5V1zTU%2Fg19g1kYbyUoYyC8nydve8Ib7rigucusc7LDHByNcWYuuZo0Ecrj%2FRf8BbD%2BmPYuo68K47%2Ff85I%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=3600
cf-ray
79087ccd6beabbc5-FRA
id5-api.js
cdn.id5-sync.com/api/1.0/ 		57 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: notepad-setup.top
URL: https://notepad-setup.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
746ae9f89257f50641aa689285d9cc6f17e3d6758ba9b44763e6418964921fd0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notepad-setup.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 28 Jan 2023 08:51:39 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 18 Jan 2023 10:47:57 GMT
server
cloudflare
x-amz-request-id
6D5QG0NPJZD5QPXK
age
2767
etag
W/"4d61440f9cbdbb9b0b5a43273c7c3caf"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
79087ccd695cbbfd-FRA
x-amz-id-2
eRu/pWDcfy00YajLpD+uzFcj/gy0Nqx1S0UB+hXX6Rv1XbLFi1H6AN1en/mav0LBa8Yfa7TpARM=
onyx-boox-note-air-2-review-ereader-digital-notepad-profile-01.jpg
static0.makeuseofimages.com/wordpress/wp-content/uploads/2022/07/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static0.makeuseofimages.com/wordpress/wp-content/uploads/2022/07/onyx-boox-note-air-2-review-ereader-digital-notepad-profile-01.jpg?q=50&fit=contain&w=755&h=430&dpr=1.5
Requested by
Host: notepad-setup.top
URL: https://notepad-setup.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.59.220.194 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
185-59-220-194.bunnyinfra.net
Software
BunnyCDN-DE1-713 /
Resource Hash
6760fb41058d20ef62812d440f58075bd3f98b480dca10bea47d2a3e2ca2298d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notepad-setup.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 28 Jan 2023 08:51:39 GMT
cdn-edgestorageid
752
cdn-cachedat
01/27/2023 21:33:17
cdn-pullzone
1165051
content-disposition
inline; filename="onyx-boox-note-air-2-review-ereader-digital-notepad-profile-01.avif"
content-length
14060
x-request-id
ildGcC-W5yCMJlK1elDs9
server
BunnyCDN-DE1-713
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
"Is0nqUA746pwj1-08Ou9Kgbm3UmTE7M_io8wvy0XSrg/RIkFsblRpRE1fUV8wNC03UzBKOHA1a3ci"
access-control-allow-methods
GET, OPTIONS
content-type
image/avif
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
1bdb6511-4d52-4155-8068-50426668f87a
cache-control
public, max-age=31919000
cdn-requestid
8e2e3811d8da7c2edd8f51f5e301915c
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
/
geo.privacymanager.io/ 		30 B
594 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: launchpad.privacymanager.io
URL: https://launchpad.privacymanager.io/1/launchpad.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-86.fra2.r.cloudfront.net
Software
/
Resource Hash
a57258a3f51dc6ee13ca490ab8e780ed443e5725a650e7f085f1c67325784461

Request headers

Accept
application/json
Referer
https://notepad-setup.top/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 28 Jan 2023 02:23:09 GMT
via
1.1 d9523e44e96d2539081596bb1d268d44.cloudfront.net (CloudFront), 1.1 590590f04f79f692591f9db0e720a31c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3, FRA2-C2
age
23310
x-amzn-requestid
54d8c95a-d589-453a-ade4-351ebc95f937
x-amzn-trace-id
Root=1-63d4870d-2b72e5b405bc7f2d12001204;Sampled=0
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-apigw-id
fboKHHxujoEFatA=
content-length
30
x-amz-cf-id
oGJNTYPF-TCPNIHCSm-9jIGrkCi2RKsCCTJ862OIJ7I35On4v5wv0Q==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
/
geo.privacymanager.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-86.fra2.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://notepad-setup.top
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
*
content-length
0
content-type
application/json
date
Sat, 28 Jan 2023 08:51:39 GMT
via
1.1 c2a926ef1bafe1ab239d4761594a8098.cloudfront.net (CloudFront), 1.1 590590f04f79f692591f9db0e720a31c.cloudfront.net (CloudFront)
x-amz-apigw-id
fchEYGVDjoEFgig=
x-amz-cf-id
jj9XvkEkThPth0VI-GZtMubLfMDgJGTROKV8Rdrb2YIKAOMoeWQyQg==
x-amz-cf-pop
FRA2-C1 FRA2-C2
x-amzn-requestid
0801f180-b2e6-4ba0-a5bb-fb123e1cfb2c
x-cache
Miss from cloudfront
domains
api.viglink.com/api/ 		41 B
490 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.viglink.com/api/domains
Requested by
Host: cdn.viglink.com
URL: https://cdn.viglink.com/api/vglnk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.179.146 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-179-146.eu-west-1.compute.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
19ad827247983bb7b67d1f37f75c8ac8a4e178aafd12964989821659233cd44d

Request headers

Referer
https://notepad-setup.top/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Sat, 28 Jan 2023 08:51:39 GMT
Server
Apache-Coyote/1.1
P3P
CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin
https://notepad-setup.top
Content-Type
text/javascript;charset=UTF-8
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
41
Expires
Thu, 01 Jan 1970 00:00:00 GMT
domains
api.viglink.com/api/ 		42 B
491 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.viglink.com/api/domains
Requested by
Host: cdn.viglink.com
URL: https://cdn.viglink.com/api/vglnk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.179.146 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-179-146.eu-west-1.compute.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
534d9563e956bf6cac3198e4a65599db43c6117f2cf5efd7afd86b49a3e7327c

Request headers

Referer
https://notepad-setup.top/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Sat, 28 Jan 2023 08:51:39 GMT
Server
Apache-Coyote/1.1
P3P
CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin
https://notepad-setup.top
Content-Type
text/javascript;charset=UTF-8
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
42
Expires
Thu, 01 Jan 1970 00:00:00 GMT
hadron.json
id.hadron.ad.gt/v1/ 		47 B
121 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=269&sync=0&domain=notepad-setup.top&url=https://notepad-setup.top/
Requested by
Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fnotepad-setup.top%2F&ref=&_it=amazon&partner_id=269
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9deb4e273ead128f62747cd97126e0ea6e28d0441ac66bb70de2071b6e2ca79d

Request headers

Referer
https://notepad-setup.top/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 28 Jan 2023 08:51:40 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
application/json
access-control-allow-origin
https://notepad-setup.top
cache-control
public,max-age=30
access-control-allow-credentials
true
cf-ray
79087ccf5c39bb47-FRA
hadron.json
id.hadron.ad.gt/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=269&sync=0&domain=notepad-setup.top&url=https://notepad-setup.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://notepad-setup.top
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin
https://notepad-setup.top
cache-control
public,max-age=30
cf-cache-status
DYNAMIC
cf-ray
79087cce2a9dbb47-FRA
content-encoding
gzip
content-type
application/json
date
Sat, 28 Jan 2023 08:51:40 GMT
server
cloudflare
vary
Origin
app.bundle.js
link.monetizer101.com/widget/price-comparison/ 		73 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://link.monetizer101.com/widget/price-comparison/app.bundle.js
Requested by
Host: notepad-setup.top
URL: https://notepad-setup.top/?_=%2Fwidget%2Fcode%2F1424.js%23D0ZmU6%2BV0dz%2F9xh6B6GUyOCcxGngYlas1g4cwHY%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-97.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
34a425ff1bbcb73425656feb21dfe02e1b5c689c49a342831bba998821843971

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notepad-setup.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id
0ELKlFjXfl1hac0nSN.1uv40VaG53B86
Content-Encoding
gzip
Via
1.1 34f50889bc574f1edeb41dd758962a5a.cloudfront.net (CloudFront)
Date
Sat, 28 Jan 2023 08:49:36 GMT
Last-Modified
Mon, 22 Aug 2022 08:00:16 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA2-C1
Age
196
ETag
W/"37e8730974560569ca662e041fb1e26e"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
LUscIYu4MXPnaMF5OJ52zOW-a96TjITll-cEiTMX22GMf47pewIoyA==
onyx-boox-note-air-2-review-ereader-digital-notepad-profile-01.jpg
static0.makeuseofimages.com/wordpress/wp-content/uploads/2022/07/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static0.makeuseofimages.com/wordpress/wp-content/uploads/2022/07/onyx-boox-note-air-2-review-ereader-digital-notepad-profile-01.jpg?q=50&fit=contain&w=128&h=128&dpr=1.5
Requested by
Host: notepad-setup.top
URL: https://notepad-setup.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.59.220.194 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
185-59-220-194.bunnyinfra.net
Software
BunnyCDN-DE1-713 /
Resource Hash
10f69827dd500f24773a0f2e6683f59566a234ad4077ef07ee1065dccb727f3a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notepad-setup.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 28 Jan 2023 08:51:39 GMT
cdn-edgestorageid
874
cdn-cachedat
01/27/2023 21:33:18
cdn-pullzone
1165051
content-disposition
inline; filename="onyx-boox-note-air-2-review-ereader-digital-notepad-profile-01.avif"
content-length
1521
x-request-id
rMnU_pNJlBMjPciGbNoM9
server
BunnyCDN-DE1-713
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
"p98JqQwHnAwBCuuwgeWQc6D94TAuOF-483-bSUrriIQ/RIkFsblRpRE1fUV8wNC03UzBKOHA1a3ci"
access-control-allow-methods
GET, OPTIONS
content-type
image/avif
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
1bdb6511-4d52-4155-8068-50426668f87a
cache-control
public, max-age=31919000
cdn-requestid
78a93a02e415a971871db3b518a6a5b8
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
onyx-boox-note-air-2-no-security-updates-patches.jpg
static0.makeuseofimages.com/wordpress/wp-content/uploads/2022/09/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static0.makeuseofimages.com/wordpress/wp-content/uploads/2022/09/onyx-boox-note-air-2-no-security-updates-patches.jpg?q=50&fit=contain&w=128&h=128&dpr=1.5
Requested by
Host: notepad-setup.top
URL: https://notepad-setup.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.59.220.194 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
185-59-220-194.bunnyinfra.net
Software
BunnyCDN-DE1-713 /
Resource Hash
9814a7c31f0e40a70f998de28fc8879322c52295ae9107a1c95f7d091bdf69a0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notepad-setup.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 28 Jan 2023 08:51:39 GMT
cdn-edgestorageid
1053
cdn-cachedat
01/27/2023 21:33:18
cdn-pullzone
1165051
content-disposition
inline; filename="onyx-boox-note-air-2-no-security-updates-patches.avif"
content-length
2409
x-request-id
oNnqWyyJBnXYDrkpAXIY-
server
BunnyCDN-DE1-713
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
"p98JqQwHnAwBCuuwgeWQc6D94TAuOF-483-bSUrriIQ/RIkZwOF9XeVVQRFFIUkw1bHE1bjRya0Ei"
access-control-allow-methods
GET, OPTIONS
content-type
image/avif
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
1bdb6511-4d52-4155-8068-50426668f87a
cache-control
public, max-age=31919000
cdn-requestid
e53ab73b82bdbea8408a5966a430f55a
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
library-option-note-air-2.jpg
static0.makeuseofimages.com/wordpress/wp-content/uploads/2022/09/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static0.makeuseofimages.com/wordpress/wp-content/uploads/2022/09/library-option-note-air-2.jpg?q=50&fit=contain&w=128&h=128&dpr=1.5
Requested by
Host: notepad-setup.top
URL: https://notepad-setup.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.59.220.194 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
185-59-220-194.bunnyinfra.net
Software
BunnyCDN-DE1-713 /
Resource Hash
ef525178ece08d5e66a0642211affe2abf01aebdf0289163fbc0bcd34e06456c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notepad-setup.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 28 Jan 2023 08:51:39 GMT
cdn-edgestorageid
1053
cdn-cachedat
01/27/2023 21:33:18
cdn-pullzone
1165051
content-disposition
inline; filename="library-option-note-air-2.avif"
content-length
1874
x-request-id
Vj3BxQ8uIhSgCRqDtbvSn
server
BunnyCDN-DE1-713
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
"p98JqQwHnAwBCuuwgeWQc6D94TAuOF-483-bSUrriIQ/RIklQcGFLWno2V0ZlZDJFeTg3aVpUbkEi"
access-control-allow-methods
GET, OPTIONS
content-type
image/avif
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
1bdb6511-4d52-4155-8068-50426668f87a
cache-control
public, max-age=31919000
cdn-requestid
afc8ade17c81a6635d3bb0dfbbe047b1
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
onyx-boox-note-air-2-review-ereader-tablet-hardware.jpg
static0.makeuseofimages.com/wordpress/wp-content/uploads/2022/08/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static0.makeuseofimages.com/wordpress/wp-content/uploads/2022/08/onyx-boox-note-air-2-review-ereader-tablet-hardware.jpg?q=50&fit=contain&w=128&h=128&dpr=1.5
Requested by
Host: notepad-setup.top
URL: https://notepad-setup.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.59.220.194 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
185-59-220-194.bunnyinfra.net
Software
BunnyCDN-DE1-713 /
Resource Hash
7d286733d64d71f49bc54e2ecdd464dbcc86dc964399698c9f6b3fffb96e88c6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notepad-setup.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 28 Jan 2023 08:51:39 GMT
cdn-edgestorageid
860
cdn-cachedat
01/27/2023 21:33:18
cdn-pullzone
1165051
content-disposition
inline; filename="onyx-boox-note-air-2-review-ereader-tablet-hardware.avif"
content-length
1478
x-request-id
a10b2K9i5DLcAUeGxvSrK
server
BunnyCDN-DE1-713
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
"p98JqQwHnAwBCuuwgeWQc6D94TAuOF-483-bSUrriIQ/RImZjZjRPQkxyblBPNlpaQTd2NUdjUEEi"
access-control-allow-methods
GET, OPTIONS
content-type
image/avif
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
1bdb6511-4d52-4155-8068-50426668f87a
cache-control
public, max-age=31919000
cdn-requestid
0a77505a4b7efb0d6e8765e7511f0e1d
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
onyx-boox-note-air-2-review-ereader-digital-notepad-notes-in-ebook-annotation.jpg
static0.makeuseofimages.com/wordpress/wp-content/uploads/2022/08/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static0.makeuseofimages.com/wordpress/wp-content/uploads/2022/08/onyx-boox-note-air-2-review-ereader-digital-notepad-notes-in-ebook-annotation.jpg?q=50&fit=contain&w=128&h=128&dpr=1.5
Requested by
Host: notepad-setup.top
URL: https://notepad-setup.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.59.220.194 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
185-59-220-194.bunnyinfra.net
Software
BunnyCDN-DE1-713 /
Resource Hash
1f62e8142b4a7838676d2f63022ad58869a78ae367f56489d6a578888a642427

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notepad-setup.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 28 Jan 2023 08:51:39 GMT
cdn-edgestorageid
1053
cdn-cachedat
01/27/2023 21:33:18
cdn-pullzone
1165051
content-disposition
inline; filename="onyx-boox-note-air-2-review-ereader-digital-notepad-notes-in-ebook-annotation.avif"
content-length
1297
x-request-id
oJrE-bEceCRm6NEIQeVMv
server
BunnyCDN-DE1-713
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
"p98JqQwHnAwBCuuwgeWQc6D94TAuOF-483-bSUrriIQ/RIl9JUlFaZnhxVUp0RVRORHJOV2VldXci"
access-control-allow-methods
GET, OPTIONS
content-type
image/avif
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
1bdb6511-4d52-4155-8068-50426668f87a
cache-control
public, max-age=31919000
cdn-requestid
1747fc47970784265f1dd81b5523cca8
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
onyx-boox-note-air-2-review-ereader-digital-notepad-battery-life-01.jpg
static0.makeuseofimages.com/wordpress/wp-content/uploads/2022/09/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static0.makeuseofimages.com/wordpress/wp-content/uploads/2022/09/onyx-boox-note-air-2-review-ereader-digital-notepad-battery-life-01.jpg?q=50&fit=contain&w=128&h=128&dpr=1.5
Requested by
Host: notepad-setup.top
URL: https://notepad-setup.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.59.220.194 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
185-59-220-194.bunnyinfra.net
Software
BunnyCDN-DE1-713 /
Resource Hash
33b9dfc88f0dfeac66513d142cdbfbe3fc94aca73a5793754a689c4ffc751bf8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notepad-setup.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 28 Jan 2023 08:51:39 GMT
cdn-edgestorageid
1082
cdn-cachedat
01/27/2023 21:33:18
cdn-pullzone
1165051
content-disposition
inline; filename="onyx-boox-note-air-2-review-ereader-digital-notepad-battery-life-01.avif"
content-length
1435
x-request-id
QsYn7PkdVEyEO4QGMysqU
server
BunnyCDN-DE1-713
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
"p98JqQwHnAwBCuuwgeWQc6D94TAuOF-483-bSUrriIQ/RIms0aDVPSVZRTUZoM0NVaVNscDJaRFEi"
access-control-allow-methods
GET, OPTIONS
content-type
image/avif
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
1bdb6511-4d52-4155-8068-50426668f87a
cache-control
public, max-age=31919000
cdn-requestid
e7c490dfc1ecdf0147cd6ef4edae3e20
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
onyx-boox-note-air-2-translation-split-screen.jpg
static0.makeuseofimages.com/wordpress/wp-content/uploads/2022/09/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static0.makeuseofimages.com/wordpress/wp-content/uploads/2022/09/onyx-boox-note-air-2-translation-split-screen.jpg?q=50&fit=contain&w=128&h=128&dpr=1.5
Requested by
Host: notepad-setup.top
URL: https://notepad-setup.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.59.220.194 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
185-59-220-194.bunnyinfra.net
Software
BunnyCDN-DE1-713 /
Resource Hash
773029e9d8fb2baf58e6c3031ad28da0a1b7695f26c72ea187c5c0bc4892d0ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notepad-setup.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 28 Jan 2023 08:51:39 GMT
cdn-edgestorageid
1049
cdn-cachedat
01/27/2023 21:33:18
cdn-pullzone
1165051
content-disposition
inline; filename="onyx-boox-note-air-2-translation-split-screen.avif"
content-length
1418
x-request-id
H2vsKL2flEo1MdbeeMGcI
server
BunnyCDN-DE1-713
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
"p98JqQwHnAwBCuuwgeWQc6D94TAuOF-483-bSUrriIQ/RIk1zbDFqaUlLRWZNVFpWX1dtbDBRbFEi"
access-control-allow-methods
GET, OPTIONS
content-type
image/avif
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
1bdb6511-4d52-4155-8068-50426668f87a
cache-control
public, max-age=31919000
cdn-requestid
731997ef3b3796d94809159351549b5b
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
chatbot-chatgpt-ai.jpg
static1.makeuseofimages.com/wordpress/wp-content/uploads/2023/01/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static1.makeuseofimages.com/wordpress/wp-content/uploads/2023/01/chatbot-chatgpt-ai.jpg?q=50&fit=crop&w=230&h=150&dpr=1.5
Requested by
Host: notepad-setup.top
URL: https://notepad-setup.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.59.220.194 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
185-59-220-194.bunnyinfra.net
Software
BunnyCDN-DE1-713 /
Resource Hash
0ba0c01aa98e0303b18af34201be051bbc50b9b07ba916642b7c8d8b3b06b971

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notepad-setup.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 28 Jan 2023 08:51:39 GMT
cdn-edgestorageid
1054
cdn-cachedat
01/27/2023 21:30:35
cdn-pullzone
1165051
content-disposition
inline; filename="chatbot-chatgpt-ai.avif"
content-length
3702
x-request-id
htXDj3GdlFgzREfgOlkPQ
server
BunnyCDN-DE1-713
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
"_K4BCw-DhPNvhh-X9AxVW10moiXZuUIj758YkbTVtac/RImpFQVhVaFRCd2o5R1IwOWRGUi1DRHci"
access-control-allow-methods
GET, OPTIONS
content-type
image/avif
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
1bdb6511-4d52-4155-8068-50426668f87a
cache-control
public, max-age=31919000
cdn-requestid
94eeb91f4f1a0f7eebb712ce0af65bd1
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
ai-training-neural-network-3d.jpeg
static1.makeuseofimages.com/wordpress/wp-content/uploads/2023/01/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static1.makeuseofimages.com/wordpress/wp-content/uploads/2023/01/ai-training-neural-network-3d.jpeg?q=50&fit=crop&w=230&h=150&dpr=1.5
Requested by
Host: notepad-setup.top
URL: https://notepad-setup.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.59.220.194 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
185-59-220-194.bunnyinfra.net
Software
BunnyCDN-DE1-713 /
Resource Hash
083ee2737abf7139096343040c1bb162a648a3a82dd90e1425ea661a045d98dd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notepad-setup.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 28 Jan 2023 08:51:39 GMT
cdn-edgestorageid
863
cdn-cachedat
01/27/2023 21:18:01
cdn-pullzone
1165051
content-disposition
inline; filename="ai-training-neural-network-3d.avif"
content-length
8372
x-request-id
8gu8fEXFgW8OdVMBUp5ls
server
BunnyCDN-DE1-713
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
"_K4BCw-DhPNvhh-X9AxVW10moiXZuUIj758YkbTVtac/RIlpkNDVPNkRCa1Vhb0VDMHAwb2RVMFEi"
access-control-allow-methods
GET, OPTIONS
content-type
image/avif
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
1bdb6511-4d52-4155-8068-50426668f87a
cache-control
public, max-age=31919000
cdn-requestid
a714eed3ac793a5440622848147fd779
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
textured-3d-orb-in-shiny-pastel-colors.jpg
static1.makeuseofimages.com/wordpress/wp-content/uploads/2023/01/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static1.makeuseofimages.com/wordpress/wp-content/uploads/2023/01/textured-3d-orb-in-shiny-pastel-colors.jpg?q=50&fit=crop&w=230&h=150&dpr=1.5
Requested by
Host: notepad-setup.top
URL: https://notepad-setup.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.59.220.194 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
185-59-220-194.bunnyinfra.net
Software
BunnyCDN-DE1-713 /
Resource Hash
ac2473b8b14ca61ae046d5dfbbc27cd9ed570ebf53b32e82257d5973cf552d6e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notepad-setup.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 28 Jan 2023 08:51:39 GMT
cdn-edgestorageid
1077
cdn-cachedat
01/27/2023 21:18:01
cdn-pullzone
1165051
content-disposition
inline; filename="textured-3d-orb-in-shiny-pastel-colors.avif"
content-length
4135
x-request-id
LqIqVFT0QF4qz2g9Fj1Oz
server
BunnyCDN-DE1-713
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
"_K4BCw-DhPNvhh-X9AxVW10moiXZuUIj758YkbTVtac/RIjFHU0ZrVVVyMVBHdFdDakxkUndoS1Ei"
access-control-allow-methods
GET, OPTIONS
content-type
image/avif
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
1bdb6511-4d52-4155-8068-50426668f87a
cache-control
public, max-age=31919000
cdn-requestid
3537aad65407ce6d24c6a1979db0377e
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
accuracy
link.monetizer101.com/shop-rest/api/int/shop/1424/compare/prices/usd_en/by/ 		2 B
603 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://link.monetizer101.com/shop-rest/api/int/shop/1424/compare/prices/usd_en/by/accuracy?search-keywords=&exclude-keywords=&price-range=*-*&filter-merchant=&prefer-merchant=&barcode=&limit=3&sid=&url=%3FlinkCode%3Dll1%26tag%3Dmuo-v2-36g8bfo-20%26linkId%3Dbdd717ffb5c24c2184aea53e5924a302%26language%3Den_US%26ref_%3Das_li_ss_tl%26ascsubtag%3DUUmuoUeUpU2010352%26_%3D%2FBOOX-Note-10-3-eNote-Tablets%2Fdp%2FB09JBC4C67%23D0ZmU6%2BV0dzk6QE%2FSKGa3OqGg3DqfQ%3D%3D&merchant-exclusion=current&layout=&amazon-tag=&xp=12&display=&referrer=https://notepad-setup.top/
Requested by
Host: link.monetizer101.com
URL: https://link.monetizer101.com/widget/price-comparison/app.bundle.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-97.fra2.r.cloudfront.net
Software
Apache/2.4.53 (Amazon) OpenSSL/1.0.2k-fips /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notepad-setup.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 28 Jan 2023 08:51:40 GMT
Content-Encoding
gzip
Via
1.1 37c215a6cf8b04439db2f97a633421e6.cloudfront.net (CloudFront)
Server
Apache/2.4.53 (Amazon) OpenSSL/1.0.2k-fips
X-Amz-Cf-Pop
FRA2-C1
Vary
Accept-Encoding
X-Cache
Miss from cloudfront
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
22
X-Amz-Cf-Id
n_y5NJrLO3siV96i9F49kWIyeX0SH-Klx86EWRIRYkVMpc86SXS4nA==
Expires
Thu, 01 Jan 1970 00:00:00 GMT
b-8db6969-3f7932e5.js
tagan.adlightning.com/valnet/ 		88 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/valnet/b-8db6969-3f7932e5.js
Requested by
Host: notepad-setup.top
URL: https://notepad-setup.top/?_=%2Fvalnet%2Fop.js%23D0ZmU6%2BV0dzn%2FxFwR%2BKawumBynvxfg7ygA4cwHY%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-107.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5967d24fcf2654a3d788c31a23ab9fa046f205868dc6e06f38de6d0dc5772e01

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notepad-setup.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 23:28:53 GMT
content-encoding
gzip
via
1.1 ff2bcb2d3b4a3d9e0615ddd1033c38c4.cloudfront.net (CloudFront)
x-amz-version-id
bu0SoHjXCZhHYlScBCeEJEUKk.hkjRrT
x-amz-cf-pop
FRA2-C2
age
724968
x-cache
Hit from cloudfront
content-length
33092
x-amz-meta-git_commit
8db6969
last-modified
Mon, 07 Nov 2022 22:02:37 GMT
server
AmazonS3
etag
"b7743634c2b90845a15bea2721de3ec8"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
7DLKTes-Tj6--3s8NtGF6UiRTA0yT0RqyTv6BQWjuY78L5ZrU2GLug==
bl-f140f48-22f4fe73.js
tagan.adlightning.com/valnet/ 		126 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/valnet/bl-f140f48-22f4fe73.js
Requested by
Host: notepad-setup.top
URL: https://notepad-setup.top/?_=%2Fvalnet%2Fop.js%23D0ZmU6%2BV0dzn%2FxFwR%2BKawumBynvxfg7ygA4cwHY%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-107.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ba1ad8dc1b15631ff39e3611c1dfdc00ba2f6e6e76e69d2eb43ad0ff87077422

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notepad-setup.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 26 Jan 2023 06:14:38 GMT
content-encoding
gzip
via
1.1 ff2bcb2d3b4a3d9e0615ddd1033c38c4.cloudfront.net (CloudFront)
x-amz-version-id
5XXaIJbETJpvgHiO_.CR0oEqeR3A9juW
x-amz-cf-pop
FRA2-C2
age
182223
x-cache
Hit from cloudfront
content-length
39648
x-amz-meta-git_commit
f140f48
last-modified
Thu, 26 Jan 2023 06:14:13 GMT
server
AmazonS3
etag
"2eedcedd7492cd085f9740630c7369c4"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
8L2te4mscoxxRYycTnpIk-8yzw--BQ7AGx_fwxoQXz3NH-Z3Mry50Q==
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230124/r20190131/ Frame FAA2 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230124/r20190131/zrt_lookup.html
Requested by
Host: notepad-setup.top
URL: https://notepad-setup.top/?_=%2Fvalnet%2Fop.js%23D0ZmU6%2BV0dzn%2FxFwR%2BKawumBynvxfg7ygA4cwHY%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://notepad-setup.top/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
3429
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 28 Jan 2023 07:54:31 GMT
etag
10353107486223812946
expires
Sat, 11 Feb 2023 07:54:31 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
269
a.ad.gt/api/v1/u/matches/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.ad.gt/api/v1/u/matches/269?_it=amazon
Requested by
Host: notepad-setup.top
URL: https://notepad-setup.top/?_=%2Fvalnet%2Fop.js%23D0ZmU6%2BV0dzn%2FxFwR%2BKawumBynvxfg7ygA4cwHY%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7fb6ea4e4e5a3fcd56032440272a3eb22516ebdc1e772aedc3035f2b6c7f6b88

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notepad-setup.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 28 Jan 2023 08:51:40 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sat, 28 Jan 2023 08:51:05 GMT
server
cloudflare
age
35
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cross-origin-resource-policy
cross-origin
cf-ray
79087cd16e729b63-FRA
skeleton.js
static.adsafeprotected.com/ 		17 B
464 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/skeleton.js
Requested by
Host: notepad-setup.top
URL: https://notepad-setup.top/?_=%2Fvalnet%2Fop.js%23D0ZmU6%2BV0dzn%2FxFwR%2BKawumBynvxfg7ygA4cwHY%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:2a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notepad-setup.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 02:33:19 GMT
x-amz-version-id
nylqTweorRThFHMBJSrf_fHcWx3KVKN3
via
1.1 e56e6732f380db727425bac2d6158760.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
age
4774702
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
17
last-modified
Mon, 17 Aug 2020 23:54:35 GMT
server
AmazonS3
etag
"53fab767ecbd3bf07990b10246befbd4"
content-type
application/javascript
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
-zYy9oay920UaGBZHUSNR5DwUl8snqVIDh02noD4hCKtOuqq80pOQw==
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
404 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
b0fdf2c5c9e8a127ac751ec6b08ec02d49562f1a82761886a5c7740b95126002
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://notepad-setup.top/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://notepad-setup.top
date
Sat, 28 Jan 2023 08:51:40 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
v1
lbs.eu-1-id5-sync.com/lbs/ 		54 B
232 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lbs.eu-1-id5-sync.com/lbs/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2001:41d0:701:1000::31d2 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
a73fecb64231e1e5185732c8600fdeaa8cf9cddf3e59501fdf908fbc3329b6d0

Request headers

Referer
https://notepad-setup.top/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://notepad-setup.top
date
Sat, 28 Jan 2023 08:51:40 GMT
content-length
54
vary
Origin
content-type
application/json
liveView.php
live.primis.tech/live/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?s=108507&subId=[MUO-Reg-Org]
Requested by
Host: notepad-setup.top
URL: https://notepad-setup.top/?_=%2Fvalnet%2Fop.js%23D0ZmU6%2BV0dzn%2FxFwR%2BKawumBynvxfg7ygA4cwHY%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:8a00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
ecd8d035674cd0386fd015de8ec5d38ddc49cbbde9e6d61a2cf6f7a78a88eafc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notepad-setup.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 28 Jan 2023 08:51:39 GMT
content-encoding
gzip
via
1.1 37c215a6cf8b04439db2f97a633421e6.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA2-C1
age
0
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
x-amz-cf-id
egvOwrlMEWcNwOe3N5zNPb9cgQH1QRJh9ompxonv_4JG6qX3HOimQw==
pixel.png
notepad-setup.top/ 		196 B
633 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://notepad-setup.top/pixel.png?params=---{%22group%22:%22browseclip_imp%22,%22device%22:%22desktop%22,%22ids%22:[{%22id%22:%222020764%22,%22position%22:%22sidebar-pinned-listing-page-article-1%22},{%22id%22:%222020921%22,%22position%22:%22sidebar-pinned-listing-page-article-2%22},{%22id%22:%222020752%22,%22position%22:%22sidebar-pinned-listing-page-article-3%22},{%22id%22:%222020853%22,%22position%22:%22sidebar-pinned-listing-page-article-4%22},{%22id%22:%222019592%22,%22position%22:%22sidebar-pinned-listing-page-article-5%22},{%22id%22:%221188366%22,%22position%22:%22sidebar-pinned-listing-page-article-6+%22}],%22eventType%22:%22impression%22}---&rdm=0.09082210773147947
Requested by
Host: notepad-setup.top
URL: https://notepad-setup.top/?_=%2Fpublic%2Fbuild%2Fvalnet-footer.f1af4736.js%23D0ZmU6%2BV0dzk6QE%2FRK2Qw%2FCbyHzjPgTzig%3D%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:d8e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notepad-setup.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 28 Jan 2023 08:51:40 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qQPCMCU29Qsk8J3MZlUVwGStJITyU5y%2FHZHb3qXA%2FlgVWIeYo73EHLd2MMrlQT0L7k0v%2FFzlcXB0oopHB82sKO%2FYtvsjcn2KJJnDU%2F1BFM4V5Puxaurt%2B3QbxhmZ%2B9wT%2BXwuHsJHfCOU8PyNMTPBTw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cache-control
max-age=14400
cf-ray
79087cd19e0ebba4-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
518.json
id5-sync.com/g/v2/ 		216 B
627 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/518.json
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.116 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533567.ip-162-19-138.eu
Software
/
Resource Hash
6fcd723f951dd92bb83291c86ee1a047bab7bfd133156bb13162cb8012bbf514
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://notepad-setup.top/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://notepad-setup.top
date
Sat, 28 Jan 2023 08:51:39 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
liveView.php
live.primis.tech/live/ Frame 2DAE 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?s=108507&subId=[MUO-Reg-Org]&x=728&y=410&cbuster=1674895900&pubUrlAuto=https%3A%2F%2Fnotepad-setup.top%2F&isDoublePreroll=1&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=108507&subId=[MUO-Reg-Org]
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:8a00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
bb4aaef3da7f0a7321b81cd3f7b854f4de70e5b589ca7a8e22f842acd35835a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notepad-setup.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 28 Jan 2023 08:51:39 GMT
content-encoding
gzip
via
1.1 37c215a6cf8b04439db2f97a633421e6.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA2-C1
age
0
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
x-amz-cf-id
t8pVRRA3AGcnMLpUIyOvUZbspm-ZKh-RN9CP1ONRVDllfjDhGV3aFg==
iab_consent_sdk.v1.0.js
live.primis.tech/content/ClientDetections/ Frame 2DAE 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/ClientDetections/iab_consent_sdk.v1.0.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=108507&subId=[MUO-Reg-Org]&x=728&y=410&cbuster=1674895900&pubUrlAuto=https%3A%2F%2Fnotepad-setup.top%2F&isDoublePreroll=1&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:8a00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
a3336e3373c170b40764f5a62d121335bec4243b0034e561937194dfe2e413fd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notepad-setup.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 28 Jan 2023 08:51:39 GMT
content-encoding
gzip
via
1.1 37c215a6cf8b04439db2f97a633421e6.cloudfront.net (CloudFront)
last-modified
Wed, 12 Feb 2020 15:01:36 GMT
server
nginx
x-amz-cf-pop
FRA2-C1
etag
W/"5e441350-4be0"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
max-age=31536000, public
accept-ranges
bytes
x-amz-cf-id
wZ1sOgZcYZRpYcSfvic1TrjYSQq09l2rPkI61c8LnNSQ50LUK6mBXw==
expires
Sun, 28 Jan 2024 08:51:39 GMT
DetectGDPR2.v1.1.js
live.primis.tech/content/ClientDetections/ Frame 2DAE 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/ClientDetections/DetectGDPR2.v1.1.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=108507&subId=[MUO-Reg-Org]&x=728&y=410&cbuster=1674895900&pubUrlAuto=https%3A%2F%2Fnotepad-setup.top%2F&isDoublePreroll=1&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:8a00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
154212eb976f7df7c79f5844fcb356740bcb6c51edacb2e8515108e2d7effa67

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notepad-setup.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 28 Jan 2023 08:51:40 GMT
content-encoding
gzip
via
1.1 37c215a6cf8b04439db2f97a633421e6.cloudfront.net (CloudFront)
last-modified
Thu, 11 Feb 2021 09:45:48 GMT
server
nginx
x-amz-cf-pop
FRA2-C1
etag
W/"6024fccc-228f"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
max-age=31536000, public
accept-ranges
bytes
x-amz-cf-id
8n-yQ_omLfDLMLbCj_9z_puF51T8UAX1XSfhJyF7zZf5k6w8xiBC7w==
expires
Sun, 28 Jan 2024 08:51:40 GMT
DetectGDPR.v1.1.js
live.primis.tech/content/ClientDetections/ Frame 2DAE 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/ClientDetections/DetectGDPR.v1.1.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=108507&subId=[MUO-Reg-Org]&x=728&y=410&cbuster=1674895900&pubUrlAuto=https%3A%2F%2Fnotepad-setup.top%2F&isDoublePreroll=1&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:8a00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5bb08412d18881e3fc69fdb44226bfc6f66a77d45dfff3f10b98a100c09bc970

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notepad-setup.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 28 Jan 2023 08:51:39 GMT
content-encoding
gzip
via
1.1 37c215a6cf8b04439db2f97a633421e6.cloudfront.net (CloudFront)
last-modified
Thu, 11 Feb 2021 09:45:48 GMT
server
nginx
x-amz-cf-pop
FRA2-C1
etag
W/"6024fccc-1ef8"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
max-age=31536000, public
accept-ranges
bytes
x-amz-cf-id
29kPj3CrM7nRAxG5uoFLUlEG_a5CfJJWWDFbgd0nuLHvhgBvulX-rQ==
expires
Sun, 28 Jan 2024 08:51:39 GMT
hls.0.12.4_3.min.js
live.primis.tech/content/video/hls/ Frame 2DAE 		258 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=108507&subId=[MUO-Reg-Org]&x=728&y=410&cbuster=1674895900&pubUrlAuto=https%3A%2F%2Fnotepad-setup.top%2F&isDoublePreroll=1&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:8a00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
a20010b26bce05ea3cfc83cf3a162b7c16b5d2fa2bcf2253b0394b0eb322347a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notepad-setup.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 28 Jan 2023 08:51:40 GMT
content-encoding
gzip
via
1.1 37c215a6cf8b04439db2f97a633421e6.cloudfront.net (CloudFront)
last-modified
Wed, 23 Mar 2022 12:48:36 GMT
server
nginx
x-amz-cf-pop
FRA2-C1
etag
W/"623b1724-409bc"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
max-age=31536000, public
accept-ranges
bytes
x-amz-cf-id
-krmapxVCztFfZTl9GBcgSsUKfvlLY2StUwhBN1M4mNALoXkXoTfVg==
expires
Sun, 28 Jan 2024 08:51:40 GMT
prebidVid.7.16.0_6.min.js
live.primis.tech/content/prebid/ Frame 2DAE 		513 KB
261 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/prebid/prebidVid.7.16.0_6.min.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=108507&subId=[MUO-Reg-Org]&x=728&y=410&cbuster=1674895900&pubUrlAuto=https%3A%2F%2Fnotepad-setup.top%2F&isDoublePreroll=1&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:8a00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1bc8f41dd445ae1683561f8ccbf395101dcb922f2d1b902c74c58200bb73ded3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notepad-setup.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 28 Jan 2023 08:51:40 GMT
content-encoding
gzip
via
1.1 37c215a6cf8b04439db2f97a633421e6.cloudfront.net (CloudFront)
last-modified
Mon, 23 Jan 2023 09:24:31 GMT
server
nginx
x-amz-cf-pop
FRA2-C1
etag
W/"63ce524f-80519"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
max-age=31536000, public
accept-ranges
bytes
x-amz-cf-id
ZN2tuOOG5XQ69k-ycKZec4rWHzZgp5uZJZuT9JPEXj_2pY7MF0Csxg==
expires
Sun, 28 Jan 2024 08:51:40 GMT
liveVideo.php
live.primis.tech/live/ Frame 2DAE 		560 KB
231 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032332D30312D32385F31307D7B7331363735303030317D7B4335377D7B53625856764C584A6C5A793176636D6466626D39305A5842685A43317A5A585231634335306233413D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583732387D7B593431307D7B66317D7B4C31313434317DFEFE&userIpAddr=2a00%3Ac98%3A2050%3Aa007%3A2%3A%3A3&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F109.0.5414.119+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=5&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1674895900&csuuid=63d4e21c818bd&debugInfo=16750001_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16750001&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2a51shulyijv&secondaryContent=&x=728&y=410&pubUrl=https%3A%2F%2Fnotepad-setup.top%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=0&flow_bottomOffset=0&impGap=1&flow_width=340&flow_height=192&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.2993&geoLong=9.491&vpTemplate=11441&flowMode=seenboth&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=%5BMUO-Reg-Org%5D&appName=&appBundleId=https%3A%2F%2Fnotepad-setup.top%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=108507&subId=[MUO-Reg-Org]&x=728&y=410&cbuster=1674895900&pubUrlAuto=https%3A%2F%2Fnotepad-setup.top%2F&isDoublePreroll=1&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:8a00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e5f0b3f710a85df43f3fdf4aaf5ea448765d1b21b53bc945de7873a1a1d9e9d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notepad-setup.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 28 Jan 2023 08:51:40 GMT
content-encoding
gzip
via
1.1 37c215a6cf8b04439db2f97a633421e6.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA2-C1
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
x-amz-cf-id
SLWqH62N_TxeKHnGSuOt9zJLxzYVRbV7wMYQYJi_uOU56boljS5akg==
v2kdghBHmCMD6VD9kd8aZjjk0v4T3j7BbyBYgJHNEsio0v0xd7iSGw8c8fxFsFtvL9kayzBg7
aloofvest.com/ 		206 B
722 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://aloofvest.com/v2kdghBHmCMD6VD9kd8aZjjk0v4T3j7BbyBYgJHNEsio0v0xd7iSGw8c8fxFsFtvL9kayzBg7
Requested by
Host: notepad-setup.top
URL: https://notepad-setup.top/?_=%2Fv2gkdtcolbyyvETUl8BRxrOr2e50_I7MAvHoA1avRR_S9Erkyjiz8Kn0%23D0ZmU6%2BV0dzy8hl%2BT7qe1fHGznzo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:4277::1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
3e59cc5ad1a1f54b8d56b664ccd5743836015bc4414bbc2566cf5a86ee2b3d28
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://notepad-setup.top/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Sat, 28 Jan 2023 08:51:40 GMT
via
1.1 google
x-buildnumber
757822166
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
206
x-datacenter
gce-europe-west1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://notepad-setup.top
x-hostname
fen-hoothoot-europe-west1-spot-218p
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires
Sat, 28 Jan 2023 08:51:39 GMT
primisslate.css
live.primis.tech/content/video/css/ 		18 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/video/css/primisslate.css
Requested by
Host: notepad-setup.top
URL: https://notepad-setup.top/?_=%2Fvalnet%2Fop.js%23D0ZmU6%2BV0dzn%2FxFwR%2BKawumBynvxfg7ygA4cwHY%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:8a00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
616f41fbbcf44ba72bb9c97132871526164c81d78f56a15e04ece1a44eb5606a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notepad-setup.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 28 Jan 2023 08:51:39 GMT
content-encoding
gzip
via
1.1 37c215a6cf8b04439db2f97a633421e6.cloudfront.net (CloudFront)
last-modified
Mon, 09 Jan 2023 13:13:08 GMT
server
nginx
x-amz-cf-pop
FRA2-C1
etag
W/"63bc12e4-465a"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/css
accept-ranges
bytes
x-amz-cf-id
HCZJalhz-j9q4CsZ1scNsR9cFx1Y-SQ_V3snQUqcmvyppGUeEQ3QqA==
apstag.js
c.amazon-adsystem.com/aax2/ Frame 2DAE 		191 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032332D30312D32385F31307D7B7331363735303030317D7B4335377D7B53625856764C584A6C5A793176636D6466626D39305A5842685A43317A5A585231634335306233413D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583732387D7B593431307D7B66317D7B4C31313434317DFEFE&userIpAddr=2a00%3Ac98%3A2050%3Aa007%3A2%3A%3A3&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F109.0.5414.119+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=5&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1674895900&csuuid=63d4e21c818bd&debugInfo=16750001_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16750001&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2a51shulyijv&secondaryContent=&x=728&y=410&pubUrl=https%3A%2F%2Fnotepad-setup.top%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=0&flow_bottomOffset=0&impGap=1&flow_width=340&flow_height=192&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.2993&geoLong=9.491&vpTemplate=11441&flowMode=seenboth&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=%5BMUO-Reg-Org%5D&appName=&appBundleId=https%3A%2F%2Fnotepad-setup.top%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.195.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-195-78.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c0d19353c945d66184d063ccb4c33fa2e2014c35b8a7a8a56416e34531f90e92

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notepad-setup.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 28 Jan 2023 08:38:48 GMT
content-encoding
gzip
via
1.1 75a13c74495137fb5435dc4030981df6.cloudfront.net (CloudFront), 1.1 e976f829f2d1c4787d42d0595ae7cf74.cloudfront.net (CloudFront)
last-modified
Wed, 25 Jan 2023 21:28:24 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA2-C1
age
773
x-amz-server-side-encryption
AES256
etag
W/"676ff20d9a1610954eca1e1b18855dbf"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
5dkpNfLwmBMh-_SVQbmEv6BHj3Lz4LPOyNhTIVoHYkfdkLI7eo4Giw==
css
fonts.googleapis.com/ 		1 KB
841 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Poppins&display=swap
Requested by
Host: notepad-setup.top
URL: https://notepad-setup.top/?_=%2Fvalnet%2Fop.js%23D0ZmU6%2BV0dzn%2FxFwR%2BKawumBynvxfg7ygA4cwHY%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80e::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0dabde244ca54751439b42b2bc6754887cf48d7d13835c2ed1fa37b253a4731a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notepad-setup.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 28 Jan 2023 08:51:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 28 Jan 2023 08:00:04 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 28 Jan 2023 08:51:40 GMT
liveView.php
live.primis.tech/live/ Frame 2DAE 		60 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0kJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMTIyMxZ2nWRyolUlRaVmZXJmJTJGY29hqzVlqGVxJTJGMmA4NmUyMxZ2nWRyo182MTM1ZDFyOTU3YmU2MDAkMTEkMTMjJTJGqzyxNwNxMTFzZTt0MDVzOTQ0NTM4NTE4Nv5gpDQyM0Z0o2fyM0Ryq29aSUNBZ0ygRaNnrUx2SUNKSVV6STFOnUymQ2yBZ0yDQWyxSGk3SWciZ0yepFuWQ0yLZyEhZXqiZ0yDQWqJoWk6Y3yJNxyDSyFwoWk0YVuNnUkBo2qJQ0FaSW5OMVycSTZJQ0y2ZFuCp2IlRzgwrTydYzcFrUjmWaBnR1Z2TDNWrycYSacMMx52Yz5noGNhUzknQmu6TURaM05TOTJuV1JfYwE4Mx1UTTFnREZfT1RVM1y6VTJNREF4TVRFrE1UTXqMM1cjWxRZrycERXunoVU0TxRBMVcdnmBORFV6T0RVrE9EWXVvWEEjSWy3S0yDQWqJQ0c1WW1ZnU9cQXuOnzMjT0RVMx9EQXqMQW9aSUNBZ0ygVwRwQ0x2SURFMx56VXqOVFEjTxRBS2ZRLzuuSEylpl1kNDNIQzflZayOZFcGrWqeWv1xZxRhT2yHZE9wqay4S2glRDQzqzyxX2NioaRyoaRsnWQ9Mwt4NDQkMlZ2nWRsY29hqGVhqF9xZXNwPUuiqlg0olgmZXR1pCg0nGUeUzFmpGJypaJ5K1BcK1RiqWNbp2NlZWVhJaZcZF9wo250ZW50X3RcqGkyPUuiqlg0olgmZXR1pCg0nGUeUzFmpGJypaJ5K1BcK1RiqWNbp2NlZWVhJaZcZF9wo250ZW50X2R1pzF0nW9hPTE5MvZxZWJ1Z0yhZz9loWF0nW9hPSZjoGF5oGymqEyxPTEjODMmJat9NmI4Jax9NDEjJaB1YyVloD1bqHRjplUmQSUlRvUlRz5iqGVjYWQgp2V0qXAhqG9jJTJGJaJcPTZDNwx3NwY1NTM3NDYkNmQ3MmqDNmM2QwMkN0I1NDMjN0Q3QwY0MmImMDMlMmMlRDMjMmElRDMlMmt1RwMkMmA3RDqCNmMmMTM2MmpmNTMjMmAmMDMkN0Q3QwQmMmUmNmqEN0I1MmYlNTt1Nwp2NEM1ODRBNxM1QTp5MmE3NwYmNxQ2NDY2NwI2RDM5MmA1QTU4NDI2ODVBNDMmMTqBNUE1ODUlMmE2MmQmMmUmMDYlMmM0MTNEN0Q3QwYlNwM2ODplNxY2RDY1N0Q3QwpkNwQ2NTpmNxI3NDZGNmA3RDqCNxY3NmY5NxU2NDZGNmp3MmqEN0I1ODM3MmImODqEN0I1OTM0MmEmMDqEN0I2NwMkN0Q3QwRDMmEmMTM0MmQmMTqERxVGRSZupHBOYW1yPSZcp0FjpD0jJzFjpEyxPSZxnWFcZD0zYXBjQaVhZGkySWQ9nHR0pHMyM0EyMxYyMxZho3RypGFxLXNyqHVjLaRipCUlRvZupHBTqG9lZVVloD0zYXBjUHJcqzFwrVBioGywrT0zYXBjSXNQYWyxPSZupHBWZXJmnW9hPSZmZGg2PSZupHBEZXZyoG9jZXI9Jzqyo0kuqGx9NTEhMwx5MlZaZW9Mo25aPTxhNDxkJaVmZXJJpEFxZHI9MzEjMCUmQWM5OCUmQTIjNTAyM0FuMDA3JTNBMvUmQSUmQTMzqXNypyVBPU1irzyfoGEyMxY1LwAeJTI4V2yhZG93plgOVCfkMC4jJTNCK1qcowY0JTNCK3t2NCUlOSgBpHBfZVqyYxgcqCUlRwUmNl4mNvfyMwuLSFRNTCUlQlgfnWgyK0qyY2giJTI5K0Nbpz9gZSUlRwEjOS4jLwU0MTQhMTE5K1NuZzFlnSUlRwUmNl4mNvZjoGF5ZXJBpGyJZD0zYXZunWkDYW1jYWyaoaM9JaN1YxyxPSU1Qx1VTl1SZWpgT3JaJTVEJzNmqXVcZD02M2Q0ZTIkYmtkOGJxJzNvqXN0ZXI9MTY3NDt5NTxjMDY5MCZaZHBlPTEzZ2RjpxNioaNyoaQ9JzymV2VQYXNmR2Rjpw0j
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032332D30312D32385F31307D7B7331363735303030317D7B4335377D7B53625856764C584A6C5A793176636D6466626D39305A5842685A43317A5A585231634335306233413D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583732387D7B593431307D7B66317D7B4C31313434317DFEFE&userIpAddr=2a00%3Ac98%3A2050%3Aa007%3A2%3A%3A3&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F109.0.5414.119+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=5&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1674895900&csuuid=63d4e21c818bd&debugInfo=16750001_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16750001&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2a51shulyijv&secondaryContent=&x=728&y=410&pubUrl=https%3A%2F%2Fnotepad-setup.top%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=0&flow_bottomOffset=0&impGap=1&flow_width=340&flow_height=192&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.2993&geoLong=9.491&vpTemplate=11441&flowMode=seenboth&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=%5BMUO-Reg-Org%5D&appName=&appBundleId=https%3A%2F%2Fnotepad-setup.top%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:8a00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
14f20ddde45a5d51850dcfe4fbd3fc683c7d785930dabdea4415fab48da2e434

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notepad-setup.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 28 Jan 2023 08:51:40 GMT
content-encoding
gzip
via
1.1 37c215a6cf8b04439db2f97a633421e6.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA2-C1
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://notepad-setup.top
content-type
application/json; charset=utf-8
cache-control
no-store
access-control-allow-credentials
true
content-length
7492
x-amz-cf-id
jDVnEj29GMmBMiEMI5jfikeFTldUrr3YIzmXSCTPRic_n4yUcGu8mQ==
liveView.php
live.primis.tech/live/ Frame 2DAE 		60 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0kJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMTIyMxZ2nWRyolUlRaVmZXJmJTJGY29hqzVlqGVxJTJGMmA4NmUyMxZ2nWRyo182MTM1ZDFyOTU3YmU2MDAkMTEkMTMjJTJGqzyxNwNxMTFzZTt0MDVzOTQ0NTM4NTE4Nv5gpDQyM0Z0o2fyM0Ryq29aSUNBZ0ygRaNnrUx2SUNKSVV6STFOnUymQ2yBZ0yDQWyxSGk3SWciZ0yepFuWQ0yLZyEhZXqiZ0yDQWqJoWk6Y3yJNxyDSyFwoWk0YVuNnUkBo2qJQ0FaSW5OMVycSTZJQ0y2ZFuCp2IlRzgwrTydYzcFrUjmWaBnR1Z2TDNWrycYSacMMx52Yz5noGNhUzknQmu6TURaM05TOTJuV1JfYwE4Mx1UTTFnREZfT1RVM1y6VTJNREF4TVRFrE1UTXqMM1cjWxRZrycERXunoVU0TxRBMVcdnmBORFV6T0RVrE9EWXVvWEEjSWy3S0yDQWqJQ0c1WW1ZnU9cQXuOnzMjT0RVMx9EQXqMQW9aSUNBZ0ygVwRwQ0x2SURFMx56VXqOVFEjTxRBS2ZRLzuuSEylpl1kNDNIQzflZayOZFcGrWqeWv1xZxRhT2yHZE9wqay4S2glRDQzqzyxX2NioaRyoaRsnWQ9Mwt4NDQkMlZ2nWRsY29hqGVhqF9xZXNwPUuiqlg0olgmZXR1pCg0nGUeUzFmpGJypaJ5K1BcK1RiqWNbp2NlZWVhJaZcZF9wo250ZW50X3RcqGkyPUuiqlg0olgmZXR1pCg0nGUeUzFmpGJypaJ5K1BcK1RiqWNbp2NlZWVhJaZcZF9wo250ZW50X2R1pzF0nW9hPTE5MvZxZWJ1Z0yhZz9loWF0nW9hPSZjoGF5oGymqEyxPTEjODMmJat9MmQjJax9MTxkJaB1YyVloD1bqHRjplUmQSUlRvUlRz5iqGVjYWQgp2V0qXAhqG9jJTJGJaJcPTZDNwx3NwY1NTM3NDYkNmQ3MmqDNmM2QwMkN0I1NDMjN0Q3QwY0MmImMDMlMmMlRDMjMmElRDMlMmt1RwMkMmA3RDqCNmMmMTM2MmpmNTMjMmAmMDMkN0Q3QwQmMmUmNmqEN0I1MmYlNTt1Nwp2NEM1ODRBNxM1QTp5MmE3NwYmNxQ2NDY2NwI2RDM5MmA1QTU4NDI2ODVBNDMmMTqBNUE1ODUlMmE2MmQmMmUmMDYlMmM0MTNEN0Q3QwYlNwM2ODplNxY2RDY1N0Q3QwpkNwQ2NTpmNxI3NDZGNmA3RDqCNxY3NmY5NxU2NDZGNmp3MmqEN0I1ODM3MmImODqEN0I1OTM0MmEmMDqEN0I2NwMkN0Q3QwRDMmEmMTM0MmQmMTqERxVGRSZupHBOYW1yPSZcp0FjpD0jJzFjpEyxPSZxnWFcZD0zYXBjQaVhZGkySWQ9nHR0pHMyM0EyMxYyMxZho3RypGFxLXNyqHVjLaRipCUlRvZupHBTqG9lZVVloD0zYXBjUHJcqzFwrVBioGywrT0zYXBjSXNQYWyxPSZupHBWZXJmnW9hPSZmZGg2PSZupHBEZXZyoG9jZXI9Jzqyo0kuqGx9NTEhMwx5MlZaZW9Mo25aPTxhNDxkJaVmZXJJpEFxZHI9MzEjMCUmQWM5OCUmQTIjNTAyM0FuMDA3JTNBMvUmQSUmQTMzqXNypyVBPU1irzyfoGEyMxY1LwAeJTI4V2yhZG93plgOVCfkMC4jJTNCK1qcowY0JTNCK3t2NCUlOSgBpHBfZVqyYxgcqCUlRwUmNl4mNvfyMwuLSFRNTCUlQlgfnWgyK0qyY2giJTI5K0Nbpz9gZSUlRwEjOS4jLwU0MTQhMTE5K1NuZzFlnSUlRwUmNl4mNvZjoGF5ZXJBpGyJZD0zYXZunWkDYW1jYWyaoaM9JaN1YxyxPSU1Qx1VTl1SZWpgT3JaJTVEJzNmqXVcZD02M2Q0ZTIkYmtkOGJxJzNvqXN0ZXI9MTY3NDt5NTxjMDY5MCZaZHBlPTEzZ2RjpxNioaNyoaQ9JzymV2VQYXNmR2Rjpw0j
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032332D30312D32385F31307D7B7331363735303030317D7B4335377D7B53625856764C584A6C5A793176636D6466626D39305A5842685A43317A5A585231634335306233413D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583732387D7B593431307D7B66317D7B4C31313434317DFEFE&userIpAddr=2a00%3Ac98%3A2050%3Aa007%3A2%3A%3A3&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F109.0.5414.119+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=5&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1674895900&csuuid=63d4e21c818bd&debugInfo=16750001_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16750001&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2a51shulyijv&secondaryContent=&x=728&y=410&pubUrl=https%3A%2F%2Fnotepad-setup.top%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=0&flow_bottomOffset=0&impGap=1&flow_width=340&flow_height=192&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.2993&geoLong=9.491&vpTemplate=11441&flowMode=seenboth&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=%5BMUO-Reg-Org%5D&appName=&appBundleId=https%3A%2F%2Fnotepad-setup.top%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:8a00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
028ab28099c5024a05212bf444debc41de781b9f6ec518e91aad07c6ce9f7267

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notepad-setup.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 28 Jan 2023 08:51:40 GMT
content-encoding
gzip
via
1.1 37c215a6cf8b04439db2f97a633421e6.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA2-C1
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://notepad-setup.top
content-type
application/json; charset=utf-8
cache-control
no-store
access-control-allow-credentials
true
content-length
7490
x-amz-cf-id
Jb4XyA5SsXSi_TD_VsJfaGec_UZ6jd3vuYEFna9uv9WjSb7NG1Vvzg==
liveView.php
live.primis.tech/live/ Frame 2DAE 		35 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0jJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMTIyMxZ2nWRyolUlRaVmZXJmJTJGY29hqzVlqGVxJTJGMmA4NmUyMxZ2nWRyo182MTM1ZDFyOTU3YmU2MDAkMTEkMTMjJTJGqzyxNwNxMTFzZTt0MDVzOTQ0NTM4NTE4Nv5gpDQyM0Z0o2fyM0Ryq29aSUNBZ0ygRaNnrUx2SUNKSVV6STFOnUymQ2yBZ0yDQWyxSGk3SWciZ0yepFuWQ0yLZyEhZXqiZ0yDQWqJoWk6Y3yJNxyDSyFwoWk0YVuNnUkBo2qJQ0FaSW5OMVycSTZJQ0y2ZFuCp2IlRzgwrTydYzcFrUjmWaBnR1Z2TDNWrycYSacMMx52Yz5noGNhUzknQmu6TURaM05TOTJuV1JfYwE4Mx1UTTFnREZfT1RVM1y6VTJNREF4TVRFrE1UTXqMM1cjWxRZrycERXunoVU0TxRBMVcdnmBORFV6T0RVrE9EWXVvWEEjSWy3S0yDQWqJQ0c1WW1ZnU9cQXuOnzMjT0RVMx9EQXqMQW9aSUNBZ0ygVwRwQ0x2SURFMx56VXqOVFEjTxRBS2ZRLzuuSEylpl1kNDNIQzflZayOZFcGrWqeWv1xZxRhT2yHZE9wqay4S2glRDQzqzyxX2NioaRyoaRsnWQ9Mwt4NDQkMlZ2nWRsY29hqGVhqF9xZXNwPUuiqlg0olgmZXR1pCg0nGUeUzFmpGJypaJ5K1BcK1RiqWNbp2NlZWVhJaZcZF9wo250ZW50X3RcqGkyPUuiqlg0olgmZXR1pCg0nGUeUzFmpGJypaJ5K1BcK1RiqWNbp2NlZWVhJaZcZF9wo250ZW50X2R1pzF0nW9hPTE5MvZxZWJ1Z0yhZz9loWF0nW9hPSZjoGF5oGymqEyxPTEjODMmJat9NmI4Jax9NDEjJaB1YyVloD1bqHRjplUmQSUlRvUlRz5iqGVjYWQgp2V0qXAhqG9jJTJGJaJcPTZDNwx3NwY1NTM3NDYkNmQ3MmqDNmM2QwMkN0I1NDMjN0Q3QwY0MmImMDMlMmMlRDMjMmElRDMlMmt1RwMkMmA3RDqCNmMmMTM2MmpmNTMjMmAmMDMkN0Q3QwQmMmUmNmqEN0I1MmYlNTt1Nwp2NEM1ODRBNxM1QTp5MmE3NwYmNxQ2NDY2NwI2RDM5MmA1QTU4NDI2ODVBNDMmMTqBNUE1ODUlMmE2MmQmMmUmMDYlMmM0MTNEN0Q3QwYlNwM2ODplNxY2RDY1N0Q3QwpkNwQ2NTpmNxI3NDZGNmA3RDqCNxY3NmY5NxU2NDZGNmp3MmqEN0I1ODM3MmImODqEN0I1OTM0MmEmMDqEN0I2NwMkN0Q3QwRDMmEmMTM0MmQmMTqERxVGRSZupHBOYW1yPSZcp0FjpD0jJzFjpEyxPSZxnWFcZD0zYXBjQaVhZGkySWQ9nHR0pHMyM0EyMxYyMxZho3RypGFxLXNyqHVjLaRipCUlRvZupHBTqG9lZVVloD0zYXBjUHJcqzFwrVBioGywrT0zYXBjSXNQYWyxPSZupHBWZXJmnW9hPSZmZGg2PSZupHBEZXZyoG9jZXI9Jzqyo0kuqGx9NTEhMwx5MlZaZW9Mo25aPTxhNDxkJaVmZXJJpEFxZHI9MzEjMCUmQWM5OCUmQTIjNTAyM0FuMDA3JTNBMvUmQSUmQTMzqXNypyVBPU1irzyfoGEyMxY1LwAeJTI4V2yhZG93plgOVCfkMC4jJTNCK1qcowY0JTNCK3t2NCUlOSgBpHBfZVqyYxgcqCUlRwUmNl4mNvfyMwuLSFRNTCUlQlgfnWgyK0qyY2giJTI5K0Nbpz9gZSUlRwEjOS4jLwU0MTQhMTE5K1NuZzFlnSUlRwUmNl4mNvZjoGF5ZXJBpGyJZD0zYXZunWkDYW1jYWyaoaM9JaN1YxyxPSU1Qx1VTl1SZWpgT3JaJTVEJzNmqXVcZD02M2Q0ZTIkYmtkOGJxJzNvqXN0ZXI9MTY3NDt5NTxjMDY5MlZaZHBlPTEzZ2RjpxNioaNyoaQ9JzymV2VQYXNmR2Rjpw0j
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032332D30312D32385F31307D7B7331363735303030317D7B4335377D7B53625856764C584A6C5A793176636D6466626D39305A5842685A43317A5A585231634335306233413D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583732387D7B593431307D7B66317D7B4C31313434317DFEFE&userIpAddr=2a00%3Ac98%3A2050%3Aa007%3A2%3A%3A3&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F109.0.5414.119+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=5&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1674895900&csuuid=63d4e21c818bd&debugInfo=16750001_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16750001&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2a51shulyijv&secondaryContent=&x=728&y=410&pubUrl=https%3A%2F%2Fnotepad-setup.top%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=0&flow_bottomOffset=0&impGap=1&flow_width=340&flow_height=192&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.2993&geoLong=9.491&vpTemplate=11441&flowMode=seenboth&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=%5BMUO-Reg-Org%5D&appName=&appBundleId=https%3A%2F%2Fnotepad-setup.top%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:8a00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
7962dc90f0f561962772adfa321219877a9529e139e525bd1234a5fb98c3cdb0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notepad-setup.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 28 Jan 2023 08:51:40 GMT
content-encoding
gzip
via
1.1 37c215a6cf8b04439db2f97a633421e6.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA2-C1
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://notepad-setup.top
content-type
application/json; charset=utf-8
cache-control
no-store
access-control-allow-credentials
true
content-length
5836
x-amz-cf-id
JlhCIQoyOm91COkRr1DIZPu4VBwrTZmdW8yCEsutFYnjpdZfUZgYrA==
logo_11441.png
video.primis.tech/uploads/video/users/logo/30875/ 		902 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/video/users/logo/30875/logo_11441.png?cbuster=1631182141
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:4000:1:6448:6d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
f07e8fdac46769a0b6346efb750010588b413ca31b1161549de9cb94864bf499

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notepad-setup.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 28 Jan 2023 06:01:43 GMT
via
1.1 55429f2d64d86ac51a104a1c84030e14.cloudfront.net (CloudFront), 1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront)
x-amz-cf-pop
SFO5-C1, FRA2-C1
age
10232
x-cache
Hit from cloudfront
content-length
902
last-modified
Thu, 09 Sep 2021 10:09:01 GMT
server
nginx
etag
"355a6ec52e1ed8c0416d0ad30e3c8d55"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
J8hOO9AglS_ae0NvouzTayPWknASGlryKzGbYBzn3EZdZqIWzNdYkQ==
expires
Sun, 29 Jan 2023 06:01:08 GMT
liveView.php
live.primis.tech/live/ 		0
419 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTUjJaNypaZypyRcoWU9MTY3NDt5NTxjMCZ2nWRspGkurWVlVzVlPTMhMS4jJaM9MTA4NTA3JaN0YT0jJat9NmI4Jax9NDEjJaZcZF9jYXNmRG9gYWyhPW5iqGVjYWQgp2V0qXAhqG9jJaN1YxyxPW11ol1lZWpgo3JaX25iqGVjYWQgp2V0qXAhqG9jJzRyYaVaSW5zo3JgYXRco249JzymQXBjPTAzp2Reqw0zpzx9NxM2OTp2NwU1Mmp0NwE3NDpmN0M3MmZCMmE3QwU0MmA3RDqCNwQmMwMjMmImMmJEMmAmMTJEMmImODVGMmEmMDqEN0I3MmMkMmYmNmM1MmAmMDMjMmE3RDqCNDMmNTM3N0Q3QwUmNwI1ODU2NmY0QmU4NEE2QmVBNmxmMTp2NwM2RDY0NwY2MwZEMmxmMDVBNTt0MwY4NUE0MmMkN0E1QTU4NTImMTYmNDMmNTMjNwImMmQkM0Q3RDqCNwI2MmY4NmI2RwZENwU3RDqCNmE2NDY1NmM2Qwp0NxY3MDqEN0I2Rwp3Nwx2RTY0NxY3NmpmN0Q3QwU4MmpmMwM4N0Q3QwU5MmQmMTMjN0Q3QwY2MmE3RDqCNEMmMTMkMmQmNDMkN0RGRUZFJzRcYWyxPSZ1p2VlSXBBZGRlPTJuMDAyM0FwOTtyM0ElMDUjJTNBYTAjNlUmQTIyM0EyM0EmJaVmZXJVQT1No3ccoGkuJTJGNS4jJTIjJTI4V2yhZG93plUlME5UJTIjMTAhMCUmQvUlMFqcowY0JTNCJTIjrDY0JTI5JTIjQXBjoGVXZWJLnXQyMxY1MmphMmYyMwAyMwuLSFRNTCUlQlUlMGkcn2UyMwBHZWNeolUlOSUlMENbpz9gZSUlRwEjOS4jLwU0MTQhMTE5JTIjU2FzYXJcJTJGNTM3LwM2JzNmqXVcZD02M2Q0ZTIkYmtkOGJxJzNioaRyoaRGnWkySWQ9MCZgZWRcYVBfYXyMnXN0SWQ9MCZgZWRcYUkcp3RJZD0jJzqxpHI9MSZaZHBlQ29hp2VhqD0znXNXZVBup3NHZHBlPTAzY2NjYT0jJzNwpGFDo25mZW50PSZwYaVmqGVlPTE2NmQ4OTU5MDA2ODIzqWyxPVNyn2yhZG9TUGkurWVlNwNxNGUlMWM4ZWQlNlZjqWJVpzj9nHR0pHMyM0EyMxYyMxZho3RypGFxLXNyqHVjLaRipCUlRvZzoG9uqFN0YXR1pm1zYWkmZSZynWRmpD1jpzVvnWQ=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:8a00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notepad-setup.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 28 Jan 2023 08:51:40 GMT
content-encoding
gzip
via
1.1 37c215a6cf8b04439db2f97a633421e6.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA2-C1
age
0
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
x-amz-cf-id
cvTv3tkoaaam9ZkaxXKEp48npBDHv_9MOjm4VPAQitOJvJU9mRR7-A==
vid63d11fe8405f9445385186.jpg
video.primis.tech/uploads/cn12/video/users/converted/30875/video_6135d1e957c56001111130/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn12/video/users/converted/30875/video_6135d1e957c56001111130/vid63d11fe8405f9445385186.jpg?cbuster=1674649589
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:4000:1:6448:6d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
3d4e056aa15aed5219527e01a55baac5880fd7d153cf3227100aa0ce6f79549a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notepad-setup.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 28 Jan 2023 04:49:09 GMT
via
1.1 0878f88c5343da8d67032ec6de2d7e04.cloudfront.net (CloudFront), 1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront)
x-amz-cf-pop
IAH50-P2, FRA2-C1
age
14637
x-cache
Hit from cloudfront
content-length
17781
last-modified
Wed, 25 Jan 2023 12:27:21 GMT
server
nginx
etag
"8390d5f0297911e1250ac99e113e9183"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
dtLPyw5Nj59Wdn8fN9NAdEc0cuT2kDuwuoB3KIfdlBxj5y5ESRuzLQ==
expires
Sun, 29 Jan 2023 04:47:42 GMT
v2rdj9DniRhemV1yMEu-B4qC4TK7CxNirpW0RRt_nZv41wAWdizVSPPWs4dYhkW-oFkCTPCtX
aloofvest.com/ 		2 KB
857 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://aloofvest.com/v2rdj9DniRhemV1yMEu-B4qC4TK7CxNirpW0RRt_nZv41wAWdizVSPPWs4dYhkW-oFkCTPCtX
Requested by
Host: notepad-setup.top
URL: https://notepad-setup.top/?_=%2Fv2gkdtcolbyyvETUl8BRxrOr2e50_I7MAvHoA1avRR_S9Erkyjiz8Kn0%23D0ZmU6%2BV0dzy8hl%2BT7qe1fHGznzo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:4277::1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
17ffe1845b38780a68edf6010c4268c4bcb09f16d362e4eddb35e6fbf3dc8b95
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://notepad-setup.top/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
gzip
via
1.1 google
date
Sat, 28 Jan 2023 08:51:40 GMT
x-buildnumber
757822166
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
780
x-datacenter
gce-europe-west1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://notepad-setup.top
x-hostname
fen-hoothoot-europe-west1-spot-218p
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 2DAE 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.195.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-195-78.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notepad-setup.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id
1R3b4YI9dI20q9Y7Gq1DHxVUnq3Fp2gn
content-encoding
gzip
via
1.1 e976f829f2d1c4787d42d0595ae7cf74.cloudfront.net (CloudFront)
date
Fri, 27 Jan 2023 12:26:44 GMT
x-amz-cf-pop
FRA2-C1
age
73497
x-cache
Hit from cloudfront
last-modified
Fri, 23 Dec 2022 01:05:48 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
PERhoKYs5BEaMLS-fC0Bv1FUUA1dSJyUzOYngtzmtMSybeXfgll8UA==
auction
prebid-server.rubiconproject.com/openrtb2/ Frame 2DAE 		185 B
410 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_6.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.218.170 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-218-170.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
1bce8c1bb8a8bca0562c129090fe4f3fef04a19f23c2b9146f801d6f688d686c

Request headers

Referer
https://notepad-setup.top/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 28 Jan 2023 08:51:40 GMT
content-encoding
gzip
x-prebid
pbs-java/1.109.0
content-type
application/json
access-control-allow-origin
https://notepad-setup.top
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
173
expires
0
pbjs
htlb.casalemedia.com/openrtb/ Frame 2DAE 		36 B
573 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=922753&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%2239a4c9e765916e%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fnotepad-setup.top%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.16.0%22%2C%22userIds%22%3A%5B%22pubProvidedId%22%5D%2C%22url%22%3A%22https%3A%2F%2Fnotepad-setup.top%2F%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A5%2C%22pbadslot%22%3A%22%2F108507%22%2C%22adunitcode%22%3A%22adUnit_3%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%224af1dfc2ba6d3f%22%2C%22ext%22%3A%7B%22siteID%22%3A%22922753%22%2C%22tid%22%3A%2214ebb637-e97b-49ec-930c-7658ec2585f1%22%2C%22sid%22%3A%22728x410%22%2C%22fl%22%3A%22x%22%2C%22gpid%22%3A%22%2F108507%22%7D%2C%22video%22%3A%7B%22playerSize%22%3A%5B%5B728%2C410%5D%5D%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22application%2Fjavascript%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A200%2C%22protocols%22%3A%5B1%2C2%2C3%2C4%2C5%2C6%5D%2C%22linearity%22%3A1%2C%22api%22%3A%5B1%2C2%5D%2C%22placement%22%3A1%2C%22startdelay%22%3A0%2C%22skip%22%3A1%2C%22w%22%3A728%2C%22h%22%3A410%7D%2C%22bidfloor%22%3A2%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22id5-sync.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%220%22%2C%22ext%22%3A%7B%22linkType%22%3A0%7D%7D%5D%7D%2C%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%229f348689-0c05-482e-9549-5afc2d2a7da9%22%7D%5D%7D%5D%2C%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%2C%22us_privacy%22%3A%221---%22%7D%7D%7D
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_6.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1228e1621dbdf6ee9e93456433e986824d432d04fbcdb3ed2370a7ca7a9a878

Request headers

Referer
https://notepad-setup.top/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 28 Jan 2023 08:51:40 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YWPwdPRCHNRiYjH4C6RNZdIF6gbW64LwpRSxMqxbjMTQT%2BzjsywlT%2BrSZfC5Ku0qT%2BtSk2S%2BhwijwuE%2FwTr5gO4A3mElsepIDKnak%2FhyOg4JDM07GvO0R5joOFIbFAK9Wz%2FoZpS2"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://notepad-setup.top
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
79087cd47c752bb2-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
auction
tlx.3lift.com/header/ Frame 2DAE 		19 B
523 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.16.0&referrer=https%3A%2F%2Fnotepad-setup.top%2F&tmax=3000&gdpr=false&us_privacy=1---
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_6.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.0.151 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-0-151.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://notepad-setup.top/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 28 Jan 2023 08:51:40 GMT
accept-ch
sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink
x-auction-status
3
content-type
application/json; charset=utf-8
access-control-allow-origin
https://notepad-setup.top
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 2DAE 		19 B
832 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_6.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://notepad-setup.top/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 28 Jan 2023 08:51:40 GMT
AN-X-Request-Uuid
0fe3aeea-420a-4c0b-902c-bbb514fc36b4
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://notepad-setup.top
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
178.162.209.130; 178.162.209.130; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ConsentManager,Sticky2
scarfsmash.com/v2dtreYV1SDSevyvSu-Y9pvoirSLH5udKdgpYj77Q5aIUdOtD07lJaUrSX8E_y-JxRZPRyCw/ 		274 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scarfsmash.com/v2dtreYV1SDSevyvSu-Y9pvoirSLH5udKdgpYj77Q5aIUdOtD07lJaUrSX8E_y-JxRZPRyCw/ConsentManager,Sticky2
Requested by
Host: notepad-setup.top
URL: https://notepad-setup.top/?_=%2Fv2gkdtcolbyyvETUl8BRxrOr2e50_I7MAvHoA1avRR_S9Erkyjiz8Kn0%23D0ZmU6%2BV0dzy8hl%2BT7qe1fHGznzo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:d733::1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
db636a80688df443d34f247e0b5045c4676d4b5b1095c2a497c3d7399df6730e
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://notepad-setup.top/
Origin
https://notepad-setup.top
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
via
1.1 google
date
Sat, 28 Jan 2023 08:51:40 GMT
x-buildnumber
757822166
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-datacenter
gce-europe-west1
etag
"5f1814c848c86e3cf92be0cf4ae137cec2ab61842ee41f3994fe9d10ef2c3cb7"
x-buildname
hoothoot
vary
Accept-Encoding, Accept-Language, Origin
access-control-allow-methods
POST, OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
https://notepad-setup.top
x-hostname
fen-hoothoot-europe-west1-spot-218p
cache-control
private, must-revalidate, max-age=21600
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
vid63d11fe8405f9445385186.jpg
video.primis.tech/uploads/cn12/video/users/converted/30875/video_6135d1e957c56001111130/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn12/video/users/converted/30875/video_6135d1e957c56001111130/vid63d11fe8405f9445385186.jpg?cbuster=1674649589
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:4000:1:6448:6d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
3d4e056aa15aed5219527e01a55baac5880fd7d153cf3227100aa0ce6f79549a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notepad-setup.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 28 Jan 2023 04:49:09 GMT
via
1.1 0878f88c5343da8d67032ec6de2d7e04.cloudfront.net (CloudFront), 1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront)
x-amz-cf-pop
IAH50-P2, FRA2-C1
age
14637
x-cache
Hit from cloudfront
content-length
17781
last-modified
Wed, 25 Jan 2023 12:27:21 GMT
server
nginx
etag
"8390d5f0297911e1250ac99e113e9183"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
8gtIQrT41l-oow8aRy9nL_z2p5VOdx98GgcT3Jq-2PAUMWa7Sq_YmQ==
expires
Sun, 29 Jan 2023 04:47:42 GMT
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://notepad-setup.top
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 25 Jan 2023 19:25:00 GMT
x-content-type-options
nosniff
age
221201
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7884
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 17:03:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 25 Jan 2024 19:25:00 GMT
css2
fonts.googleapis.com/ 		7 KB
752 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Inter:wght@300;600;700&display=swap
Requested by
Host: notepad-setup.top
URL: https://notepad-setup.top/?_=%2Fvalnet%2Fop.js%23D0ZmU6%2BV0dzn%2FxFwR%2BKawumBynvxfg7ygA4cwHY%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80e::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a9800bdcfee680a224931e132e95552d4e5d70f9f147ced4af8a9c8bc52c80c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notepad-setup.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 28 Jan 2023 08:51:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 28 Jan 2023 07:16:08 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 28 Jan 2023 08:51:41 GMT
domains
api.viglink.com/api/ 		42 B
491 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.viglink.com/api/domains
Requested by
Host: cdn.viglink.com
URL: https://cdn.viglink.com/api/vglnk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.179.146 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-179-146.eu-west-1.compute.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
3be20195043838a06b1b4e16442a66d69bcda3df2142b510a367e680bb4d2ab5

Request headers

Referer
https://notepad-setup.top/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Sat, 28 Jan 2023 08:51:40 GMT
Server
Apache-Coyote/1.1
P3P
CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin
https://notepad-setup.top
Content-Type
text/javascript;charset=UTF-8
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
42
Expires
Thu, 01 Jan 1970 00:00:00 GMT
acv.json
notepad-setup.top/ 		196 B
598 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://notepad-setup.top/acv.json
Requested by
Host: notepad-setup.top
URL: https://notepad-setup.top/?_=%2Fv2gkdtcolbyyvETUl8BRxrOr2e50_I7MAvHoA1avRR_S9Erkyjiz8Kn0%23D0ZmU6%2BV0dzy8hl%2BT7qe1fHGznzo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:d8e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notepad-setup.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 28 Jan 2023 08:51:41 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7PJ8aumrKB1nKmLgWgSWMkozfynM3FbBCmxS40FVHKDfxAzzxCQiyWqxmC7Nxz%2BRdxffy2sFW%2FVh0n6RW8nDtKwU6gColEjJshzDUQxhGTeOQdgESJ7fcbpLA21Qti2UwW4LfIVuAflPkThgWvIktg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cf-ray
79087cd64d75bba4-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
MTIsMTM3Y2UzNjc2ZjQ3
images.getadmiral.com/ 		763 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.getadmiral.com/MTIsMTM3Y2UzNjc2ZjQ3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:4466 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2880fbb26ad5becd41ec25a5c37da351ac77225bbf30d5a9ab8accf5728591cf
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notepad-setup.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 28 Jan 2023 08:51:41 GMT
strict-transport-security
max-age=15552000; preload
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options
nosniff
x-buildnumber
740336640
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
763
server
cloudflare
x-datacenter
gce-europe-west1
etag
"2c607cb7"
x-buildname
dank
vary
Accept-Encoding
x-hostname
backend-europe-west1-thgc
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eLhxUvVtObEaPuVIytoUfAMBXrq6Uf3gF4SK%2FlTd7S%2BI0lq9QSQx876Xu4yjYku3p9G%2F8VBHtWcj1QouBqXm9nEr1sbWSUFy%2BkAuFk%2B23WK5nXiMYPdQO63DyoEhNlL6LwkhkLzkPOgugIeNm0%2BVotczsQc%3D"}],"group":"cf-nel","max_age":604800}
cache-control
private, must-revalidate, max-age=3600
cf-ray
79087cd68ed0bbe3-FRA
v2dttPFvNc7TsBw3Y_6X8MvC8e9PPUg2gcA4ZH9paNwxRz4oKaJ3lhr-mc7Jeun8nUTGsHRDgKQ
aloofvest.com/ 		2 B
28 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://aloofvest.com/v2dttPFvNc7TsBw3Y_6X8MvC8e9PPUg2gcA4ZH9paNwxRz4oKaJ3lhr-mc7Jeun8nUTGsHRDgKQ
Requested by
Host: notepad-setup.top
URL: https://notepad-setup.top/?_=%2Fv2gkdtcolbyyvETUl8BRxrOr2e50_I7MAvHoA1avRR_S9Erkyjiz8Kn0%23D0ZmU6%2BV0dzy8hl%2BT7qe1fHGznzo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:4277::1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
4355a46b19d348dc2f57c046f8ef63d4538ebb936000f3c9ee954a27460dd865
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://notepad-setup.top/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Sat, 28 Jan 2023 08:51:41 GMT
via
1.1 google
x-buildnumber
757822166
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
x-datacenter
gce-europe-west1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://notepad-setup.top
x-hostname
fen-hoothoot-europe-west1-spot-218p
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires
Sat, 28 Jan 2023 08:51:40 GMT
prebid
id5-sync.com/api/config/ Frame 2DAE 		135 B
546 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_6.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.116 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533567.ip-162-19-138.eu
Software
/
Resource Hash
25359cb3d49c2e00cb2e97f95643ee30748d54c33daa11c9c6fb0d2b519dfffa
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://notepad-setup.top/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://notepad-setup.top
date
Sat, 28 Jan 2023 08:51:41 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
envelope
api.rlcdn.com/api/identity/ Frame 2DAE 		44 B
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity/envelope?pid=34
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_6.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.133.55 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
55.133.120.34.bc.googleusercontent.com
Software
/
Resource Hash
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://notepad-setup.top/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 28 Jan 2023 08:51:41 GMT
via
1.1 google
x-content-type-options
nosniff
access-control-allow-methods
GET, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://notepad-setup.top
access-control-allow-credentials
true
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length
44
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
id
id.crwdcntrl.net/ Frame 2DAE 		43 B
318 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_6.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.21.133 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-21-133.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596

Request headers

Referer
https://notepad-setup.top/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 28 Jan 2023 08:51:42 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://notepad-setup.top
cache-control
no-cache
x-server
10.45.4.202
access-control-allow-credentials
true
content-length
43
expires
0
rid
match.adsrvr.org/track/ Frame 2DAE 		63 B
391 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=j6w8ta9&fmt=json
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_6.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
cdd12b3a4781926de8450e5f2d50f235b5ccc6bcdd4e37cf99e764b33bcaa6ac

Request headers

Referer
https://notepad-setup.top/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 28 Jan 2023 08:51:42 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://notepad-setup.top
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Mon, 27 Feb 2023 08:51:41 GMT
sync
eb2.3lift.com/ Frame 2DAB 		37 B
140 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?us_privacy=1---&
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_6.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://notepad-setup.top/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Sat, 28 Jan 2023 08:51:41 GMT
ixmatch.html
js-sec.indexww.com/um/ Frame 0633 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_6.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://notepad-setup.top/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
216
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
79087cdb5bd99213-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 28 Jan 2023 08:51:41 GMT
expires
Sat, 28 Jan 2023 12:51:41 GMT
last-modified
Mon, 25 Jul 2022 19:18:30 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 9F31 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?gdpr=0&us_privacy=1---
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_6.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://notepad-setup.top/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 28 Jan 2023 08:51:41 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
usync.js
eus.rubiconproject.com/ Frame 9F31 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=0&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
8a9aeb58f35905d66e7eaea8b61896e221c1ca99d957ad7e060b77e8352ccf2c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?gdpr=0&us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Sat, 28 Jan 2023 08:51:41 GMT
Content-Encoding
gzip
Last-Modified
Sat, 28 Jan 2023 05:38:00 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=74763
Connection
keep-alive
Content-Length
10037
Expires
Sun, 29 Jan 2023 05:37:44 GMT
v1
lb.eu-1-id5-sync.com/lb/ Frame 2DAE 		33 B
404 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_6.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
b0fdf2c5c9e8a127ac751ec6b08ec02d49562f1a82761886a5c7740b95126002
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://notepad-setup.top/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://notepad-setup.top
date
Sat, 28 Jan 2023 08:51:41 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
khaos.jpg
token.rubiconproject.com/ Frame 9F31 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?gdpr=0&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=0&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
6f9fd0201ed801884e5299d5aabca094
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
212.json
id5-sync.com/g/v2/ Frame 2DAE 		216 B
627 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/212.json
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_6.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.116 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533567.ip-162-19-138.eu
Software
/
Resource Hash
5ee8f3df8f705593dc378318f2d68d53e1c3ed80f9ae8c7ea4c87eccb55dfa3b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://notepad-setup.top/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://notepad-setup.top
date
Sat, 28 Jan 2023 08:51:41 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
sync.php
pixel.rubiconproject.com/exchange/ Frame 9F31 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=a9us&gdpr=0&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
08fc1f390a6968c5983b6715b2a92536
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
token
token.rubiconproject.com/ Frame 9F31 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/token?pid=25470&gdpr=0&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
6f9fd0201ed801884e5299d5aabca094
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rubicon
match.adsrvr.org/track/cmf/ Frame 9F31 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon?gdpr=0&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 28 Jan 2023 08:51:42 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
ecm3
s.amazon-adsystem.com/ Frame 9F31
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&us_privacy=1---
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&us_privacy=1---&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=GuzV4NXTRAetGyuEwgYh9g&rk=usync-na&gdpr=0
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=GuzV4NXTRAetGyuEwgYh9g&gdpr=0
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=GuzV4NXTRAetGyuEwgYh9g&gdpr=0
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 28 Jan 2023 08:51:42 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
MPMR7WNG2SE21JS2Q331
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=GuzV4NXTRAetGyuEwgYh9g&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
08fc1f390a6968c5983b6715b2a92536
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
bridge
cm.adgrx.com/ Frame 9F31 		43 B
283 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adgrx.com/bridge?AG_SETCOOKIE&AG_PID=rubicon&gdpr=0&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.241.196 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 28 Jan 2023 08:51:42 GMT
server
Cowboy
content-type
image/gif
p3p
CP="NOI OTC OTP OUR NOR"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
x-realserver-nx
ams-delivery-5
content-length
43
expires
Thu, 23 Sep 2004 17:42:04 GMT
tap.php
pixel.rubiconproject.com/ Frame 9F31
Redirect Chain
  • https://dmp.brand-display.com/cm/api/rubicon?gdpr=0&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=538100&nid=5446&put=be8ebc3e-edf0-3525-492f23c7
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=538100&nid=5446&put=be8ebc3e-edf0-3525-492f23c7
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
08fc1f390a6968c5983b6715b2a92536
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Sat, 28 Jan 2023 08:51:42 GMT
via
1.1 google
server
nginx/1.22.1
p3p
CP='This is not a P3P policy!'
access-control-allow-origin
*
location
https://pixel.rubiconproject.com/tap.php?v=538100&nid=5446&put=be8ebc3e-edf0-3525-492f23c7
content-type
text/html; charset=utf-8
cache-control
max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
121
token
token.rubiconproject.com/ Frame 9F31 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/token?pid=26594&gdpr=0&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
6f9fd0201ed801884e5299d5aabca094
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 9F31
Redirect Chain
  • https://i.w55c.net/ping_match.gif?ei=RUBICON&rurl=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4210%26nid%3D1523%26put%3D_wfivefivec_%26expires%3D30&gdpr=0&us_privacy=1---
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=RUBICON&rurl=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4210%26nid%3D1523%26put%3D_wfivefivec_%26expires%3D30&gdpr=0&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=4210&nid=1523&put=6lhefvEa1PlGW25&expires=30&gdpr=0&us_privacy=1---
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4210&nid=1523&put=6lhefvEa1PlGW25&expires=30&gdpr=0&us_privacy=1---
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
08fc1f390a6968c5983b6715b2a92536
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Pragma
no-cache
Date
Sat, 28 Jan 2023 08:51:41 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-764-ga8a59a9#rel-ec2-master i-06a3ae00cce44eebf@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location
https://pixel.rubiconproject.com/tap.php?v=4210&nid=1523&put=6lhefvEa1PlGW25&expires=30&gdpr=0&us_privacy=1---
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
chunklist_480.m3u8
video.primis.tech/uploads/cn12/video/users/hls/30875/video_6135d1e957c56001111130/vid63d11fe8405f9445385186.mp4/ 		1 KB
763 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn12/video/users/hls/30875/video_6135d1e957c56001111130/vid63d11fe8405f9445385186.mp4/chunklist_480.m3u8
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:4000:1:6448:6d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
61551b609fdad1a27e6b939a4a88a499805731d605df82ec198467ed07fe85e8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notepad-setup.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 28 Jan 2023 05:01:48 GMT
via
1.1 72e3de93da5ba7406e21c3fba726a4ca.cloudfront.net (CloudFront), 1.1 f797fc0ae68a3abc35e081e46174c9f2.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
IAH50-P2, FRA2-C1
age
13907
x-cache
Hit from cloudfront
last-modified
Wed, 25 Jan 2023 12:28:21 GMT
server
nginx
etag
W/"216a949370bed1920056daf6f8f03255"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
*
cache-control
max-age=86400
vary
Accept-Encoding
x-amz-cf-id
wdgfUeSmH6jWrITqNXK-zn6VUFMA1yjSA6irfjn4WMaIZF-B_nrb1A==
expires
Sun, 29 Jan 2023 04:59:55 GMT
w_480_00000.ts
video.primis.tech/uploads/cn12/video/users/hls/30875/video_6135d1e957c56001111130/vid63d11fe8405f9445385186.mp4/ 		393 KB
394 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn12/video/users/hls/30875/video_6135d1e957c56001111130/vid63d11fe8405f9445385186.mp4/w_480_00000.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:4000:1:6448:6d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
48599b7e893adf78709d0b31f6c40fc26c1a3a19cb6c388f8049e72b327d9bfe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notepad-setup.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 27 Jan 2023 14:27:26 GMT
via
1.1 06ea45bb5683bd29972da02346cce480.cloudfront.net (CloudFront), 1.1 f797fc0ae68a3abc35e081e46174c9f2.cloudfront.net (CloudFront)
x-amz-cf-pop
IAH50-P2, FRA2-C1
age
66405
x-cache
Hit from cloudfront
content-length
402132
last-modified
Wed, 25 Jan 2023 12:28:21 GMT
server
nginx
etag
"3c3db13fe802f014814a5374e08241d2"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=1209600
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
sclN9wUjf_4fpxgWeBTQ5NqUg-UEvWEsUtLZxqfVN4opT1UUs3RWmg==
expires
Fri, 10 Feb 2023 14:24:56 GMT
c5c87888-70f0-4a0a-9c48-0bcb55e28469
https://notepad-setup.top/ 		67 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://notepad-setup.top/c5c87888-70f0-4a0a-9c48-0bcb55e28469
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b3e57eb372e8b405c816875571e184854b2846261c7477c6c9bdb7782faa1a30

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Length
68465
Content-Type
text/javascript
w_480_00001.ts
video.primis.tech/uploads/cn12/video/users/hls/30875/video_6135d1e957c56001111130/vid63d11fe8405f9445385186.mp4/ 		297 KB
298 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn12/video/users/hls/30875/video_6135d1e957c56001111130/vid63d11fe8405f9445385186.mp4/w_480_00001.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:4000:1:6448:6d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
d630237ac601bdc1331ebefe560180a1d02172ac96326f955d6bb27b990d5d89

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notepad-setup.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 27 Jan 2023 14:27:26 GMT
via
1.1 95a7b3c60127f88f316c1c042cf353c2.cloudfront.net (CloudFront), 1.1 f797fc0ae68a3abc35e081e46174c9f2.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C1, FRA2-C1
age
66405
x-cache
Hit from cloudfront
content-length
304560
last-modified
Wed, 25 Jan 2023 12:28:21 GMT
server
nginx
etag
"fd94119a7a10b1834f4ef6089353068a"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=1209600
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
XlAwnTOlqYflta01pWHCvTSjTfeODmP_rO1VV31_1BmmvBh4oq61wQ==
expires
Fri, 10 Feb 2023 14:24:57 GMT
w_480_00002.ts
video.primis.tech/uploads/cn12/video/users/hls/30875/video_6135d1e957c56001111130/vid63d11fe8405f9445385186.mp4/ 		246 KB
247 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn12/video/users/hls/30875/video_6135d1e957c56001111130/vid63d11fe8405f9445385186.mp4/w_480_00002.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:4000:1:6448:6d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
bbf553318569e07de3ec3fd91d7d95fe84db133ff184652619acac97eefad236

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notepad-setup.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 27 Jan 2023 14:27:27 GMT
via
1.1 280c9d4266c690eca29338d5796c8f9c.cloudfront.net (CloudFront), 1.1 f797fc0ae68a3abc35e081e46174c9f2.cloudfront.net (CloudFront)
x-amz-cf-pop
IAH50-P2, FRA2-C1
age
66404
x-cache
Hit from cloudfront
content-length
252296
last-modified
Wed, 25 Jan 2023 12:28:21 GMT
server
nginx
etag
"a1ab7352da10dc5af4ec35189f5d1f43"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=1209600
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
0Q300I8bEqowDLk2m6IA8vl6EGYLw3OQmt8amMt7QWEErGhpQNC18g==
expires
Fri, 10 Feb 2023 14:24:58 GMT
w_480_00003.ts
video.primis.tech/uploads/cn12/video/users/hls/30875/video_6135d1e957c56001111130/vid63d11fe8405f9445385186.mp4/ 		254 KB
255 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn12/video/users/hls/30875/video_6135d1e957c56001111130/vid63d11fe8405f9445385186.mp4/w_480_00003.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:4000:1:6448:6d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
06fb638463a38bc92b81bc87dc4510735d37fe6886411721b74558e664fba1dc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notepad-setup.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 27 Jan 2023 14:27:27 GMT
via
1.1 92f8ba2eac28a12283a77bc938ff1728.cloudfront.net (CloudFront), 1.1 f797fc0ae68a3abc35e081e46174c9f2.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C1, FRA2-C1
age
66404
x-cache
Hit from cloudfront
content-length
260380
last-modified
Wed, 25 Jan 2023 12:28:21 GMT
server
nginx
etag
"dfec9b19460f6d5b4a81f0b91cce75c4"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=1209600
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
Vs0im8fiQx7qZUmIIdK_Ze8CXSd58qs2MFW5MfYT7bSgq2w49txWXQ==
expires
Fri, 10 Feb 2023 14:24:58 GMT
w_480_00004.ts
video.primis.tech/uploads/cn12/video/users/hls/30875/video_6135d1e957c56001111130/vid63d11fe8405f9445385186.mp4/ 		456 KB
457 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn12/video/users/hls/30875/video_6135d1e957c56001111130/vid63d11fe8405f9445385186.mp4/w_480_00004.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:4000:1:6448:6d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1790db568d5e4e3e31397894c1e60eb9ea7b102d5403373e0afb7e9d3594d7d9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notepad-setup.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 27 Jan 2023 14:27:28 GMT
via
1.1 c4d0bd6d2a85d29e172b23c6140fbf94.cloudfront.net (CloudFront), 1.1 f797fc0ae68a3abc35e081e46174c9f2.cloudfront.net (CloudFront)
x-amz-cf-pop
DFW56-P2, FRA2-C1
age
66404
x-cache
Hit from cloudfront
content-length
467368
last-modified
Wed, 25 Jan 2023 12:28:21 GMT
server
nginx
etag
"069551820a87f75449aff512a5b0f1d6"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=1209600
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
r62apFmaqz_liZbahKzzL0neKHmo5TfpXXDyIWlH_vk_X5OaouppMA==
expires
Fri, 10 Feb 2023 14:24:58 GMT
w_480_00005.ts
video.primis.tech/uploads/cn12/video/users/hls/30875/video_6135d1e957c56001111130/vid63d11fe8405f9445385186.mp4/ 		256 KB
257 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn12/video/users/hls/30875/video_6135d1e957c56001111130/vid63d11fe8405f9445385186.mp4/w_480_00005.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:4000:1:6448:6d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
0aafc509082a91925a467ffeba9f98bd45fabd43cd37660b3f39c4f974bfd0b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://notepad-setup.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 27 Jan 2023 14:27:28 GMT
via
1.1 0f44a07f05d21dc75e935a703360349c.cloudfront.net (CloudFront), 1.1 f797fc0ae68a3abc35e081e46174c9f2.cloudfront.net (CloudFront)
x-amz-cf-pop
DFW56-P2, FRA2-C1
age
66403
x-cache
Hit from cloudfront
content-length
262260
last-modified
Wed, 25 Jan 2023 12:28:21 GMT
server
nginx
etag
"421c800460983c9564045aade3ec5f00"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=1209600
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
MunvQoZXrSLu8paGwlon9oBmjfn4O35vdPUH6umIgKHbj9yw5_3RdQ==
expires
Fri, 10 Feb 2023 14:24:59 GMT
UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v12/ 		37 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@300;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://notepad-setup.top
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 26 Jan 2023 21:04:57 GMT
x-content-type-options
nosniff
age
128806
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37924
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 20:54:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 26 Jan 2024 21:04:57 GMT
UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v12/ 		37 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@300;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://notepad-setup.top
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 26 Jan 2023 21:04:57 GMT
x-content-type-options
nosniff
age
128806
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37924
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 20:54:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 26 Jan 2024 21:04:57 GMT
v2kdghBHmCMD6VD9kd8aZjjk0v4T3j7BbyBYgJHNEsio0v0xd7iSGw8c8fxFsFtvL9kayzBg7
aloofvest.com/ 		193 B
220 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://aloofvest.com/v2kdghBHmCMD6VD9kd8aZjjk0v4T3j7BbyBYgJHNEsio0v0xd7iSGw8c8fxFsFtvL9kayzBg7
Requested by
Host: notepad-setup.top
URL: https://notepad-setup.top/?_=%2Fv2gkdtcolbyyvETUl8BRxrOr2e50_I7MAvHoA1avRR_S9Erkyjiz8Kn0%23D0ZmU6%2BV0dzy8hl%2BT7qe1fHGznzo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:4277::1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
48fd37f40863f2f32b4d74dc67a2738f3e054e06707b874891e811fbbda5f66b
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://notepad-setup.top/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Sat, 28 Jan 2023 08:51:43 GMT
via
1.1 google
x-buildnumber
757822166
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
193
x-datacenter
gce-europe-west1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://notepad-setup.top
x-hostname
fen-hoothoot-europe-west1-spot-218p
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires
Sat, 28 Jan 2023 08:51:42 GMT
collect
region1.google-analytics.com/g/ 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-BQB02LSDHV&gtm=2oe1p0&_p=1045518655&cid=81787994.1674895900&ul=en-us&sr=1600x1200&uaW=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sid=1674895899&sct=1&seg=0&dl=https%3A%2F%2Fnotepad-setup.top%2F&dt=Onyx%20Boox%20Note%20Air%202%20Review%3A%20The%20Best%2010.3-inch%20eReader%20and%20Digital%20Notepad%20of%202022&_s=2
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BQB02LSDHV&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://notepad-setup.top/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 28 Jan 2023 08:51:44 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://notepad-setup.top
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
v2dttPFvNc7TsBw3Y_6X8MvC8e9PPUg2gcA4ZH9paNwxRz4oKaJ3lhr-mc7Jeun8nUTGsHRDgKQ
aloofvest.com/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
aloofvest.com
URL
https://aloofvest.com/v2dttPFvNc7TsBw3Y_6X8MvC8e9PPUg2gcA4ZH9paNwxRz4oKaJ3lhr-mc7Jeun8nUTGsHRDgKQ

Verdicts & Comments Add Verdict or Comment

172 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| oncontentvisibilityautostatechange string| VALNET_GLOBAL_FBAPPID string| VALNET_GLOBAL_GOOGLEANALYTICSPROPERTYID string| VALNET_GLOBAL_POSTID string| VALNET_GLOBAL_AUTHOR string| VALNET_GLOBAL_CHANNEL string| VALNET_GLOBAL_VIEW string| VALNET_GLOBAL_EXACTVIEW string| VALNET_GLOBAL_ISPREMIUM string| VALNET_GLOBAL_ENVIRONMENT string| VALNET_GLOBAL_POSTTYPE string| VALNET_GLOBAL_JREDITOR string| VALNET_GLOBAL_SREDITOR string| VALNET_GLOBAL_NUMBERPERPAGE string| VALNET_GLOBAL_ISENGAGEMENTTEST string| VALNET_GLOBAL_DETECTEDDEVICE string| VALNET_GLOBAL_IPADDRESS string| VALNET_GLOBAL_BROWSERUSERAGENT string| VALNET_GLOBAL_LENGTH string| VALNET_GLOBAL_DATEPUBLISHED string| VALNET_GLOBAL_EDITOR string| VALNET_GLOBAL_POSTPAYMENTCATEGORY string| VALNET_GLOBAL_CATEGORY string| VALNET_GLOBAL_TAGS string| VALNET_GLOBAL_ISFACEBOOKBROWSER string| VALNET_GLOBAL_ADS string| VALNET_GLOBAL_AMPTRAFFIC string| VALNET_GLOBAL_TEMPLATE string| VALNET_GLOBAL_TLDRPERMALINK string| VALNET_GLOBAL_TLDRPAGE string| VALNET_GLOBAL_TLDRTOTALNUMPAGE string| VALNET_GLOBAL_TLDRVIEWTYPE boolean| VALNET_GLOBAL_ISADBLOCK string| VALNET_GLOBAL_NETWORKCATEGORY string| VALNET_GLOBAL_CONTENTTYPE string| VALNET_GLOBAL_INTENT string| VALNET_GLOBAL_DATEREPUBLISHED string| VALNET_GLOBAL_LOGGEDINUSER string| VALNET_GLOBAL_CLASSIFICATION string| VALNET_GLOBAL_SUBSCRIPTIONPLAN string| VALNET_GLOBAL_LANG object| ga4ParamsObject function| gtag object| dataLayer string| brandName function| sendGa360Event function| sendGa4Event object| arrayOfEmbeds object| youtubeEmbedCodes function| Waypoint function| admiral object| googletag function| __tcfapi function| __uspapi object| ID5EspConfig string| valnet_site_viewType string| valnet_site_view string| valnet_site_campaign string| valnet_site_device boolean| valnet_hideAds object| reviewItemsImgs string| disqusForumShortname boolean| isPreview string| articlePermalink string| articleFetchAjaxUrl string| articleFetchCurrentPermalink string| articleFetchNextPermalink string| articleFetchExludeIds object| articleFetchWaypointElement number| articleFetchMaximum function| vglnk object| apstag object| adUnitBidderConfigs boolean| validDomain object| validDomains string| x undefined| options function| addAuSeg boolean| disqusEnable object| ggeac object| google_tag_data object| google_js_reporting_queue object| google_tag_manager object| webVitals boolean| __v5k function| vl_cB function| vl_disable function| vglnk_16748958995676 undefined| vglnk_16748958995687 function| onYouTubeIframeAPIReady object| gaGlobal boolean| apstagLOADED object| apscustom boolean| google_measure_js_timing object| launchPad object| launchPadConfiguration object| node function| __launchpad boolean| creativeVendorLibraryLoaded function| ha object| lazySizesConfig object| lazySizes function| valnet_sentinel function| LatestBrowseClip function| LazyList function| Glider function| customCarousel object| shareModule function| ArticleFetchClip undefined| vglnk_16748958997499 undefined| vglnk_167489589981810 object| hadron boolean| __halo_loaded__ function| setImmediate function| clearImmediate object| ID5 object| PublisherCommonId object| regeneratorRuntime boolean| PriceComparisonLoaded object| PriceComparison object| S49bhT2 function| S49bhT3 object| xop object| -21hsttapbeo object| -zuy48lc0mww function| 4dm1r11545242527 function| AdsNinjaAdsPixelRefresher function| AdsNinjaAuction function| AdsNinjaRailAdZone function| AdsNinjaRefreshingAdZone object| pbjs object| adsNinjaHeaderBiddingManager number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| google_persistent_state_async object| google_reactive_ads_global_state boolean| _gfp_a_ object| adsbygoogle string| google_user_agent_client_hint object| D0GmXc2 function| D0GmXc3 function| xblocker object| LbHvza function| LbHvzl object| xblacklist object| au function| subscriptionServiceGAReporting string| waypointContextKey function| loadDisqus function| clickableYTElement object| imgAdded function| makeSingleImageClickableOnLazyLoadedList function| makeGalleryImageClickableOnLazyLoadedList function| onClickToggleExpandanleBlocks function| reloadArticleCopyElements object| paramMatch object| viewPortSize object| debugIp object| debugId number| sekindoDisplayedPlacement function| constructsekindoParent489 boolean| sekindoFlowingPlayerOn object| admrlWpJsonP undefined| vglnk_167489590109011

14 Cookies

Domain/Path Name / Value
.notepad-setup.top/ Name: _ga
Value: GA1.1.81787994.1674895900
.notepad-setup.top/ Name: usprivacy
Value: 1---
.notepad-setup.top/ Name: _ga_BQB02LSDHV
Value: GS1.1.1674895899.1.0.1674895900.0.0.0
notepad-setup.top/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
notepad-setup.top/ Name: _lr_retry_request
Value: true
notepad-setup.top/ Name: _lr_env_src_ats
Value: false
notepad-setup.top/ Name: pbjs-unifiedid
Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222023-01-28T08%3A51%3A41%22%7D
notepad-setup.top/ Name: pbjs-unifiedid_last
Value: Sat%2C%2028%20Jan%202023%2008%3A51%3A42%20GMT
.w55c.net/ Name: wfivefivec
Value: 6lhefvEa1PlGW25
.w55c.net/ Name: matchrubicon
Value: 5
.brand-display.com/ Name: _knxq_
Value: be8ebc3e-edf0-3525-492f23c7.1674895902.0.1674895902.1674895902
.amazon-adsystem.com/ Name: ad-id
Value: A5dTR2ddMkvYnF79SnLZ9Kg
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.notepad-setup.top/ Name: _awl
Value: 2.1674895903.5-8f98a816e7405c07e5d494770f9c6182-6763652d6575726f70652d7765737431-0

4 Console Messages

Source Level URL
Text
security warning URL: https://notepad-setup.top/?_=%2Fstatic%2Fcookie-sync.html%23D0ZmU6%2BV0dz%2B%2FB91B6Ga1OONyH%2F3dRGyhE8S
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.
network error URL: https://notepad-setup.top/pixel.png?params=---{%22group%22:%22browseclip_imp%22,%22device%22:%22desktop%22,%22ids%22:[{%22id%22:%222020764%22,%22position%22:%22sidebar-pinned-listing-page-article-1%22},{%22id%22:%222020921%22,%22position%22:%22sidebar-pinned-listing-page-article-2%22},{%22id%22:%222020752%22,%22position%22:%22sidebar-pinned-listing-page-article-3%22},{%22id%22:%222020853%22,%22position%22:%22sidebar-pinned-listing-page-article-4%22},{%22id%22:%222019592%22,%22position%22:%22sidebar-pinned-listing-page-article-5%22},{%22id%22:%221188366%22,%22position%22:%22sidebar-pinned-listing-page-article-6+%22}],%22eventType%22:%22impression%22}---&rdm=0.09082210773147947
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://notepad-setup.top/acv.json
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=34
Message:
Failed to load resource: the server responded with a status of 451 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.ad.gt
aloofvest.com
api.rlcdn.com
api.viglink.com
c.amazon-adsystem.com
cdn.hadronid.net
cdn.id5-sync.com
cdn.viglink.com
cm.adgrx.com
dmp.brand-display.com
eb2.3lift.com
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
geo.privacymanager.io
googleads.g.doubleclick.net
htlb.casalemedia.com
i.w55c.net
ib.adnxs.com
id.crwdcntrl.net
id.hadron.ad.gt
id5-sync.com
images.getadmiral.com
js-sec.indexww.com
launchpad.privacymanager.io
lb.eu-1-id5-sync.com
lbs.eu-1-id5-sync.com
link.monetizer101.com
live.primis.tech
match.adsrvr.org
notepad-setup.top
pixel.rubiconproject.com
pm.w55c.net
prebid-server.rubiconproject.com
region1.google-analytics.com
s.amazon-adsystem.com
scarfsmash.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
seg.ad.gt
static.adsafeprotected.com
static0.makeuseofimages.com
static1.makeuseofimages.com
tagan.adlightning.com
tlx.3lift.com
token.rubiconproject.com
unpkg.com
video.primis.tech
www.googletagmanager.com
www.googletagservices.com
aloofvest.com
104.109.78.125
104.18.33.19
13.224.189.97
13.224.195.78
13.225.78.107
13.225.78.36
13.225.78.86
13.248.245.213
143.204.215.42
15.197.193.217
162.19.138.116
162.19.138.117
172.64.151.162
185.59.220.194
2.19.44.144
2001:41d0:701:1000::31d2
2001:4860:4802:32::36
2600:1901:0:4277::1
2600:1901:0:d733::1
2600:9000:20eb:4000:1:6448:6d00:93a1
2600:9000:20eb:8a00:1a:5235:f980:93a1
2600:9000:21f3:2a00:8:48e:53c0:93a1
2606:4700:10::6816:3556
2606:4700:10::ac43:17ea
2606:4700:20::681a:b19
2606:4700:3030::ac43:d8e8
2606:4700:3034::6815:4466
2606:4700::6810:7aaf
2a00:1450:4001:810::2002
2a00:1450:4001:82f::2003
2a00:1450:4001:82f::2008
2a00:1450:4001:831::2002
2a00:1450:400d:802::2002
2a00:1450:400d:80e::200a
3.65.84.173
3.67.159.22
34.111.151.213
34.120.133.55
35.157.0.151
37.252.171.52
52.213.179.146
52.213.21.133
52.29.218.170
52.33.28.104
52.46.151.131
69.173.144.138
72.251.241.196
028ab28099c5024a05212bf444debc41de781b9f6ec518e91aad07c6ce9f7267
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06f9845067a408e5eeb5f3ced5c3ba8eb8a4568d451d69a2166fb697a44ff58c
06fb638463a38bc92b81bc87dc4510735d37fe6886411721b74558e664fba1dc
0767c070293f17944c5246f47d8c610131ee16556a032dc3b5820bdac5ec725f
083ee2737abf7139096343040c1bb162a648a3a82dd90e1425ea661a045d98dd
0aafc509082a91925a467ffeba9f98bd45fabd43cd37660b3f39c4f974bfd0b1
0ba0c01aa98e0303b18af34201be051bbc50b9b07ba916642b7c8d8b3b06b971
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0d8796f34f3382f78df61bcc4b9742654ffee16780caf4c2ae04e0344ab07e7e
0dabde244ca54751439b42b2bc6754887cf48d7d13835c2ed1fa37b253a4731a
10f69827dd500f24773a0f2e6683f59566a234ad4077ef07ee1065dccb727f3a
1178dde60f1bb0f50d423b806951b819e06f2489de18ea16260edf3819d77217
13f329a0d3e082589a14177df4778b45ea8cb3826ce3b945fcbb0721baca5825
14f20ddde45a5d51850dcfe4fbd3fc683c7d785930dabdea4415fab48da2e434
154212eb976f7df7c79f5844fcb356740bcb6c51edacb2e8515108e2d7effa67
1790db568d5e4e3e31397894c1e60eb9ea7b102d5403373e0afb7e9d3594d7d9
17ffe1845b38780a68edf6010c4268c4bcb09f16d362e4eddb35e6fbf3dc8b95
19ad827247983bb7b67d1f37f75c8ac8a4e178aafd12964989821659233cd44d
1bc8f41dd445ae1683561f8ccbf395101dcb922f2d1b902c74c58200bb73ded3
1bce8c1bb8a8bca0562c129090fe4f3fef04a19f23c2b9146f801d6f688d686c
1f62e8142b4a7838676d2f63022ad58869a78ae367f56489d6a578888a642427
1fd2f32ff8f7faa45f37f017373f5aed9e8fa2592777558dceb6279d2c6b6c1f
25359cb3d49c2e00cb2e97f95643ee30748d54c33daa11c9c6fb0d2b519dfffa
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2717c6be895dfdfb028cfe3bc3695b1b6e7fcd1144cc12a1ec5108ec67ed5493
2880fbb26ad5becd41ec25a5c37da351ac77225bbf30d5a9ab8accf5728591cf
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e8fce31f4f11b5d05b1bb1c66a5478b13107c304f7ca35746a336a248b9e994
33b9dfc88f0dfeac66513d142cdbfbe3fc94aca73a5793754a689c4ffc751bf8
34a425ff1bbcb73425656feb21dfe02e1b5c689c49a342831bba998821843971
36cf2479602a9aea6922ac8ac7413235d1696c522589065378698e96f0e8995d
3be20195043838a06b1b4e16442a66d69bcda3df2142b510a367e680bb4d2ab5
3d4e056aa15aed5219527e01a55baac5880fd7d153cf3227100aa0ce6f79549a
3e59cc5ad1a1f54b8d56b664ccd5743836015bc4414bbc2566cf5a86ee2b3d28
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
401e6c25801ba2d59795d05a6dd973f95566b41070d3939ba9307d65860ae50e
4195236eb117ef669a3eff5c6f7c19ee06e483e2f15531469f62fc1a2852e9c6
4355a46b19d348dc2f57c046f8ef63d4538ebb936000f3c9ee954a27460dd865
450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e
48599b7e893adf78709d0b31f6c40fc26c1a3a19cb6c388f8049e72b327d9bfe
48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3
48fd37f40863f2f32b4d74dc67a2738f3e054e06707b874891e811fbbda5f66b
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
51489103b165d141f38eb02e87cb836e3c0e1719fcb39625ab1aa8016099c0c0
534d9563e956bf6cac3198e4a65599db43c6117f2cf5efd7afd86b49a3e7327c
5967d24fcf2654a3d788c31a23ab9fa046f205868dc6e06f38de6d0dc5772e01
5bb08412d18881e3fc69fdb44226bfc6f66a77d45dfff3f10b98a100c09bc970
5ee8f3df8f705593dc378318f2d68d53e1c3ed80f9ae8c7ea4c87eccb55dfa3b
5f9fc03eee3d731cd12ddaffd694c2853bb19e5e4d31a57849908799410a2fac
61551b609fdad1a27e6b939a4a88a499805731d605df82ec198467ed07fe85e8
616f41fbbcf44ba72bb9c97132871526164c81d78f56a15e04ece1a44eb5606a
6760fb41058d20ef62812d440f58075bd3f98b480dca10bea47d2a3e2ca2298d
6a786828acd09faff9e508f375899ea497a1c22a3dde8c2c79f27a15f38a1a3a
6e0ad36cadba072b731b4438d9c013ad3659d94390485f314b4a9a98d8a9037b
6fcd723f951dd92bb83291c86ee1a047bab7bfd133156bb13162cb8012bbf514
72c412b210de9247ec883755029c564b93f3a22f8f91f522063162cfa428aa87
73073ed7160406dcfbe826dcabd7ec807cf2aa72afe0303424f518767120cf2e
746ae9f89257f50641aa689285d9cc6f17e3d6758ba9b44763e6418964921fd0
773029e9d8fb2baf58e6c3031ad28da0a1b7695f26c72ea187c5c0bc4892d0ea
7962dc90f0f561962772adfa321219877a9529e139e525bd1234a5fb98c3cdb0
79e66558ee620ce57bc0a6be17a96c32074065e763b49f0be5551799623943a4
7d286733d64d71f49bc54e2ecdd464dbcc86dc964399698c9f6b3fffb96e88c6
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7fb6ea4e4e5a3fcd56032440272a3eb22516ebdc1e772aedc3035f2b6c7f6b88
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
836a32d58eb59ce390cfcb05a830664f254cfaec8452408a6fe468ce154c2f1d
8a9aeb58f35905d66e7eaea8b61896e221c1ca99d957ad7e060b77e8352ccf2c
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
937f3d59a81e2a4ea2a2f70ad605e62465d54c8ecb39ae7decdeb2cb4f5973ec
97a449cbc62e283f23b095028dd6d47b66ebe35e8e68ed0ed4a20a89b517dfc7
9814a7c31f0e40a70f998de28fc8879322c52295ae9107a1c95f7d091bdf69a0
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9deb4e273ead128f62747cd97126e0ea6e28d0441ac66bb70de2071b6e2ca79d
a1228e1621dbdf6ee9e93456433e986824d432d04fbcdb3ed2370a7ca7a9a878
a19c16200fd418a277a18eb823f8289458bfaebb8a8b16340c6bd7cca8cb94b9
a20010b26bce05ea3cfc83cf3a162b7c16b5d2fa2bcf2253b0394b0eb322347a
a3336e3373c170b40764f5a62d121335bec4243b0034e561937194dfe2e413fd
a57258a3f51dc6ee13ca490ab8e780ed443e5725a650e7f085f1c67325784461
a73fecb64231e1e5185732c8600fdeaa8cf9cddf3e59501fdf908fbc3329b6d0
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596
a9800bdcfee680a224931e132e95552d4e5d70f9f147ced4af8a9c8bc52c80c9
abed00e3dd02509ec2ca038999352ed2603153c804846559d4e1eb78995ecf8f
ac2473b8b14ca61ae046d5dfbbc27cd9ed570ebf53b32e82257d5973cf552d6e
b0ee2f6699cdb043d49460eb8e0b055b00f7326671957f30e01e53d20d74cdda
b0fdf2c5c9e8a127ac751ec6b08ec02d49562f1a82761886a5c7740b95126002
b2601712adcbc521edc93cb124cd334eb6426b56e1604b110ce01e0aa52f612b
b3e57eb372e8b405c816875571e184854b2846261c7477c6c9bdb7782faa1a30
b4d07892cde715d50bb69c1982df496385d1dfd8f9d1867c31f19a3c8634cfae
ba1ad8dc1b15631ff39e3611c1dfdc00ba2f6e6e76e69d2eb43ad0ff87077422
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb4aaef3da7f0a7321b81cd3f7b854f4de70e5b589ca7a8e22f842acd35835a8
bbf553318569e07de3ec3fd91d7d95fe84db133ff184652619acac97eefad236
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
c0cfe0e4dd888db715508c496430992827c21e9faccf5de2bc4bfcc6a0bc545e
c0d19353c945d66184d063ccb4c33fa2e2014c35b8a7a8a56416e34531f90e92
c117ba569159a2a2daeb0c8fb94eed5d76e4780337bc87169f2d095175463b6d
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c8e6aabcb4f149060381cfcda01a4a6799da2167d83545605678b5e83e9c7ed5
cdd12b3a4781926de8450e5f2d50f235b5ccc6bcdd4e37cf99e764b33bcaa6ac
d630237ac601bdc1331ebefe560180a1d02172ac96326f955d6bb27b990d5d89
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
db636a80688df443d34f247e0b5045c4676d4b5b1095c2a497c3d7399df6730e
e030dc9c696efb237ce86789956f52d51730e5deb5c20285bca9612dbdc8bc8b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b9d318b3157ccbfc3bb00e82a446613294f9a592c01537662386bd848882b7
e5f0b3f710a85df43f3fdf4aaf5ea448765d1b21b53bc945de7873a1a1d9e9d2
ecd8d035674cd0386fd015de8ec5d38ddc49cbbde9e6d61a2cf6f7a78a88eafc
ef525178ece08d5e66a0642211affe2abf01aebdf0289163fbc0bcd34e06456c
f07e8fdac46769a0b6346efb750010588b413ca31b1161549de9cb94864bf499
f0804ed670f8eb8956cf167da830b8413d728f8d0d8131a5c8c7f631f4b6d869
f7d8e023420d4971557afdfbd1bde90b26d7488907c3d8993564e320ba2b2b9a
fd23de031552a01a4a69b8c051f986b5368d714185cf8b02f352dd8e3f2561df