urlscan.io logo urlscan.io
SecurityTrails logo

notes.io Open in urlscan Pro
188.114.97.3  Public Scan

Go To Rescan Add Verdict Report
URL: https://notes.io/qRW7P
Submission: On September 25 via manual from GB — Scanned from CH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 23 IPs in 5 countries across 17 domains to perform 89 HTTP transactions. The main IP is 188.114.97.3, located in Italy and belongs to CLOUDFLARENET, US. The main domain is notes.io.
TLS certificate: Issued by GTS CA 1P5 on September 21st 2023. Valid for: 3 months.
This is the only time notes.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
35 188.114.97.3 13335 (CLOUDFLAR...)
8 142.250.185.162 15169 (GOOGLE)
1 142.250.185.232 15169 (GOOGLE)
1 104.16.57.101 13335 (CLOUDFLAR...)
9 142.250.185.226 15169 (GOOGLE)
1 216.239.32.36 15169 (GOOGLE)
1 173.194.76.155 15169 (GOOGLE)
1 142.250.74.195 15169 (GOOGLE)
1 172.217.18.2 15169 (GOOGLE)
3 37.157.4.29 198622 (ADFORM)
7 142.250.186.65 15169 (GOOGLE)
2 172.217.16.194 15169 (GOOGLE)
2 37.157.5.73 198622 (ADFORM)
1 178.250.7.4 44788 (ASN-CRITE...)
1 94.130.16.67 24940 (HETZNER-AS)
4 6 84.200.5.215 44066 (DE-FIRSTC...)
1 138.201.13.253 24940 (HETZNER-AS)
7 178.250.7.2 44788 (ASN-CRITE...)
1 178.250.7.9 44788 (ASN-CRITE...)
2 178.250.7.17 44788 (ASN-CRITE...)
1 178.250.1.10 44788 (ASN-CRITE...)
1 142.250.186.132 15169 (GOOGLE)
89 23
35    188.114.97.3 (Italy)

ASN13335 (CLOUDFLARENET, US)
notes.io
8    142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net
pagead2.googlesyndication.com
1    142.250.185.232 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f8.1e100.net
www.googletagmanager.com
1    104.16.57.101 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
9    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
googleads.g.doubleclick.net
1    216.239.32.36 (Los Gatos, United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
1    173.194.76.155 (United States)

ASN15169 (GOOGLE, US)
PTR: ws-in-f155.1e100.net
stats.g.doubleclick.net
1    142.250.74.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f3.1e100.net
www.google.ch
1    172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f2.1e100.net
partner.googleadservices.com
3    37.157.4.29 (Denmark)

ASN198622 (ADFORM, DK)
track.adform.net
7    142.250.186.65 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f1.1e100.net
tpc.googlesyndication.com
2    172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f2.1e100.net
www.googletagservices.com
2    37.157.5.73 (Denmark)

ASN198622 (ADFORM, DK)
s1.adform.net
1    178.250.7.4 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
1    94.130.16.67 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: veramedia1.timmeserver.de
assets.bly.ch
6    84.200.5.215 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
dash.ct0.ch
inter.ch.kuhnrikon.com
cct.shop.post.ch
1    138.201.13.253 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: app.adtracker.ch
www.adtracker.ch
7    178.250.7.2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    178.250.7.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.fr3.eu.criteo.com
2    178.250.7.17 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
1    178.250.1.10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.nl3.eu.criteo.com
1    142.250.186.132 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f4.1e100.net
www.google.com
Apex Domain
Subdomains		 Transfer
35 notes.io
notes.io
216 KB
15 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 122
tpc.googlesyndication.com — Cisco Umbrella Rank: 169
289 KB
10 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 66
stats.g.doubleclick.net — Cisco Umbrella Rank: 175
45 KB
9 criteo.net
static.criteo.net — Cisco Umbrella Rank: 897
csm.eu.criteo.net — Cisco Umbrella Rank: 7577
80 KB
5 adform.net
track.adform.net — Cisco Umbrella Rank: 3716
s1.adform.net — Cisco Umbrella Rank: 7684
38 KB
4 ct0.ch
dash.ct0.ch
830 B
3 criteo.com
ads.eu.criteo.com — Cisco Umbrella Rank: 7499
cat.fr3.eu.criteo.com — Cisco Umbrella Rank: 8966
rtb.nl3.eu.criteo.com — Cisco Umbrella Rank: 13805
20 KB
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 254
114 KB
2 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 2225
www.google.com — Cisco Umbrella Rank: 11
1 KB
1 post.ch
cct.shop.post.ch
502 B
1 kuhnrikon.com
inter.ch.kuhnrikon.com
484 B
1 adtracker.ch
www.adtracker.ch
93 KB
1 bly.ch
assets.bly.ch
289 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1368
600 B
1 google.ch
www.google.ch — Cisco Umbrella Rank: 18208
408 B
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1476
7 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 111
79 KB
89 17
Domain Requested by
35 notes.io notes.io
static.cloudflareinsights.com
9 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
8 pagead2.googlesyndication.com notes.io
pagead2.googlesyndication.com
tpc.googlesyndication.com
www.googletagservices.com
7 static.criteo.net ads.eu.criteo.com
7 tpc.googlesyndication.com googleads.g.doubleclick.net
notes.io
pagead2.googlesyndication.com
tpc.googlesyndication.com
4 dash.ct0.ch 2 redirects googleads.g.doubleclick.net
assets.bly.ch
3 track.adform.net googleads.g.doubleclick.net
s1.adform.net
2 csm.eu.criteo.net ads.eu.criteo.com
2 s1.adform.net track.adform.net
s1.adform.net
2 www.googletagservices.com googleads.g.doubleclick.net
notes.io
1 www.google.com tpc.googlesyndication.com
1 rtb.nl3.eu.criteo.com
1 cat.fr3.eu.criteo.com ads.eu.criteo.com
1 cct.shop.post.ch 1 redirects
1 inter.ch.kuhnrikon.com 1 redirects
1 www.adtracker.ch googleads.g.doubleclick.net
1 assets.bly.ch s1.adform.net
1 ads.eu.criteo.com notes.io
1 partner.googleadservices.com pagead2.googlesyndication.com
1 www.google.ch notes.io
1 stats.g.doubleclick.net www.googletagmanager.com
1 region1.analytics.google.com www.googletagmanager.com
1 static.cloudflareinsights.com notes.io
1 www.googletagmanager.com notes.io
89 24

This site contains links to these domains. Also see Links.

Domain
tik.la
quickreplies.app
www.metromedya.com
Subject Issuer Validity Valid
notes.io
GTS CA 1P5		 2023-09-21 -
2023-12-20		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-10 -
2024-04-09		 a year crt.sh
*.google.ch
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
track.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-06 -
2024-09-19		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
*.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-19 -
2023-10-21		 3 months crt.sh
assets.bly.ch
R3		 2023-08-05 -
2023-11-03		 3 months crt.sh
dash.ct0.ch
R3		 2023-08-12 -
2023-11-10		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-05 -
2023-10-31		 3 months crt.sh
*.fr3.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-05 -
2023-10-29		 3 months crt.sh
*.eu.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-08 -
2023-11-08		 3 months crt.sh
*.nl3.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-27 -
2023-10-22		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh

This page contains 13 frames:

Primary Page: https://notes.io/qRW7P
Frame ID: A383F7980013C4CD71AEC489BFA2C8F0
Requests: 47 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20190131/zrt_lookup.html
Frame ID: E1E48B10202439BE7817A0F239DC9CB5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4070502493653474&output=html&h=200&slotname=3868234696&adk=549409105&adf=954533980&pi=t.ma~as.3868234696&w=1200&fwrn=4&lmt=1695602305&rafmt=11&format=1200x200&url=https%3A%2F%2Fnotes.io%2FqRW7P&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695609505100&bpp=5&bdt=611&idt=273&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&correlator=7478562174352&frm=20&pv=2&ga_vid=1671426387.1695609505&ga_sid=1695609505&ga_hid=1267263139&ga_fc=1&rplot=4&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=194&ady=122&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076838%2C31077701%2C42531706%2C44798321&oid=2&pvsid=2556140066144216&tmod=101447046&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CoEe%7Cp&abl=XS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=6aWHl56BjF&p=https%3A//notes.io&dtd=291
Frame ID: B820A6E8CD434978B2E35E4E6EBB3AB5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4070502493653474&output=html&h=90&adk=3669304273&adf=1363183586&w=728&lmt=1695602305&format=728x90&url=https%3A%2F%2Fnotes.io%2FqRW7P&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695609505105&bpp=1&bdt=616&idt=294&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x200&correlator=7478562174352&frm=20&pv=1&ga_vid=1671426387.1695609505&ga_sid=1695609505&ga_hid=1267263139&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=430&ady=2272&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076838%2C31077701%2C42531706%2C44798321&oid=2&pvsid=2556140066144216&tmod=101447046&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CoeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=KRUSh83pBk&p=https%3A//notes.io&dtd=297
Frame ID: 0D435899D238761AC9C52DD23013A467
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4070502493653474&output=html&adk=1812271804&adf=3025194257&lmt=1695602305&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x810_l%7C500x810_r&format=0x0&url=https%3A%2F%2Fnotes.io%2FqRW7P&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695609505313&bpp=2&bdt=824&idt=91&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x200%2C728x90&nras=1&correlator=7478562174352&frm=20&pv=1&ga_vid=1671426387.1695609505&ga_sid=1695609505&ga_hid=1267263139&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076838%2C31077701%2C42531706%2C44798321&oid=2&pvsid=2556140066144216&tmod=101447046&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=102
Frame ID: B1B928DA6ADC8236B517359449E5B366
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4070502493653474&output=html&h=280&adk=1660337510&adf=3767030899&pi=t.aa~a.179182922~i.20~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1695602306&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7194745760&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fnotes.io%2FqRW7P&fwr=0&pra=3&rh=200&rw=1488&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695609506168&bpp=2&bdt=1679&idt=-M&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfb1e97a5d2261a6a-22c89b7193de0006%3AT%3D1695609505%3ART%3D1695609505%3AS%3DALNI_MaJ4GJF79HRUUXvmaNtWKWal19m5A&gpic=UID%3D00000c83515c461a%3AT%3D1695609505%3ART%3D1695609505%3AS%3DALNI_MYPhvZIRMVNRKG04SsXG0_81ah8uw&prev_fmts=1200x200%2C728x90%2C0x0&nras=2&correlator=7478562174352&frm=20&pv=1&ga_vid=1671426387.1695609505&ga_sid=1695609505&ga_hid=1267263139&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=194&ady=1102&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076838%2C31077701%2C42531706%2C44798321&oid=2&pvsid=2556140066144216&tmod=101447046&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=kqZ2t46qm3&p=https%3A//notes.io&dtd=6
Frame ID: 78B93FADAA0DDF20E234DF1E585B975C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4070502493653474&output=html&h=280&adk=1660337510&adf=2234306316&pi=t.aa~a.179182922~i.24~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1695602306&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7194745760&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fnotes.io%2FqRW7P&fwr=0&pra=3&rh=200&rw=1488&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695609506168&bpp=1&bdt=1679&idt=0&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfb1e97a5d2261a6a-22c89b7193de0006%3AT%3D1695609505%3ART%3D1695609505%3AS%3DALNI_MaJ4GJF79HRUUXvmaNtWKWal19m5A&gpic=UID%3D00000c83515c461a%3AT%3D1695609505%3ART%3D1695609505%3AS%3DALNI_MYPhvZIRMVNRKG04SsXG0_81ah8uw&prev_fmts=1200x200%2C728x90%2C0x0%2C1200x280&nras=3&correlator=7478562174352&frm=20&pv=1&ga_vid=1671426387.1695609505&ga_sid=1695609505&ga_hid=1267263139&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=194&ady=1616&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076838%2C31077701%2C42531706%2C44798321&oid=2&pvsid=2556140066144216&tmod=101447046&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=ZenOGLTlqm&p=https%3A//notes.io&dtd=10
Frame ID: 5D4366087DBC5A89D71A3E1724F557ED
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1
Frame ID: 14DBEEAFECD6E3BC7987FD36BEC56943
Requests: 1 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRDyoQAITHEDogg-AA1QInlocjKGEA8q_ZsHdQ&u=%7COVSA7AGAYZ46M1YW%2FzpD%2BNRSwclh25QhA6l0R1Ur6SM%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdqr7txT5h5pBFO8QuUxv-3SzL3P7oF5e4is0ojtsn2zHULyu-rEp_4eKUm0Vln25yFFKEBzby2_CSCwukQCb8P3iqF4ILNQtHg589wVRk11BLvSP9f2WjFgFX6M401Rfq9RDkvtScW3AcaXCrsRVV3VjAghzwx21LejdAbsqaEh2hBsqdC-moy2CbNaT62wJvSVInPvIZMzeUn5gNoG5LJhTVYZ3Sdu5v4M216_6Rzm-Mh7JeNknxUpqZOpNrLfLlk9P6dQWkTBAF4xLRHy8wP_Vit_xw0k76TGYNV2idRWyqCXQCIAjQEH2ElyS_aHgUgRvAgf6evLRsVD-DsrezXXUI8-atT4avJgumO5gq16Wwo7DVt0uijPyR0YN_NPXZnHRDHRO3wUipLS89C0c8hfZP_0UdWpqciV35jZoBlk-U_8639DQ9cO8JNnNzAnzpe9vwcRPShdigqSVUt8mGWS0hqzPRt5Euh-yYh0Mz6YRzHIiDSfltKURDC2BHBM_GYOhc2De1t0sBNGzOxpEszWXMaO1NF1SHYFe7voBnl4LhW6sXPJmPhtDfqg7_6NgEUkFDgkKORoLBNoTyfRphNHqe_t4Bu95Y&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvq3hofIQZfGYIb6QiM0PoqC16AbJntKxXNWdkfdwwI23ARABIABg9e2ygfwDggEXY2EtcHViLTQwNzA1MDI0OTM2NTM0NzTIAQmpAmExRh9x37E-qAMByAMCqgTdAU_QvUVw3k4hvxNzxs7ixsNMfmSmDuPLQIw27eZLq4HV3cgGcxkmOKgK6Ggbx8QXSK9UkC9_sVJJxUXLWKrGcIxP6__fu98Bneq-N3mVLR6lPYHQIoRsNRkCzCdFpouiGZQQfbKlL1JDgLMkVsvwC5p9QOSYLrn25UuVoNM9bmywdz-FzHnv4_1w4vY2z7qzemP2PAWEkV1PHDPR_zL8gFRs96gqK833_fgbfIqPT2p-G8f5y1ERjzOdkKXWjuigYY6Y1Fc1YHSgdOqgCRtrOUKOlFKdyTYGLN89diiWgAbL37_7l8yi9RegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3yy14nGwXjb-h43HKvt-80EvllSQ%26client%3Dca-pub-4070502493653474%26adurl%3D
Frame ID: 535168A7A49832B385F01ED56567FB7F
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/window_focus_fy2021.js
Frame ID: B0A3416ECC43C4C06B8BFDFAE009D587
Requests: 7 HTTP requests in this frame

Frame: https://dash.ct0.ch/images/spacer.gif?utm_medium=Referral&utm_source=Affiliate&utm_campaign=connects&lea_source=2023092504382632681474313X116404V2439174827F
Frame ID: 0DFA23CCAF54C5DC9D95054250C88F4B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 361E5B49C26DD7789973926752344597
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: DA55A292CE481FA8370F9977ECDA20F8
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Notes - Are You A Person That Is in

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

89
Requests

98 %
HTTPS

0 %
IPv6

17
Domains

24
Subdomains

23
IPs

5
Countries

984 kB
Transfer

2131 kB
Size

13
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 61
  • https://dash.ct0.ch/tb.php?t=116404V2451174915B&subid=pv10522290 HTTP 302
  • https://www.adtracker.ch/upload/KuhnRikon/Banner2014/FR/JPG/KUH_Ad_728x90_GDM_fr_28052014.jpg
Request Chain 62
  • https://dash.ct0.ch/tpv.php?t=116404V2451174915B&subid=pv10522290&rnd=19281 HTTP 302
  • https://inter.ch.kuhnrikon.com/tpv.php?t=116404V2451174915B&subid=pv10522290&rnd=19281&sdtr=1 HTTP 302
  • https://dash.ct0.ch/images/spacer.gif?lea_source=2023092504382732681474315X116404V2451174915BSpv10522290
Request Chain 64
  • https://cct.shop.post.ch/tpv.php?t=116404V2439174827F HTTP 302
  • https://dash.ct0.ch/images/spacer.gif?utm_medium=Referral&utm_source=Affiliate&utm_campaign=connects&lea_source=2023092504382632681474313X116404V2439174827F

89 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request qRW7P
notes.io/ 		14 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://notes.io/qRW7P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 , Italy, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a48cef259e19dc934a2dbf42aa4ce0fcd2544b890abfee064c1ebc922a3f28e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
80bfe4086a6eb0dc-ATL
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 25 Sep 2023 02:38:24 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xc5WGtQhhSjqVS%2FLmP8OCKzcqNWgwpWZvr5Yarsh%2B%2BqRJB18peBY1JrBItF0bfl%2Bf9DthpcZa9TYHhVJRT48xdlbKCmypSvu0eNBksU1%2F94cJBdpw3RvGE1YXg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
notes.min.css
notes.io/theme/styles/ 		13 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://notes.io/theme/styles/notes.min.css
Requested by
Host: notes.io
URL: https://notes.io/qRW7P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 , Italy, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f57cfe8a95a48688f2f43be56518d6349c0b713e2e2e00df65dfff4253592002

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://notes.io/qRW7P
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 02:38:24 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sun, 06 Mar 2022 21:47:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
16262713
etag
W/"62252c0a-3587"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kepSZRN140f4w99DsnQqFUzC4HhUl2SAr5ExDWnsuuYJDJooBwhajOMbm6Y4xJR1PdX0KLrlKEGj1wvvxYr%2B3VHWwobGEr3sVsmiesLyZkf4AOlo8BPNQeME2w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000, public, no-transform
cf-ray
80bfe40b6eb6b0dc-ATL
alt-svc
h3=":443"; ma=86400
expires
Tue, 19 Mar 2024 21:13:11 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		145 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: notes.io
URL: https://notes.io/qRW7P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
382bf7b8f9a0f686cae1be6a882f3d588a1dc35d839c0aff0c3c6d9cd365a893
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://notes.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 02:38:24 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50619
x-xss-protection
0
server
cafe
etag
13890643579124749207
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 25 Sep 2023 02:38:24 GMT
whatisnotesio.png
notes.io/theme/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://notes.io/theme/images/whatisnotesio.png
Requested by
Host: notes.io
URL: https://notes.io/qRW7P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 , Italy, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fbd3c5938f018a95deb7c9d078d2fa48209f78516d0c5d1cf40bcad47ba2fb9d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://notes.io/qRW7P
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 02:38:24 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
16261712
alt-svc
h3=":443"; ma=86400
content-length
1625
last-modified
Sun, 06 Mar 2022 21:47:54 GMT
server
cloudflare
etag
"62252c0a-659"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LjwkwMVGDnPFWd3NtMqvS%2FVhUAYvoI%2FJcbdygITYJXM6VxKY%2FGCpbpb2zKE%2F0OCBYuSYc02ckTGB95YeRSoGM%2FCDWF0mav5wiK7He91aO49aT8tskmf6Mksa6g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000, public, no-transform
accept-ranges
bytes
cf-ray
80bfe40c4824b0dc-ATL
expires
Tue, 19 Mar 2024 21:29:52 GMT
logo.png
notes.io/theme/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://notes.io/theme/images/logo.png
Requested by
Host: notes.io
URL: https://notes.io/qRW7P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 , Italy, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b7935c3f61f35b3859886408bc60fee0849a674b7cf18a836b23e89db7f2c4d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://notes.io/qRW7P
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 02:38:24 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1477945
alt-svc
h3=":443"; ma=86400
content-length
3336
last-modified
Sun, 06 Mar 2022 21:47:54 GMT
server
cloudflare
etag
"62252c0a-d08"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GWdv53GQYmp10M%2FzLMH1CW7VnuTpG%2FzVS5%2FTSMVdbUPX8OFGnIrRFNZqGY7m2AZkAtk8%2FBlMxuW71piSRmj4xlbovO2FlnmW%2BKVijR2hYvhDNP3UDzKgryynoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000, public, no-transform
accept-ranges
bytes
cf-ray
80bfe40c4828b0dc-ATL
expires
Sat, 07 Sep 2024 00:05:59 GMT
fastEasyShort.png
notes.io/theme/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://notes.io/theme/images/fastEasyShort.png
Requested by
Host: notes.io
URL: https://notes.io/qRW7P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 , Italy, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38d388d9c7ac8c0d5e4d6210314e98f5e888456e9ac87614b160c6d9098f07f1

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://notes.io/qRW7P
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 02:38:24 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
16260146
alt-svc
h3=":443"; ma=86400
content-length
1052
last-modified
Sun, 06 Mar 2022 21:47:54 GMT
server
cloudflare
etag
"62252c0a-41c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eOG%2FrJDdP5HSiV9TpVcoulWcPsVrb6kupZDBZlIV18IdVzD%2Bu1h%2BrvPHUDyvtgsb89Howh%2BvUTB6AVZsZPPBSDcuhEBNwCASXEJ1r1u76tSJpeXv5IRrjwuNgg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000, public, no-transform
accept-ranges
bytes
cf-ray
80bfe40c4829b0dc-ATL
expires
Tue, 19 Mar 2024 21:55:58 GMT
ajax-loader.gif
notes.io/theme/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://notes.io/theme/images/ajax-loader.gif
Requested by
Host: notes.io
URL: https://notes.io/qRW7P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 , Italy, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db2ba4889dd6b787459213e432032ea294061cedf2b335b423c93e923d36472a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://notes.io/qRW7P
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 02:38:24 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
16260146
alt-svc
h3=":443"; ma=86400
content-length
1785
last-modified
Sun, 06 Mar 2022 21:47:54 GMT
server
cloudflare
etag
"62252c0a-6f9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J4j5FNhINJSfBv5rXD7KRHs2HsGiPFSPS2PG82zw%2BQgWehur8GZUCjFmZLUHVZqMhnvicP1cHleBEmr3y%2BEIYd09YWnjOejhvhpkU2eUYGelkd7%2BAJYhRRvlzw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=31536000, public, no-transform
accept-ranges
bytes
cf-ray
80bfe40c482bb0dc-ATL
expires
Tue, 19 Mar 2024 21:55:58 GMT
repost.jpg
notes.io/theme/banners/ 		42 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://notes.io/theme/banners/repost.jpg
Requested by
Host: notes.io
URL: https://notes.io/qRW7P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 , Italy, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d1a0d90b4cfb1d98abf3ecc7b4a372b8285f1a9d905d6587f5f14a16f67a1ba

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://notes.io/qRW7P
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 02:38:24 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1756288
alt-svc
h3=":443"; ma=86400
content-length
43481
last-modified
Mon, 04 Sep 2023 18:22:52 GMT
server
cloudflare
etag
"64f6207c-a9d9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NP%2F4zmhwUWkxhUQQWHj8%2FiT5b3J3Bixi4uIQdcpfBDmPhuWxSrjJoFBktDDKu046xnwhgtbBne9QthuJ9zweygvGas21bCLE%2BahehivfMahgRPdwCW5Wdt89sA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform
accept-ranges
bytes
cf-ray
80bfe40c482cb0dc-ATL
expires
Tue, 03 Sep 2024 18:46:56 GMT
email-decode.min.js
notes.io/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://notes.io/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: notes.io
URL: https://notes.io/qRW7P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 , Italy, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://notes.io/qRW7P
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 02:38:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 20 Sep 2023 08:17:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"650aaa83-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i9Ez7ZPow9QeCRzwBWvwPVNyFppzNVx%2BpubdrBEOwJ48hgMoPDovM%2FnvJ1sfJ5QJyM2f28Ims1Vk56vcph%2Fp7B2%2FCcxxxiEyP43uPVTElRSNr61H8%2FhG9kGzLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
80bfe40c481eb0dc-ATL
expires
Wed, 27 Sep 2023 02:38:24 GMT
jquery.min.js
notes.io/theme/scripts/ 		95 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://notes.io/theme/scripts/jquery.min.js
Requested by
Host: notes.io
URL: https://notes.io/qRW7P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 , Italy, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://notes.io/qRW7P
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 02:38:24 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sun, 06 Mar 2022 21:47:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
16262713
etag
W/"62252c0a-17b8b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yIhsXm0KCiIz%2FMg%2Fa2%2BTC5HT5MDhdjEmhwQ%2BAxtDLzBmu35GcSz6FRyt0MyHUi4boPI7Jjb1EqOJxJDizokkMwC4S2tK3TCI5z5UBiphcBnjVSBT%2FUU9md2%2BDg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000, public, no-transform
cf-ray
80bfe40c4820b0dc-ATL
alt-svc
h3=":443"; ma=86400
expires
Tue, 19 Mar 2024 21:13:11 GMT
notes.min.js
notes.io/theme/scripts/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://notes.io/theme/scripts/notes.min.js
Requested by
Host: notes.io
URL: https://notes.io/qRW7P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 , Italy, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5ee2889a6667a9109444c3049d12b00e4d415039b49e07dfec29c91a2911a8d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://notes.io/qRW7P
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 02:38:24 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sun, 06 Mar 2022 21:47:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
16260146
etag
W/"62252c0a-1799"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3X1PgWr7p43WlV7fzgLiiG6%2FH8IJslR258fp%2BMyEipFf767MntpCrBiFdmyyft8iZ27DWaaHHIWXVZVHamntp2MxpbSBs5OSAXFs%2FoPF5eMX%2BVaI3jrva1He0g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000, public, no-transform
cf-ray
80bfe40c4822b0dc-ATL
alt-svc
h3=":443"; ma=86400
expires
Tue, 19 Mar 2024 21:55:58 GMT
js
www.googletagmanager.com/gtag/ 		221 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-H0XVNMGVTV
Requested by
Host: notes.io
URL: https://notes.io/qRW7P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.232 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
4aa9a139f3c1f97a8b564f4165ba8c33e5f6b55a0c1f2646ef57c7bc0e87e26c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://notes.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 02:38:24 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
80765
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 25 Sep 2023 02:38:24 GMT
v8b253dfea2ab4077af8c6f58422dfbfd1689876627854
static.cloudflareinsights.com/beacon.min.js/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854
Requested by
Host: notes.io
URL: https://notes.io/qRW7P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.57.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391

Request headers

Referer
https://notes.io/
Origin
https://notes.io
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 02:38:24 GMT
content-encoding
gzip
last-modified
Thu, 20 Jul 2023 18:10:27 GMT
server
cloudflare
etag
W/"2023.7.1"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
80bfe40d6c1f0221-ZRH
background.jpg
notes.io/theme/images/ 		96 KB
96 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://notes.io/theme/images/background.jpg
Requested by
Host: notes.io
URL: https://notes.io/theme/styles/notes.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 , Italy, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c7700b4f17c98726894ffd50bbb33856f758fc61f90ad86829ce84db18e1b10

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://notes.io/theme/styles/notes.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 02:38:24 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11828255
alt-svc
h3=":443"; ma=86400
content-length
98299
last-modified
Sun, 06 Mar 2022 21:47:54 GMT
server
cloudflare
etag
"62252c0a-17ffb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nBEgOeHvYbzVXWhaIRhdxoD5GRw6pnRgHPtNkqsZTt%2F%2BxhaGGBqCwL2KqAejf16Oeg3wkPkzbYpB6trYZd%2BlqhvarjW%2FTiTCGsJQ554YWTnSwO6unutblrbxTg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform
accept-ranges
bytes
cf-ray
80bfe40ce8f4b0dc-ATL
expires
Fri, 10 May 2024 05:00:49 GMT
barsol.png
notes.io/theme/images/ 		256 B
550 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://notes.io/theme/images/barsol.png
Requested by
Host: notes.io
URL: https://notes.io/theme/styles/notes.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 , Italy, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fcbe61c8a75836204c74b660cc354dc661afcd19863640940795a901d606bd4d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://notes.io/theme/styles/notes.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 02:38:24 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
16260145
alt-svc
h3=":443"; ma=86400
content-length
256
last-modified
Sun, 06 Mar 2022 21:47:54 GMT
server
cloudflare
etag
"62252c0a-100"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gv0eeJuCEpDh6rHojxcUTNlfqjgHiEr5LAE2wEYBWEijcrzvpG7fBlUL7n568UzysYGh2S2YSDlSVagn9vfUdN2PVgRAX8GqXiR3vGIMbr8lKNp4NwF4mER%2B%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000, public, no-transform
accept-ranges
bytes
cf-ray
80bfe40ce8f6b0dc-ATL
expires
Tue, 19 Mar 2024 21:55:58 GMT
barback.png
notes.io/theme/images/ 		133 B
486 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://notes.io/theme/images/barback.png
Requested by
Host: notes.io
URL: https://notes.io/theme/styles/notes.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 , Italy, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd1e65fd03eb5e219a3ea73711a044bbdba580de75e7d0108bc2ce2a99fd73fe

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://notes.io/theme/styles/notes.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 02:38:24 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
16260145
alt-svc
h3=":443"; ma=86400
content-length
133
last-modified
Sun, 06 Mar 2022 21:47:54 GMT
server
cloudflare
etag
"62252c0a-85"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SBW%2BNlsJdjKh7%2B0mzNEdg1YFk2RdCL%2BxnxZkU5QTjlaBX1Sy6nGqtaMCSjw8Il0PTixUWaYcVKuo0dEMQT4jPe%2F99MftsJqfzTEZ3SbzIfh%2FhiqyZqWUzIpdaw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000, public, no-transform
accept-ranges
bytes
cf-ray
80bfe40ce8f8b0dc-ATL
expires
Tue, 19 Mar 2024 21:55:58 GMT
random2.png
notes.io/theme/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://notes.io/theme/images/random2.png
Requested by
Host: notes.io
URL: https://notes.io/theme/styles/notes.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 , Italy, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
854a5cc12540c33c5d748da0b9bce95a25c72f9ef7fc4f92bbca033f8df835cc

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://notes.io/theme/styles/notes.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 02:38:24 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
16260145
alt-svc
h3=":443"; ma=86400
content-length
1986
last-modified
Sun, 06 Mar 2022 21:47:54 GMT
server
cloudflare
etag
"62252c0a-7c2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LsrfHOCHlrRpg3YnN3vtC058sV34qYn8Nhg0ukrubqFaAN4EN0UawHoukF2LdThatO6XwGEStXqzQRw7uD3vgkUWqxF%2F%2B0fpNI9zCEnwrqbUYwvMJmaVgEYFnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000, public, no-transform
accept-ranges
bytes
cf-ray
80bfe40ce8fbb0dc-ATL
expires
Tue, 19 Mar 2024 21:55:58 GMT
share.png
notes.io/theme/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://notes.io/theme/images/share.png
Requested by
Host: notes.io
URL: https://notes.io/theme/styles/notes.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 , Italy, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e676afbd0ddf8afafc01c7bf13e9ddeee39e6b662ae259f8266090cb785b927e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://notes.io/theme/styles/notes.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 02:38:24 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
16260145
alt-svc
h3=":443"; ma=86400
content-length
1664
last-modified
Sun, 06 Mar 2022 21:47:54 GMT
server
cloudflare
etag
"62252c0a-680"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ln8gJTxWeNhYs6fAzGCW7sUNOV1xIalAlAgeoURcBdWlufJs7tn7rg94EU8mU1inQ3Cf4BI3CVlsQVIhYrjPBwLivLu8zhBlYXuG8%2BCUEArNVOKTxJMnEOm07w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000, public, no-transform
accept-ranges
bytes
cf-ray
80bfe40ce8fcb0dc-ATL
expires
Tue, 19 Mar 2024 21:55:58 GMT
comingsoon.png
notes.io/theme/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://notes.io/theme/images/comingsoon.png
Requested by
Host: notes.io
URL: https://notes.io/theme/styles/notes.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 , Italy, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9e7213bd1de2e07001870ec2470a3347053cd9066ee982022fb597ac5e6001e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://notes.io/theme/styles/notes.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 02:38:24 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
16260145
alt-svc
h3=":443"; ma=86400
content-length
3344
last-modified
Sun, 06 Mar 2022 21:47:54 GMT
server
cloudflare
etag
"62252c0a-d10"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1WRzeDAfZhARWt%2FuP%2BmOByRYfzQY2fD75xhiL4sRT8QDvAy7BKbvpVKFUn%2FdWyEEhOPCVzefdHD1qvAhAVhBac12I9yO0IO936at2Biv54NGAruNEdyoA15D7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000, public, no-transform
accept-ranges
bytes
cf-ray
80bfe40ce8ffb0dc-ATL
expires
Tue, 19 Mar 2024 21:55:58 GMT
account.png
notes.io/theme/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://notes.io/theme/images/account.png
Requested by
Host: notes.io
URL: https://notes.io/theme/styles/notes.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 , Italy, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf40f3d3dcd31f19de9a2b7da30d13d736eec2900d093fb4d6aa8eda2c2abd40

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://notes.io/theme/styles/notes.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 02:38:24 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
16260145
alt-svc
h3=":443"; ma=86400
content-length
1726
last-modified
Sun, 06 Mar 2022 21:47:54 GMT
server
cloudflare
etag
"62252c0a-6be"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qmjTyIMdztoI05GJ535SOXmJiq7RgHlyuOgdG6Bky4xzfzDqW5N10WBesqYnw8B8lk%2Fq%2FX%2F0%2BWB9WTBWu8EwBIrUEnTdT56li%2BluGOhZ4TnTRXONANO1Rn4I9A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000, public, no-transform
accept-ranges
bytes
cf-ray
80bfe40ce901b0dc-ATL
expires
Tue, 19 Mar 2024 21:55:58 GMT
myNotes.png
notes.io/theme/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://notes.io/theme/images/myNotes.png
Requested by
Host: notes.io
URL: https://notes.io/theme/styles/notes.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 , Italy, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4fbcb3ac2b54766a4469f7cbaddab896205e86532bdb730e07ae2d21e2ed35cd

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://notes.io/theme/styles/notes.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 02:38:24 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
16260145
alt-svc
h3=":443"; ma=86400
content-length
2080
last-modified
Sun, 06 Mar 2022 21:47:54 GMT
server
cloudflare
etag
"62252c0a-820"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r5KiC1lRIZ23sDT7QpkKbUCcabN8onE9YNdLoIlZtHkC2Sc7kgvSOGbs9EgA8r%2BknQWiu1T97DaSiq9gBDrFmLGr%2FaKzUpPHLZne0%2B%2B%2FhPJuTupVlzuwEre1vA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000, public, no-transform
accept-ranges
bytes
cf-ray
80bfe40ce903b0dc-ATL
expires
Tue, 19 Mar 2024 21:55:58 GMT
barsag.png
notes.io/theme/images/ 		281 B
583 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://notes.io/theme/images/barsag.png
Requested by
Host: notes.io
URL: https://notes.io/theme/styles/notes.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 , Italy, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42ae8ff6ab42a1788012299b4be64fa1571d1eab8c6d66be656d02ff10d4285e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://notes.io/theme/styles/notes.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 02:38:24 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
16260145
alt-svc
h3=":443"; ma=86400
content-length
281
last-modified
Sun, 06 Mar 2022 21:47:54 GMT
server
cloudflare
etag
"62252c0a-119"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pDfD8mJLbaNZhXQ5QX1xaVzx6AgRuzhCIK1htW5R1Stgmtk3IwCYXTn7lI7DuyD1z6qgvs%2BP86DB3kAC4EW3fQBqslcpZ7rAePg8tHbpc5hPNaMS80eWvCybEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000, public, no-transform
accept-ranges
bytes
cf-ray
80bfe40ce905b0dc-ATL
expires
Tue, 19 Mar 2024 21:55:58 GMT
notespageback.png
notes.io/theme/images/ 		94 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://notes.io/theme/images/notespageback.png
Requested by
Host: notes.io
URL: https://notes.io/theme/styles/notes.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 , Italy, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afb2ca57a17df4ec594641ffa0ed6410fb85d072e8105affb26f03811edaafb3

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://notes.io/theme/styles/notes.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 02:38:24 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
16260145
alt-svc
h3=":443"; ma=86400
content-length
94
last-modified
Sun, 06 Mar 2022 21:47:54 GMT
server
cloudflare
etag
"62252c0a-5e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jgDNDAtjwMHPiqL6meUXMdKGnhFsjSfs3a4m8%2FcSj6twC5KqAetqWkQ1Q9dos5CIIDp5xTTXSsHB8aaFsKhc7EWwqVbO9AvOmClgguYp02BUo4izmrzYT2HyRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000, public, no-transform
accept-ranges
bytes
cf-ray
80bfe40ce907b0dc-ATL
expires
Tue, 19 Mar 2024 21:55:58 GMT
notesline.png
notes.io/theme/images/ 		89 B
399 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://notes.io/theme/images/notesline.png
Requested by
Host: notes.io
URL: https://notes.io/theme/styles/notes.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 , Italy, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ff68407b71ff03c432cca13da1e5296a765d3e91d2c3f18f356e4be99bebf1c

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://notes.io/theme/styles/notes.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 02:38:24 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
16260145
alt-svc
h3=":443"; ma=86400
content-length
89
last-modified
Sun, 06 Mar 2022 21:47:54 GMT
server
cloudflare
etag
"62252c0a-59"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BSvMoV847iB5KZOJAF57Ya2ow5g7MfOABlBQzYRZHkUyztRcWhHZi7J02EK4%2BqzKclfjyBKim2ATgfNHZrb4Cqcs9vU9diITphvDaDL3JxOwGqnHskIB1kJOxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000, public, no-transform
accept-ranges
bytes
cf-ray
80bfe40ce909b0dc-ATL
expires
Tue, 19 Mar 2024 21:55:58 GMT
notespagebottom1.png
notes.io/theme/images/ 		233 B
540 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://notes.io/theme/images/notespagebottom1.png
Requested by
Host: notes.io
URL: https://notes.io/theme/styles/notes.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 , Italy, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
011a1aebdf086c6cf9c92c114f9227ff687d51306256031e2029371d0ee4d97c

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://notes.io/theme/styles/notes.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 02:38:24 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
16260145
alt-svc
h3=":443"; ma=86400
content-length
233
last-modified
Sun, 06 Mar 2022 21:47:54 GMT
server
cloudflare
etag
"62252c0a-e9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eCQsaY3Q28994Os13ehP661aWKFVAjQSUWm%2BAjXhQ%2F0KlZX300BRggvxGUB6eQnFnUGZhpugHrOjybi%2FPWDUpo0RrlX5lsw2pkBZqMCQiudPmU%2B0YMtKx1q8Pw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000, public, no-transform
accept-ranges
bytes
cf-ray
80bfe40d397ab0dc-ATL
expires
Tue, 19 Mar 2024 21:55:58 GMT
notespagebottom2.png
notes.io/theme/images/ 		91 B
444 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://notes.io/theme/images/notespagebottom2.png
Requested by
Host: notes.io
URL: https://notes.io/theme/styles/notes.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 , Italy, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a88d92e2876436beeb002b35dd4161535db42e6dd90ebd024ee57e96133fee01

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://notes.io/theme/styles/notes.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 02:38:24 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
16260145
alt-svc
h3=":443"; ma=86400
content-length
91
last-modified
Sun, 06 Mar 2022 21:47:54 GMT
server
cloudflare
etag
"62252c0a-5b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EgJQkEP1Csepmt4lmEImNIGJLjIzOK0zNUDgj4yIJ%2FgBZFDZjtfHnzx3WrKpKv%2FQWUuNTujpU%2FKJ20O3VtvKFuA0pYcfjOY1C%2Ft%2F5R0W%2FUeshLG6pDuspe2gLA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000, public, no-transform
accept-ranges
bytes
cf-ray
80bfe40d397bb0dc-ATL
expires
Tue, 19 Mar 2024 21:55:58 GMT
notespagebottom3.png
notes.io/theme/images/ 		198 B
605 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://notes.io/theme/images/notespagebottom3.png
Requested by
Host: notes.io
URL: https://notes.io/theme/styles/notes.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 , Italy, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
71409f8b486cef6225f67eddcbd21f2731ac72ccc82d3889e71a1cd53f43e09c

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://notes.io/theme/styles/notes.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 02:38:24 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
375886
alt-svc
h3=":443"; ma=86400
content-length
198
last-modified
Sun, 06 Mar 2022 21:47:54 GMT
server
cloudflare
etag
"62252c0a-c6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qPnkfdkQXJCI%2Bk%2FXz%2FB7ri2qCKlb1UuE%2BHTadABrfTgQ2XYYh5Jv5iu2msEyT8v28TH%2FzkWPZCYW6s%2Fqz9n%2FGgY0%2B%2Ff4VBoDIvMn2pb1vQK%2BgBPp2f4hr5wTCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000, public, no-transform
accept-ranges
bytes
cf-ray
80bfe40d397cb0dc-ATL
expires
Thu, 19 Sep 2024 18:13:38 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/ 		379 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
8d2e3d6d62127384bc1c8b79f750a5dc37ea915c6e3a7c08fda86e2a9b855768
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://notes.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 02:38:25 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131538
x-xss-protection
0
server
cafe
etag
3947059141895201429
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Mon, 25 Sep 2023 02:38:25 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230920/r20190131/ Frame E1E4 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230920/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://notes.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
47293
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4471
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 24 Sep 2023 13:30:12 GMT
etag
2603938475786422795
expires
Sun, 08 Oct 2023 13:30:12 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
1.png
notes.io/theme/images/messagebox/ 		208 B
544 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://notes.io/theme/images/messagebox/1.png
Requested by
Host: notes.io
URL: https://notes.io/theme/styles/notes.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 , Italy, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f6bc396d110fdd03709c3abdff243d74ce8047aeb20b19869ec8582d0fa0c4f

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://notes.io/theme/styles/notes.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 02:38:25 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
984779
alt-svc
h3=":443"; ma=86400
content-length
208
last-modified
Sun, 06 Mar 2022 21:47:54 GMT
server
cloudflare
etag
"62252c0a-d0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XfRoS0Fc4%2Frgy8byMKJd0mdExzbkcCXB2rVAfAGbNXP8rybqX0VX8kfPJBH5T2TP0YDy4NyIZ27r0W%2FQNm1HG%2FcIEYibckGwNOaYsywdO19GH78H%2BcPmJBmlTw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000, public, no-transform
accept-ranges
bytes
cf-ray
80bfe4109d7fb0dc-ATL
expires
Thu, 12 Sep 2024 17:05:25 GMT
2.png
notes.io/theme/images/messagebox/ 		84 B
395 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://notes.io/theme/images/messagebox/2.png
Requested by
Host: notes.io
URL: https://notes.io/theme/styles/notes.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 , Italy, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b90937bdac082504869f2e7f5ab0cdae955ca4081694733ffd27a521e90dbaf

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://notes.io/theme/styles/notes.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 02:38:25 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
14794476
alt-svc
h3=":443"; ma=86400
content-length
84
last-modified
Sun, 06 Mar 2022 21:47:54 GMT
server
cloudflare
etag
"62252c0a-54"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5N89THycc1ZYTSCmP2Fb2w9Mr7xAqBCoH4DJHhh7C6CZt%2B0k5Se5OWt6d7I%2B9yyvdo%2BNFHkgaAbV2N4j8vjyQADdosrMOEqRdHXD9sxjp2ynyPaqauAx0ogFHw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000, public, no-transform
accept-ranges
bytes
cf-ray
80bfe410bda0b0dc-ATL
expires
Fri, 05 Apr 2024 21:03:49 GMT
closeBTN.png
notes.io/theme/images/messagebox/ 		662 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://notes.io/theme/images/messagebox/closeBTN.png
Requested by
Host: notes.io
URL: https://notes.io/theme/styles/notes.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 , Italy, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6ab241fbbf7c976659bcaa9cbb5c1367d899b47ce4dcd25a58e633dfef1ea7e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://notes.io/theme/styles/notes.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 02:38:25 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
16260146
alt-svc
h3=":443"; ma=86400
content-length
662
last-modified
Sun, 06 Mar 2022 21:47:54 GMT
server
cloudflare
etag
"62252c0a-296"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U4qcJkgX9t30nZjWCokvOz5imvHvKc8RjLWmPHqJDdNM5zx%2B5o76D9MKSpvGumObTTwNTZTa%2F9hgIfCORvMaKO3TQGgssNphMwPzDgwyfMhX97QIOS9vJAz7Jw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000, public, no-transform
accept-ranges
bytes
cf-ray
80bfe410bda2b0dc-ATL
expires
Tue, 19 Mar 2024 21:55:59 GMT
3.png
notes.io/theme/images/messagebox/ 		216 B
568 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://notes.io/theme/images/messagebox/3.png
Requested by
Host: notes.io
URL: https://notes.io/theme/styles/notes.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 , Italy, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb00fe51694e9a062bdd78d55e256b8b9b512907f1f886c952b1e6184fa4f3f4

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://notes.io/theme/styles/notes.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 02:38:25 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
16260146
alt-svc
h3=":443"; ma=86400
content-length
216
last-modified
Sun, 06 Mar 2022 21:47:54 GMT
server
cloudflare
etag
"62252c0a-d8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lyvA%2Bx3Mf3XOsZY4f6ZJ5MKWJg%2FkcxBlaq15KnsnZFdEYUgLjatkz3cxfKKV0x3CNyY8En7H%2Fldsujpwn%2F8w1rNv5LLV8jJ5LIo7GUEGqixmKLVf%2FsbrLe9niQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000, public, no-transform
accept-ranges
bytes
cf-ray
80bfe410bda4b0dc-ATL
expires
Tue, 19 Mar 2024 21:55:59 GMT
4.png
notes.io/theme/images/messagebox/ 		80 B
375 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://notes.io/theme/images/messagebox/4.png
Requested by
Host: notes.io
URL: https://notes.io/theme/styles/notes.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 , Italy, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd43d486434121095a1a87b10d00af75be9b3876da1b100cabdad4fc1ec08699

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://notes.io/theme/styles/notes.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 02:38:25 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
16260146
alt-svc
h3=":443"; ma=86400
content-length
80
last-modified
Sun, 06 Mar 2022 21:47:54 GMT
server
cloudflare
etag
"62252c0a-50"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oS1cpxg6r0yr5Gs%2FIn5vu07KzqPkIjiLybW%2BJO%2Bm0lDNnMxG4x0uh1J3kndT%2BDLGQHMkU0YVkiE0cqOIuskD6s6tz9nxAEocH72FiaF3dSP9yZtMFrnBWDbXgg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000, public, no-transform
accept-ranges
bytes
cf-ray
80bfe410bda5b0dc-ATL
expires
Tue, 19 Mar 2024 21:55:59 GMT
5.png
notes.io/theme/images/messagebox/ 		81 B
391 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://notes.io/theme/images/messagebox/5.png
Requested by
Host: notes.io
URL: https://notes.io/theme/styles/notes.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 , Italy, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2e6f4e3b47708f456723686f7229139f65c9590fd610ad4483aa37ab623100e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://notes.io/theme/styles/notes.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 02:38:25 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
16260146
alt-svc
h3=":443"; ma=86400
content-length
81
last-modified
Sun, 06 Mar 2022 21:47:54 GMT
server
cloudflare
etag
"62252c0a-51"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LCWmtdtLg5ZX6DhnUmRlKTuLNuDggwGoZCD48j0BNrufVhzHg2TLbQuUWtIq0p26CPXfeJ3HGoWMwLe4MOhzrIjOgFB3GM%2Fvw5poYPoBIOuoyjGDp4MXrFB7xA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000, public, no-transform
accept-ranges
bytes
cf-ray
80bfe410bda8b0dc-ATL
expires
Tue, 19 Mar 2024 21:55:59 GMT
6.png
notes.io/theme/images/messagebox/ 		190 B
489 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://notes.io/theme/images/messagebox/6.png
Requested by
Host: notes.io
URL: https://notes.io/theme/styles/notes.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 , Italy, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67fd821b8cbf7173173b93ab14e85ec18d6a244a7f5d9389e8048f5d9c38fbdc

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://notes.io/theme/styles/notes.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 02:38:25 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
16260146
alt-svc
h3=":443"; ma=86400
content-length
190
last-modified
Sun, 06 Mar 2022 21:47:54 GMT
server
cloudflare
etag
"62252c0a-be"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5gYXX4HIUq4oGID8%2F%2FV7mRA%2BpBO95ErRd07QbPGuC6Dahs3%2Bvwhs2nkqYui4vOqcE0LhqwCjqXQj%2FmfpPB2asG93n4Al4cnkcmJVyLvcG81M%2Fq%2FK5nUEWPpn4A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000, public, no-transform
accept-ranges
bytes
cf-ray
80bfe410bda9b0dc-ATL
expires
Tue, 19 Mar 2024 21:55:59 GMT
7.png
notes.io/theme/images/messagebox/ 		84 B
385 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://notes.io/theme/images/messagebox/7.png
Requested by
Host: notes.io
URL: https://notes.io/theme/styles/notes.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 , Italy, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e3483b903087992179e337c5b50d3d1768181543b2615915bb53529190fabee

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://notes.io/theme/styles/notes.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 02:38:25 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
804139
alt-svc
h3=":443"; ma=86400
content-length
84
last-modified
Sun, 06 Mar 2022 21:47:54 GMT
server
cloudflare
etag
"62252c0a-54"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AiALtBgUzgCHpMmv0KOGGg0L0ufxKNs8MFNeVSWEX37LeI%2FyMvzhESKA%2Bhd1MdapFjwz%2BlTFe3NJbGh%2B3PoCsL62BGpcfg0pZTe%2FyiFuKgPnKO%2FaHoGn9Jky4w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000, public, no-transform
accept-ranges
bytes
cf-ray
80bfe410bdadb0dc-ATL
expires
Sat, 14 Sep 2024 19:16:06 GMT
8.png
notes.io/theme/images/messagebox/ 		195 B
474 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://notes.io/theme/images/messagebox/8.png
Requested by
Host: notes.io
URL: https://notes.io/theme/styles/notes.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 , Italy, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46d72aae9d4a3d95505f41765ef9f541d3bde5b21ddfa63ca2ac5b9b2fed6003

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://notes.io/theme/styles/notes.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 02:38:25 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
16260146
alt-svc
h3=":443"; ma=86400
content-length
195
last-modified
Sun, 06 Mar 2022 21:47:54 GMT
server
cloudflare
etag
"62252c0a-c3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xd23ObOIDmCUxoBpJOhOy5ha2wHNIHhsoVOmEWrFknnbHhyPCxCC7fcfG6QcPLd6zOClqrahrqjH4qqr5QnxqbrRDhnlXeiAkt68KlqHDhysylXI1RFz3NDUiw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000, public, no-transform
accept-ranges
bytes
cf-ray
80bfe410bdaeb0dc-ATL
expires
Tue, 19 Mar 2024 21:55:59 GMT
closeBtn.png
notes.io/theme/images/ 		644 B
977 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://notes.io/theme/images/closeBtn.png
Requested by
Host: notes.io
URL: https://notes.io/theme/styles/notes.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 , Italy, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7cd13946687442925b2383aeb0273086a585e5d3bc3733de296ca83528d34aa1

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://notes.io/theme/styles/notes.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 02:38:25 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4085194
alt-svc
h3=":443"; ma=86400
content-length
644
last-modified
Sun, 06 Mar 2022 21:47:54 GMT
server
cloudflare
etag
"62252c0a-284"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XL10hTiEGWemYt3Ai83uGpShCIpQ4zhvs0A%2BznWoWMERJ0JXCFMvmbgCoHuMbRTIBitqYg7EozSIhXiEHLGG4a4gbgwj4DxLm6KS6UFE2QD7sRwG8r1BRAxBVw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000, public, no-transform
accept-ranges
bytes
cf-ray
80bfe410bdafb0dc-ATL
expires
Wed, 07 Aug 2024 19:51:51 GMT
collect
region1.analytics.google.com/g/ 		0
248 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-H0XVNMGVTV&gtm=45je39k2&_p=1267263139&_gaz=1&cid=1671426387.1695609505&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1695609505&sct=1&seg=0&dl=https%3A%2F%2Fnotes.io%2FqRW7P&dt=Notes%20-%20Are%20You%20A%20Person%20That%20Is%20in&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H0XVNMGVTV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.36 Los Gatos, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://notes.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Sep 2023 02:38:25 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://notes.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
248 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-H0XVNMGVTV&cid=1671426387.1695609505&gtm=45je39k2&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H0XVNMGVTV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.194.76.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ws-in-f155.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://notes.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Sep 2023 02:38:25 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://notes.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ch/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ch/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-H0XVNMGVTV&cid=1671426387.1695609505&gtm=45je39k2&aip=1&z=1241640644
Requested by
Host: notes.io
URL: https://notes.io/qRW7P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://notes.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Sep 2023 02:38:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/ 		383 B
600 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=notes.io&callback=_gfp_s_&client=ca-pub-4070502493653474
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
cafe /
Resource Hash
3455ffe2314f116620d28b7f333df276112d895421bc80a117361f3007c79ef5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://notes.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 02:38:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
248
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame B820 		436 B
383 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4070502493653474&output=html&h=200&slotname=3868234696&adk=549409105&adf=954533980&pi=t.ma~as.3868234696&w=1200&fwrn=4&lmt=1695602305&rafmt=11&format=1200x200&url=https%3A%2F%2Fnotes.io%2FqRW7P&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695609505100&bpp=5&bdt=611&idt=273&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&correlator=7478562174352&frm=20&pv=2&ga_vid=1671426387.1695609505&ga_sid=1695609505&ga_hid=1267263139&ga_fc=1&rplot=4&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=194&ady=122&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076838%2C31077701%2C42531706%2C44798321&oid=2&pvsid=2556140066144216&tmod=101447046&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CoEe%7Cp&abl=XS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=6aWHl56BjF&p=https%3A//notes.io&dtd=291
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
c9fc0f3c3f11b6f21cbc598cbfb5ed8cd37358c4eee457acbe2886b8e449d0a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://notes.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
212
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 25 Sep 2023 02:38:25 GMT
expires
Mon, 25 Sep 2023 02:38:25 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 0D43 		33 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4070502493653474&output=html&h=90&adk=3669304273&adf=1363183586&w=728&lmt=1695602305&format=728x90&url=https%3A%2F%2Fnotes.io%2FqRW7P&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695609505105&bpp=1&bdt=616&idt=294&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x200&correlator=7478562174352&frm=20&pv=1&ga_vid=1671426387.1695609505&ga_sid=1695609505&ga_hid=1267263139&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=430&ady=2272&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076838%2C31077701%2C42531706%2C44798321&oid=2&pvsid=2556140066144216&tmod=101447046&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CoeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=KRUSh83pBk&p=https%3A//notes.io&dtd=297
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
f67174d2943244fae08bed4e6787e163eeffbd65a5125b29f33c54b27c0db981
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://notes.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
13417
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 25 Sep 2023 02:38:25 GMT
expires
Mon, 25 Sep 2023 02:38:25 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame B1B9 		73 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4070502493653474&output=html&adk=1812271804&adf=3025194257&lmt=1695602305&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x810_l%7C500x810_r&format=0x0&url=https%3A%2F%2Fnotes.io%2FqRW7P&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695609505313&bpp=2&bdt=824&idt=91&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x200%2C728x90&nras=1&correlator=7478562174352&frm=20&pv=1&ga_vid=1671426387.1695609505&ga_sid=1695609505&ga_hid=1267263139&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076838%2C31077701%2C42531706%2C44798321&oid=2&pvsid=2556140066144216&tmod=101447046&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=102
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
5adcaa9cafe32cc7d25b923fb3e5230b75a7be5c2f34797b1ffa5cecedab81cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://notes.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
20801
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 25 Sep 2023 02:38:26 GMT
expires
Mon, 25 Sep 2023 02:38:26 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
track.adform.net/adfscript/ Frame 0D43 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=62944874;rtbwp=ZRDyoQAIQmsKewVZAAsIZhaqwKWHMkPBMrCB4w;rtbdata=vxky3uwkNcE0eCVM3Q1h1FeH-JQGPQxXtD-ApNFoMhwi5Kc9dku2CI1CZmiWiYQscTS7PbszNrd-9lC0zgAao3xmaqd42Ba9ZBgFcZOyfegYBziYqA7oyIACp8deHJ36IXQM4_dHtAwq8u6IUj_LaMwGP9opm2SpzIRmwgfUgQw522vNtB8Sk4CIxEzHzL-f0;nofp=1;click=https://adclick.g.doubleclick.net/aclk?sa=L&ai=CaPAoofIQZeuEIdmK7APmkKyQCM_ZtZNczPrvubQJwI23ARABIABg9e2ygfwDggEXY2EtcHViLTQwNzA1MDI0OTM2NTM0NzTIAQmpAkpI81cYLYM-qAMByAMCqgTkAU_QZibD0tSvnEfo-nJD6inPHJr41YtvVxvpqIhdkkxe0Z25snPMGFtadnhKwlVyOjcP6PTCWXNLuIrBe2WseTLFaJc22tg-6XKAwd5WTFhuTZo9AmA-0-UkUfK1ur_-wDxi3q5bvfHPQ1sbYUn9dHGd_mH8NBET1lCZYkkTOfrpeTmXauVldmo70o5TDwOFOpGi9WlMiE_Ge_UkJMn2_ikwEwD2ujkJ3Rk9UUWvAFRP3VIeVwmea3TEgM7zb6wAqSN500PumCNfDvrUFd0KQiT6FRjxoCUwq-Fv4vTKbVOS4gCGbYAGtO_Vz8OF86h4oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB&num=1&sig=AOD64_0UHETMUL4fn8jy2jJSYJOEb9oPmg&client=ca-pub-4070502493653474&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4070502493653474&output=html&h=90&adk=3669304273&adf=1363183586&w=728&lmt=1695602305&format=728x90&url=https%3A%2F%2Fnotes.io%2FqRW7P&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695609505105&bpp=1&bdt=616&idt=294&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x200&correlator=7478562174352&frm=20&pv=1&ga_vid=1671426387.1695609505&ga_sid=1695609505&ga_hid=1267263139&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=430&ady=2272&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076838%2C31077701%2C42531706%2C44798321&oid=2&pvsid=2556140066144216&tmod=101447046&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CoeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=KRUSh83pBk&p=https%3A//notes.io&dtd=297
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
9ee0b01060addead4f3b89403193a9db4b1e7948f05be57a1367c868464f8e71
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Sep 2023 02:38:26 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
1476
expires
-1
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/ Frame 0D43 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4070502493653474&output=html&h=90&adk=3669304273&adf=1363183586&w=728&lmt=1695602305&format=728x90&url=https%3A%2F%2Fnotes.io%2FqRW7P&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695609505105&bpp=1&bdt=616&idt=294&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x200&correlator=7478562174352&frm=20&pv=1&ga_vid=1671426387.1695609505&ga_sid=1695609505&ga_hid=1267263139&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=430&ady=2272&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076838%2C31077701%2C42531706%2C44798321&oid=2&pvsid=2556140066144216&tmod=101447046&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CoeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=KRUSh83pBk&p=https%3A//notes.io&dtd=297
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 24 Sep 2023 12:05:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
52406
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 08 Oct 2023 12:05:00 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/ Frame 0D43 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4070502493653474&output=html&h=90&adk=3669304273&adf=1363183586&w=728&lmt=1695602305&format=728x90&url=https%3A%2F%2Fnotes.io%2FqRW7P&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695609505105&bpp=1&bdt=616&idt=294&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x200&correlator=7478562174352&frm=20&pv=1&ga_vid=1671426387.1695609505&ga_sid=1695609505&ga_hid=1267263139&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=430&ady=2272&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076838%2C31077701%2C42531706%2C44798321&oid=2&pvsid=2556140066144216&tmod=101447046&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CoeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=KRUSh83pBk&p=https%3A//notes.io&dtd=297
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
cafe /
Resource Hash
096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 24 Sep 2023 12:05:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
52406
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8275
x-xss-protection
0
server
cafe
etag
7349537481621356269
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 08 Oct 2023 12:05:00 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0D43 		182 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4070502493653474&output=html&h=90&adk=3669304273&adf=1363183586&w=728&lmt=1695602305&format=728x90&url=https%3A%2F%2Fnotes.io%2FqRW7P&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695609505105&bpp=1&bdt=616&idt=294&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x200&correlator=7478562174352&frm=20&pv=1&ga_vid=1671426387.1695609505&ga_sid=1695609505&ga_hid=1267263139&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=430&ady=2272&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076838%2C31077701%2C42531706%2C44798321&oid=2&pvsid=2556140066144216&tmod=101447046&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CoeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=KRUSh83pBk&p=https%3A//notes.io&dtd=297
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
sffe /
Resource Hash
2a018a841b6975de20578c7c63607d4529281ae923f4c3ba172cb4d1d5e7c5bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 02:38:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
58105
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1695209545430561"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 25 Sep 2023 02:38:26 GMT
bootstrap.js
s1.adform.net/stoat/630/s1.adform.net/ Frame 0D43 		36 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Requested by
Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=62944874;rtbwp=ZRDyoQAIQmsKewVZAAsIZhaqwKWHMkPBMrCB4w;rtbdata=vxky3uwkNcE0eCVM3Q1h1FeH-JQGPQxXtD-ApNFoMhwi5Kc9dku2CI1CZmiWiYQscTS7PbszNrd-9lC0zgAao3xmaqd42Ba9ZBgFcZOyfegYBziYqA7oyIACp8deHJ36IXQM4_dHtAwq8u6IUj_LaMwGP9opm2SpzIRmwgfUgQw522vNtB8Sk4CIxEzHzL-f0;nofp=1;click=https://adclick.g.doubleclick.net/aclk?sa=L&ai=CaPAoofIQZeuEIdmK7APmkKyQCM_ZtZNczPrvubQJwI23ARABIABg9e2ygfwDggEXY2EtcHViLTQwNzA1MDI0OTM2NTM0NzTIAQmpAkpI81cYLYM-qAMByAMCqgTkAU_QZibD0tSvnEfo-nJD6inPHJr41YtvVxvpqIhdkkxe0Z25snPMGFtadnhKwlVyOjcP6PTCWXNLuIrBe2WseTLFaJc22tg-6XKAwd5WTFhuTZo9AmA-0-UkUfK1ur_-wDxi3q5bvfHPQ1sbYUn9dHGd_mH8NBET1lCZYkkTOfrpeTmXauVldmo70o5TDwOFOpGi9WlMiE_Ge_UkJMn2_ikwEwD2ujkJ3Rk9UUWvAFRP3VIeVwmea3TEgM7zb6wAqSN500PumCNfDvrUFd0KQiT6FRjxoCUwq-Fv4vTKbVOS4gCGbYAGtO_Vz8OF86h4oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB&num=1&sig=AOD64_0UHETMUL4fn8jy2jJSYJOEb9oPmg&client=ca-pub-4070502493653474&adurl=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
91afdb71f29e4a91f6fb9ea0c5c9cdbe42d543c727ebf59f2039286cb1e434d8

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 02:38:26 GMT
content-encoding
gzip
last-modified
Thu, 15 Jun 2023 10:58:46 GMT
server
nginx
x-cache-status
STALE
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Thu, 24 Aug 2023 15:08:03 GMT
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/ 		154 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
4379be5183ca1fab04176123c1006cf4aecd4bc7560782f2e15fcf210c019bb0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://notes.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 02:38:26 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53718
x-xss-protection
0
server
cafe
etag
9095958344829910689
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Mon, 25 Sep 2023 02:38:26 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 78B9 		436 B
507 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4070502493653474&output=html&h=280&adk=1660337510&adf=3767030899&pi=t.aa~a.179182922~i.20~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1695602306&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7194745760&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fnotes.io%2FqRW7P&fwr=0&pra=3&rh=200&rw=1488&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695609506168&bpp=2&bdt=1679&idt=-M&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfb1e97a5d2261a6a-22c89b7193de0006%3AT%3D1695609505%3ART%3D1695609505%3AS%3DALNI_MaJ4GJF79HRUUXvmaNtWKWal19m5A&gpic=UID%3D00000c83515c461a%3AT%3D1695609505%3ART%3D1695609505%3AS%3DALNI_MYPhvZIRMVNRKG04SsXG0_81ah8uw&prev_fmts=1200x200%2C728x90%2C0x0&nras=2&correlator=7478562174352&frm=20&pv=1&ga_vid=1671426387.1695609505&ga_sid=1695609505&ga_hid=1267263139&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=194&ady=1102&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076838%2C31077701%2C42531706%2C44798321&oid=2&pvsid=2556140066144216&tmod=101447046&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=kqZ2t46qm3&p=https%3A//notes.io&dtd=6
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
ba3bf985a518064038848ef64cb3bcdf0120868d10e861d9231ac9734c08f821
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://notes.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
210
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 25 Sep 2023 02:38:26 GMT
expires
Mon, 25 Sep 2023 02:38:26 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 5D43 		436 B
511 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4070502493653474&output=html&h=280&adk=1660337510&adf=2234306316&pi=t.aa~a.179182922~i.24~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1695602306&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7194745760&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fnotes.io%2FqRW7P&fwr=0&pra=3&rh=200&rw=1488&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695609506168&bpp=1&bdt=1679&idt=0&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfb1e97a5d2261a6a-22c89b7193de0006%3AT%3D1695609505%3ART%3D1695609505%3AS%3DALNI_MaJ4GJF79HRUUXvmaNtWKWal19m5A&gpic=UID%3D00000c83515c461a%3AT%3D1695609505%3ART%3D1695609505%3AS%3DALNI_MYPhvZIRMVNRKG04SsXG0_81ah8uw&prev_fmts=1200x200%2C728x90%2C0x0%2C1200x280&nras=3&correlator=7478562174352&frm=20&pv=1&ga_vid=1671426387.1695609505&ga_sid=1695609505&ga_hid=1267263139&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=194&ady=1616&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076838%2C31077701%2C42531706%2C44798321&oid=2&pvsid=2556140066144216&tmod=101447046&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=ZenOGLTlqm&p=https%3A//notes.io&dtd=10
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
d833f6f80bf8752e3030fc195f7745248ce1e18b245051313b68d6a6f8a28dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://notes.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
213
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 25 Sep 2023 02:38:26 GMT
expires
Mon, 25 Sep 2023 02:38:26 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/ Frame 14DB 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://notes.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
51143
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4471
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 24 Sep 2023 12:26:03 GMT
etag
2603938475786422795
expires
Sun, 08 Oct 2023 12:26:03 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
afr.php
ads.eu.criteo.com/delivery/r/ Frame 5351 		50 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRDyoQAITHEDogg-AA1QInlocjKGEA8q_ZsHdQ&u=%7COVSA7AGAYZ46M1YW%2FzpD%2BNRSwclh25QhA6l0R1Ur6SM%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdqr7txT5h5pBFO8QuUxv-3SzL3P7oF5e4is0ojtsn2zHULyu-rEp_4eKUm0Vln25yFFKEBzby2_CSCwukQCb8P3iqF4ILNQtHg589wVRk11BLvSP9f2WjFgFX6M401Rfq9RDkvtScW3AcaXCrsRVV3VjAghzwx21LejdAbsqaEh2hBsqdC-moy2CbNaT62wJvSVInPvIZMzeUn5gNoG5LJhTVYZ3Sdu5v4M216_6Rzm-Mh7JeNknxUpqZOpNrLfLlk9P6dQWkTBAF4xLRHy8wP_Vit_xw0k76TGYNV2idRWyqCXQCIAjQEH2ElyS_aHgUgRvAgf6evLRsVD-DsrezXXUI8-atT4avJgumO5gq16Wwo7DVt0uijPyR0YN_NPXZnHRDHRO3wUipLS89C0c8hfZP_0UdWpqciV35jZoBlk-U_8639DQ9cO8JNnNzAnzpe9vwcRPShdigqSVUt8mGWS0hqzPRt5Euh-yYh0Mz6YRzHIiDSfltKURDC2BHBM_GYOhc2De1t0sBNGzOxpEszWXMaO1NF1SHYFe7voBnl4LhW6sXPJmPhtDfqg7_6NgEUkFDgkKORoLBNoTyfRphNHqe_t4Bu95Y&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvq3hofIQZfGYIb6QiM0PoqC16AbJntKxXNWdkfdwwI23ARABIABg9e2ygfwDggEXY2EtcHViLTQwNzA1MDI0OTM2NTM0NzTIAQmpAmExRh9x37E-qAMByAMCqgTdAU_QvUVw3k4hvxNzxs7ixsNMfmSmDuPLQIw27eZLq4HV3cgGcxkmOKgK6Ggbx8QXSK9UkC9_sVJJxUXLWKrGcIxP6__fu98Bneq-N3mVLR6lPYHQIoRsNRkCzCdFpouiGZQQfbKlL1JDgLMkVsvwC5p9QOSYLrn25UuVoNM9bmywdz-FzHnv4_1w4vY2z7qzemP2PAWEkV1PHDPR_zL8gFRs96gqK833_fgbfIqPT2p-G8f5y1ERjzOdkKXWjuigYY6Y1Fc1YHSgdOqgCRtrOUKOlFKdyTYGLN89diiWgAbL37_7l8yi9RegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3yy14nGwXjb-h43HKvt-80EvllSQ%26client%3Dca-pub-4070502493653474%26adurl%3D
Requested by
Host: notes.io
URL: https://notes.io/qRW7P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
1750efe32545524d16dfb0ec0e7f27bf1e8f9b3f0e1223e4c09958b9d3897f03
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Mon, 25 Sep 2023 02:38:26 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=WSnRYSFuWSg7HfRBDnOZsF_YaB7bE1fhnEeF4Ph1wvftk8NVpGt6A-ErrqhlwXo1wo4Ivxi8_dBjnDP_5VopbBMLiFGyi4ODkQuZ7-fvWzf2ED7QfTLTVj4h3uczY6GpJW7D-TYbBgmJOtseWkHh35Bxydqb9ZvyJG4MwMU0bP4fQ9Kl9Y1wH_RDtehne6nFCq2Ip3WTV7XxVoimeJtL2k6teUIS0cLGw-zJ-Kxe-Ms2_GREjTefXbq2VXMgVhXLrh4BzQ"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
2976722
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/ Frame B0A3 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/window_focus_fy2021.js
Requested by
Host: notes.io
URL: https://notes.io/qRW7P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 24 Sep 2023 12:05:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
52406
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 08 Oct 2023 12:05:00 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/ Frame B0A3 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: notes.io
URL: https://notes.io/qRW7P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
cafe /
Resource Hash
096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 24 Sep 2023 12:05:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
52406
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8275
x-xss-protection
0
server
cafe
etag
7349537481621356269
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 08 Oct 2023 12:05:00 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B0A3 		182 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: notes.io
URL: https://notes.io/qRW7P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
sffe /
Resource Hash
2a018a841b6975de20578c7c63607d4529281ae923f4c3ba172cb4d1d5e7c5bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 02:38:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
58105
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1695209545430561"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 25 Sep 2023 02:38:26 GMT
/
track.adform.net/adfserve/ Frame 0D43 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?CC=1&bn=62944874;rtbwp=ZRDyoQAIQmsKewVZAAsIZhaqwKWHMkPBMrCB4w;rtbdata=vxky3uwkNcE0eCVM3Q1h1FeH-JQGPQxXtD-ApNFoMhwi5Kc9dku2CI1CZmiWiYQscTS7PbszNrd-9lC0zgAao3xmaqd42Ba9ZBgFcZOyfegYBziYqA7oyIACp8deHJ36IXQM4_dHtAwq8u6IUj_LaMwGP9opm2SpzIRmwgfUgQw522vNtB8Sk4CIxEzHzL-f0;nofp=1;click=https://adclick.g.doubleclick.net/aclk?sa=L&ai=CaPAoofIQZeuEIdmK7APmkKyQCM_ZtZNczPrvubQJwI23ARABIABg9e2ygfwDggEXY2EtcHViLTQwNzA1MDI0OTM2NTM0NzTIAQmpAkpI81cYLYM-qAMByAMCqgTkAU_QZibD0tSvnEfo-nJD6inPHJr41YtvVxvpqIhdkkxe0Z25snPMGFtadnhKwlVyOjcP6PTCWXNLuIrBe2WseTLFaJc22tg-6XKAwd5WTFhuTZo9AmA-0-UkUfK1ur_-wDxi3q5bvfHPQ1sbYUn9dHGd_mH8NBET1lCZYkkTOfrpeTmXauVldmo70o5TDwOFOpGi9WlMiE_Ge_UkJMn2_ikwEwD2ujkJ3Rk9UUWvAFRP3VIeVwmea3TEgM7zb6wAqSN500PumCNfDvrUFd0KQiT6FRjxoCUwq-Fv4vTKbVOS4gCGbYAGtO_Vz8OF86h4oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB&num=1&sig=AOD64_0UHETMUL4fn8jy2jJSYJOEb9oPmg&client=ca-pub-4070502493653474&adurl=;js=1;adfxid=1x;259;set=en-US|en-US|1600X1200|0|750|100|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fnotes.io
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
7fa824848a15c37307853e4c65d6b1774d4de33b83fc0f4567193443ea0f78ca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Sep 2023 02:38:26 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
3076
expires
-1
/
track.adform.net/csimpr/ Frame 0D43 		35 B
600 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=62944874&csi=oSPKemGzceDGRsbFV8fC5JIdF0TlfhXd1wuH0yPSmTHrygPkIxxfkz24k9uGqvVSPTaark9VzJNNY5cKo-itxrQ8JIJob1sX0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://googleads.g.doubleclick.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 25 Sep 2023 02:38:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
impression_tracker.php
assets.bly.ch/tool/php/ Frame 0D43 		247 B
289 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bly.ch/tool/php/impression_tracker.php?type=js&creative_id=57961980&campaign_id=2971292
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
94.130.16.67 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
veramedia1.timmeserver.de
Software
nginx /
Resource Hash
ee4e500b7f32e3206973ece465318edd8d521b9612c7b8be811d1f006780355b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-bly-info
Opt Out under https://www.bly.ch/opt-out/
date
Mon, 25 Sep 2023 02:38:26 GMT
content-encoding
br
server
nginx
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
KUH_Ad_728x90_GDM_fr_28052014.jpg
www.adtracker.ch/upload/KuhnRikon/Banner2014/FR/JPG/ Frame 0D43
Redirect Chain
  • https://dash.ct0.ch/tb.php?t=116404V2451174915B&subid=pv10522290
  • https://www.adtracker.ch/upload/KuhnRikon/Banner2014/FR/JPG/KUH_Ad_728x90_GDM_fr_28052014.jpg
93 KB
93 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.adtracker.ch/upload/KuhnRikon/Banner2014/FR/JPG/KUH_Ad_728x90_GDM_fr_28052014.jpg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4070502493653474&output=html&h=90&adk=3669304273&adf=1363183586&w=728&lmt=1695602305&format=728x90&url=https%3A%2F%2Fnotes.io%2FqRW7P&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695609505105&bpp=1&bdt=616&idt=294&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x200&correlator=7478562174352&frm=20&pv=1&ga_vid=1671426387.1695609505&ga_sid=1695609505&ga_hid=1267263139&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=430&ady=2272&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076838%2C31077701%2C42531706%2C44798321&oid=2&pvsid=2556140066144216&tmod=101447046&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CoeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=KRUSh83pBk&p=https%3A//notes.io&dtd=297
Protocol
H2
Server
138.201.13.253 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
app.adtracker.ch
Software
nginx /
Resource Hash
6aea16ed3951e79753b35a167f7899eb824d34f0711cf33739da16b54d6848e4

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 02:38:26 GMT
last-modified
Tue, 22 Jun 2021 22:00:01 GMT
server
nginx
etag
"60d25d61-17279"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
94841
expires
Wed, 25 Oct 2023 02:38:26 GMT

Redirect headers

location
https://www.adtracker.ch/upload/KuhnRikon/Banner2014/FR/JPG/KUH_Ad_728x90_GDM_fr_28052014.jpg
date
Mon, 25 Sep 2023 02:38:26 GMT
x-content-type-options
nosniff
server
nginx
accept-ranges
bytes
x-xss-protection
1; mode=block
content-type
image/gif
spacer.gif
dash.ct0.ch/images/ Frame 0D43
Redirect Chain
  • https://dash.ct0.ch/tpv.php?t=116404V2451174915B&subid=pv10522290&rnd=19281
  • https://inter.ch.kuhnrikon.com/tpv.php?t=116404V2451174915B&subid=pv10522290&rnd=19281&sdtr=1
  • https://dash.ct0.ch/images/spacer.gif?lea_source=2023092504382732681474315X116404V2451174915BSpv10522290
43 B
221 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dash.ct0.ch/images/spacer.gif?lea_source=2023092504382732681474315X116404V2451174915BSpv10522290
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4070502493653474&output=html&h=90&adk=3669304273&adf=1363183586&w=728&lmt=1695602305&format=728x90&url=https%3A%2F%2Fnotes.io%2FqRW7P&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695609505105&bpp=1&bdt=616&idt=294&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x200&correlator=7478562174352&frm=20&pv=1&ga_vid=1671426387.1695609505&ga_sid=1695609505&ga_hid=1267263139&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=430&ady=2272&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076838%2C31077701%2C42531706%2C44798321&oid=2&pvsid=2556140066144216&tmod=101447046&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CoeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=KRUSh83pBk&p=https%3A//notes.io&dtd=297
Protocol
H2
Server
84.200.5.215 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 02:38:27 GMT
x-content-type-options
nosniff
last-modified
Wed, 21 Nov 2018 09:35:57 GMT
server
nginx
etag
"5bf526fd-2b"
content-type
image/gif
accept-ranges
bytes
content-length
43
x-xss-protection
1; mode=block

Redirect headers

pragma
no-cache
date
Mon, 25 Sep 2023 02:38:27 GMT
x-content-type-options
nosniff
server
nginx
content-type
text/html; charset=UTF-8
location
https://dash.ct0.ch/images/spacer.gif?lea_source=2023092504382732681474315X116404V2451174915BSpv10522290
cache-control
no-store, no-cache, must-revalidate
x-xss-protection
1; mode=block
expires
Thu, 19 Nov 1981 08:52:00 GMT
ThirdParty
s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.233/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:types/ Frame 0D43 		34 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.233/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:types/ThirdParty
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
73bf38e360808e83c5e94f6089326848f56880e84dc21c7ab1cc538e6f2b83c4

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 02:38:26 GMT
content-encoding
gzip
last-modified
Thu, 15 Jun 2023 10:58:46 GMT
server
nginx
x-cache-status
STALE
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Thu, 24 Aug 2023 15:08:05 GMT
spacer.gif
dash.ct0.ch/images/ Frame 0DFA
Redirect Chain
  • https://cct.shop.post.ch/tpv.php?t=116404V2439174827F
  • https://dash.ct0.ch/images/spacer.gif?utm_medium=Referral&utm_source=Affiliate&utm_campaign=connects&lea_source=2023092504382632681474313X116404V2439174827F
43 B
221 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dash.ct0.ch/images/spacer.gif?utm_medium=Referral&utm_source=Affiliate&utm_campaign=connects&lea_source=2023092504382632681474313X116404V2439174827F
Requested by
Host: assets.bly.ch
URL: https://assets.bly.ch/tool/php/impression_tracker.php?type=js&creative_id=57961980&campaign_id=2971292
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
84.200.5.215 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
content-length
43
content-type
image/gif
date
Mon, 25 Sep 2023 02:38:27 GMT
etag
"5bf526fd-2b"
last-modified
Wed, 21 Nov 2018 09:35:57 GMT
server
nginx
x-content-type-options
nosniff
x-xss-protection
1; mode=block

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html; charset=UTF-8
date
Mon, 25 Sep 2023 02:38:26 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
https://dash.ct0.ch/images/spacer.gif?utm_medium=Referral&utm_source=Affiliate&utm_campaign=connects&lea_source=2023092504382632681474313X116404V2439174827F
pragma
no-cache
server
nginx
x-content-type-options
nosniff
x-xss-protection
1; mode=block
truncated
/ Frame 0D43 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
91d3239ad47ca0101a089b51ff7c39818a6c5dc9cb8513151245f9f4f3d72df1

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
privacy_small.svg
static.criteo.net/flash/icon/ Frame 5351 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRDyoQAITHEDogg-AA1QInlocjKGEA8q_ZsHdQ&u=%7COVSA7AGAYZ46M1YW%2FzpD%2BNRSwclh25QhA6l0R1Ur6SM%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdqr7txT5h5pBFO8QuUxv-3SzL3P7oF5e4is0ojtsn2zHULyu-rEp_4eKUm0Vln25yFFKEBzby2_CSCwukQCb8P3iqF4ILNQtHg589wVRk11BLvSP9f2WjFgFX6M401Rfq9RDkvtScW3AcaXCrsRVV3VjAghzwx21LejdAbsqaEh2hBsqdC-moy2CbNaT62wJvSVInPvIZMzeUn5gNoG5LJhTVYZ3Sdu5v4M216_6Rzm-Mh7JeNknxUpqZOpNrLfLlk9P6dQWkTBAF4xLRHy8wP_Vit_xw0k76TGYNV2idRWyqCXQCIAjQEH2ElyS_aHgUgRvAgf6evLRsVD-DsrezXXUI8-atT4avJgumO5gq16Wwo7DVt0uijPyR0YN_NPXZnHRDHRO3wUipLS89C0c8hfZP_0UdWpqciV35jZoBlk-U_8639DQ9cO8JNnNzAnzpe9vwcRPShdigqSVUt8mGWS0hqzPRt5Euh-yYh0Mz6YRzHIiDSfltKURDC2BHBM_GYOhc2De1t0sBNGzOxpEszWXMaO1NF1SHYFe7voBnl4LhW6sXPJmPhtDfqg7_6NgEUkFDgkKORoLBNoTyfRphNHqe_t4Bu95Y&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvq3hofIQZfGYIb6QiM0PoqC16AbJntKxXNWdkfdwwI23ARABIABg9e2ygfwDggEXY2EtcHViLTQwNzA1MDI0OTM2NTM0NzTIAQmpAmExRh9x37E-qAMByAMCqgTdAU_QvUVw3k4hvxNzxs7ixsNMfmSmDuPLQIw27eZLq4HV3cgGcxkmOKgK6Ggbx8QXSK9UkC9_sVJJxUXLWKrGcIxP6__fu98Bneq-N3mVLR6lPYHQIoRsNRkCzCdFpouiGZQQfbKlL1JDgLMkVsvwC5p9QOSYLrn25UuVoNM9bmywdz-FzHnv4_1w4vY2z7qzemP2PAWEkV1PHDPR_zL8gFRs96gqK833_fgbfIqPT2p-G8f5y1ERjzOdkKXWjuigYY6Y1Fc1YHSgdOqgCRtrOUKOlFKdyTYGLN89diiWgAbL37_7l8yi9RegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3yy14nGwXjb-h43HKvt-80EvllSQ%26client%3Dca-pub-4070502493653474%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 02:38:27 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 19 Sep 2024 02:38:27 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 5351 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRDyoQAITHEDogg-AA1QInlocjKGEA8q_ZsHdQ&u=%7COVSA7AGAYZ46M1YW%2FzpD%2BNRSwclh25QhA6l0R1Ur6SM%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdqr7txT5h5pBFO8QuUxv-3SzL3P7oF5e4is0ojtsn2zHULyu-rEp_4eKUm0Vln25yFFKEBzby2_CSCwukQCb8P3iqF4ILNQtHg589wVRk11BLvSP9f2WjFgFX6M401Rfq9RDkvtScW3AcaXCrsRVV3VjAghzwx21LejdAbsqaEh2hBsqdC-moy2CbNaT62wJvSVInPvIZMzeUn5gNoG5LJhTVYZ3Sdu5v4M216_6Rzm-Mh7JeNknxUpqZOpNrLfLlk9P6dQWkTBAF4xLRHy8wP_Vit_xw0k76TGYNV2idRWyqCXQCIAjQEH2ElyS_aHgUgRvAgf6evLRsVD-DsrezXXUI8-atT4avJgumO5gq16Wwo7DVt0uijPyR0YN_NPXZnHRDHRO3wUipLS89C0c8hfZP_0UdWpqciV35jZoBlk-U_8639DQ9cO8JNnNzAnzpe9vwcRPShdigqSVUt8mGWS0hqzPRt5Euh-yYh0Mz6YRzHIiDSfltKURDC2BHBM_GYOhc2De1t0sBNGzOxpEszWXMaO1NF1SHYFe7voBnl4LhW6sXPJmPhtDfqg7_6NgEUkFDgkKORoLBNoTyfRphNHqe_t4Bu95Y&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvq3hofIQZfGYIb6QiM0PoqC16AbJntKxXNWdkfdwwI23ARABIABg9e2ygfwDggEXY2EtcHViLTQwNzA1MDI0OTM2NTM0NzTIAQmpAmExRh9x37E-qAMByAMCqgTdAU_QvUVw3k4hvxNzxs7ixsNMfmSmDuPLQIw27eZLq4HV3cgGcxkmOKgK6Ggbx8QXSK9UkC9_sVJJxUXLWKrGcIxP6__fu98Bneq-N3mVLR6lPYHQIoRsNRkCzCdFpouiGZQQfbKlL1JDgLMkVsvwC5p9QOSYLrn25UuVoNM9bmywdz-FzHnv4_1w4vY2z7qzemP2PAWEkV1PHDPR_zL8gFRs96gqK833_fgbfIqPT2p-G8f5y1ERjzOdkKXWjuigYY6Y1Fc1YHSgdOqgCRtrOUKOlFKdyTYGLN89diiWgAbL37_7l8yi9RegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3yy14nGwXjb-h43HKvt-80EvllSQ%26client%3Dca-pub-4070502493653474%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 02:38:27 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 19 Sep 2024 02:38:27 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 5351 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRDyoQAITHEDogg-AA1QInlocjKGEA8q_ZsHdQ&u=%7COVSA7AGAYZ46M1YW%2FzpD%2BNRSwclh25QhA6l0R1Ur6SM%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdqr7txT5h5pBFO8QuUxv-3SzL3P7oF5e4is0ojtsn2zHULyu-rEp_4eKUm0Vln25yFFKEBzby2_CSCwukQCb8P3iqF4ILNQtHg589wVRk11BLvSP9f2WjFgFX6M401Rfq9RDkvtScW3AcaXCrsRVV3VjAghzwx21LejdAbsqaEh2hBsqdC-moy2CbNaT62wJvSVInPvIZMzeUn5gNoG5LJhTVYZ3Sdu5v4M216_6Rzm-Mh7JeNknxUpqZOpNrLfLlk9P6dQWkTBAF4xLRHy8wP_Vit_xw0k76TGYNV2idRWyqCXQCIAjQEH2ElyS_aHgUgRvAgf6evLRsVD-DsrezXXUI8-atT4avJgumO5gq16Wwo7DVt0uijPyR0YN_NPXZnHRDHRO3wUipLS89C0c8hfZP_0UdWpqciV35jZoBlk-U_8639DQ9cO8JNnNzAnzpe9vwcRPShdigqSVUt8mGWS0hqzPRt5Euh-yYh0Mz6YRzHIiDSfltKURDC2BHBM_GYOhc2De1t0sBNGzOxpEszWXMaO1NF1SHYFe7voBnl4LhW6sXPJmPhtDfqg7_6NgEUkFDgkKORoLBNoTyfRphNHqe_t4Bu95Y&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvq3hofIQZfGYIb6QiM0PoqC16AbJntKxXNWdkfdwwI23ARABIABg9e2ygfwDggEXY2EtcHViLTQwNzA1MDI0OTM2NTM0NzTIAQmpAmExRh9x37E-qAMByAMCqgTdAU_QvUVw3k4hvxNzxs7ixsNMfmSmDuPLQIw27eZLq4HV3cgGcxkmOKgK6Ggbx8QXSK9UkC9_sVJJxUXLWKrGcIxP6__fu98Bneq-N3mVLR6lPYHQIoRsNRkCzCdFpouiGZQQfbKlL1JDgLMkVsvwC5p9QOSYLrn25UuVoNM9bmywdz-FzHnv4_1w4vY2z7qzemP2PAWEkV1PHDPR_zL8gFRs96gqK833_fgbfIqPT2p-G8f5y1ERjzOdkKXWjuigYY6Y1Fc1YHSgdOqgCRtrOUKOlFKdyTYGLN89diiWgAbL37_7l8yi9RegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3yy14nGwXjb-h43HKvt-80EvllSQ%26client%3Dca-pub-4070502493653474%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 02:38:27 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Thu, 19 Sep 2024 02:38:27 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 5351 		293 B
622 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRDyoQAITHEDogg-AA1QInlocjKGEA8q_ZsHdQ&u=%7COVSA7AGAYZ46M1YW%2FzpD%2BNRSwclh25QhA6l0R1Ur6SM%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdqr7txT5h5pBFO8QuUxv-3SzL3P7oF5e4is0ojtsn2zHULyu-rEp_4eKUm0Vln25yFFKEBzby2_CSCwukQCb8P3iqF4ILNQtHg589wVRk11BLvSP9f2WjFgFX6M401Rfq9RDkvtScW3AcaXCrsRVV3VjAghzwx21LejdAbsqaEh2hBsqdC-moy2CbNaT62wJvSVInPvIZMzeUn5gNoG5LJhTVYZ3Sdu5v4M216_6Rzm-Mh7JeNknxUpqZOpNrLfLlk9P6dQWkTBAF4xLRHy8wP_Vit_xw0k76TGYNV2idRWyqCXQCIAjQEH2ElyS_aHgUgRvAgf6evLRsVD-DsrezXXUI8-atT4avJgumO5gq16Wwo7DVt0uijPyR0YN_NPXZnHRDHRO3wUipLS89C0c8hfZP_0UdWpqciV35jZoBlk-U_8639DQ9cO8JNnNzAnzpe9vwcRPShdigqSVUt8mGWS0hqzPRt5Euh-yYh0Mz6YRzHIiDSfltKURDC2BHBM_GYOhc2De1t0sBNGzOxpEszWXMaO1NF1SHYFe7voBnl4LhW6sXPJmPhtDfqg7_6NgEUkFDgkKORoLBNoTyfRphNHqe_t4Bu95Y&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvq3hofIQZfGYIb6QiM0PoqC16AbJntKxXNWdkfdwwI23ARABIABg9e2ygfwDggEXY2EtcHViLTQwNzA1MDI0OTM2NTM0NzTIAQmpAmExRh9x37E-qAMByAMCqgTdAU_QvUVw3k4hvxNzxs7ixsNMfmSmDuPLQIw27eZLq4HV3cgGcxkmOKgK6Ggbx8QXSK9UkC9_sVJJxUXLWKrGcIxP6__fu98Bneq-N3mVLR6lPYHQIoRsNRkCzCdFpouiGZQQfbKlL1JDgLMkVsvwC5p9QOSYLrn25UuVoNM9bmywdz-FzHnv4_1w4vY2z7qzemP2PAWEkV1PHDPR_zL8gFRs96gqK833_fgbfIqPT2p-G8f5y1ERjzOdkKXWjuigYY6Y1Fc1YHSgdOqgCRtrOUKOlFKdyTYGLN89diiWgAbL37_7l8yi9RegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3yy14nGwXjb-h43HKvt-80EvllSQ%26client%3Dca-pub-4070502493653474%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 02:38:27 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Thu, 19 Sep 2024 02:38:27 GMT
lg.php
cat.fr3.eu.criteo.com/delivery/ Frame 5351 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.fr3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=aIiUCeB4GPp5eeWa86Eto_3re5_4YrJYYHp8nNj3QeRX8TjbtbOxKBzfepiYxZRvz1gbMLGGSoj_GKCPwgDN3rJHi3u35Ywv3EWX01jNtQW_S2_p-IBPYyDhcOg8aG8gTHhr5N2HCI3Sac1n_EzLi3T15jHmzw6lXlHlkRj7KG60ru5Iyc3IgHFOJQI-tbjQ_X7GmxWULcO8hsguM7A35NrNSo703leFM_7lYiruZBRDcF9S5eWJ2ZQu4LDXXX8X63q8J_7KbRMlpP4SKNB32cNjLDrvlh9ifF_ZCAz-1dNM4oT5rJZLwVhQ592_UFicZME-7_GKRgT3z-WWcmHOMo6pcLKVw7oCu6_DTp_wxBQF77DcxdKUjJ1wsafDwPX_7horYIUpCk4Or5BoZgQyrLFWHGDQEnuW7NGx08ItA82GP8Ibd5150fBAojhyqlafVS2XDw
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRDyoQAITHEDogg-AA1QInlocjKGEA8q_ZsHdQ&u=%7COVSA7AGAYZ46M1YW%2FzpD%2BNRSwclh25QhA6l0R1Ur6SM%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdqr7txT5h5pBFO8QuUxv-3SzL3P7oF5e4is0ojtsn2zHULyu-rEp_4eKUm0Vln25yFFKEBzby2_CSCwukQCb8P3iqF4ILNQtHg589wVRk11BLvSP9f2WjFgFX6M401Rfq9RDkvtScW3AcaXCrsRVV3VjAghzwx21LejdAbsqaEh2hBsqdC-moy2CbNaT62wJvSVInPvIZMzeUn5gNoG5LJhTVYZ3Sdu5v4M216_6Rzm-Mh7JeNknxUpqZOpNrLfLlk9P6dQWkTBAF4xLRHy8wP_Vit_xw0k76TGYNV2idRWyqCXQCIAjQEH2ElyS_aHgUgRvAgf6evLRsVD-DsrezXXUI8-atT4avJgumO5gq16Wwo7DVt0uijPyR0YN_NPXZnHRDHRO3wUipLS89C0c8hfZP_0UdWpqciV35jZoBlk-U_8639DQ9cO8JNnNzAnzpe9vwcRPShdigqSVUt8mGWS0hqzPRt5Euh-yYh0Mz6YRzHIiDSfltKURDC2BHBM_GYOhc2De1t0sBNGzOxpEszWXMaO1NF1SHYFe7voBnl4LhW6sXPJmPhtDfqg7_6NgEUkFDgkKORoLBNoTyfRphNHqe_t4Bu95Y&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvq3hofIQZfGYIb6QiM0PoqC16AbJntKxXNWdkfdwwI23ARABIABg9e2ygfwDggEXY2EtcHViLTQwNzA1MDI0OTM2NTM0NzTIAQmpAmExRh9x37E-qAMByAMCqgTdAU_QvUVw3k4hvxNzxs7ixsNMfmSmDuPLQIw27eZLq4HV3cgGcxkmOKgK6Ggbx8QXSK9UkC9_sVJJxUXLWKrGcIxP6__fu98Bneq-N3mVLR6lPYHQIoRsNRkCzCdFpouiGZQQfbKlL1JDgLMkVsvwC5p9QOSYLrn25UuVoNM9bmywdz-FzHnv4_1w4vY2z7qzemP2PAWEkV1PHDPR_zL8gFRs96gqK833_fgbfIqPT2p-G8f5y1ERjzOdkKXWjuigYY6Y1Fc1YHSgdOqgCRtrOUKOlFKdyTYGLN89diiWgAbL37_7l8yi9RegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3yy14nGwXjb-h43HKvt-80EvllSQ%26client%3Dca-pub-4070502493653474%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Sep 2023 02:38:26 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2347368
expires
Mon, 26 Jul 1997 05:00:00 GMT
ad7ede8f9fed4690ad2e9f04c78fe533_image_ad_160x600.jpeg
static.criteo.net/design/dt/92327/4936818/ Frame 5351 		73 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/design/dt/92327/4936818/ad7ede8f9fed4690ad2e9f04c78fe533_image_ad_160x600.jpeg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRDyoQAITHEDogg-AA1QInlocjKGEA8q_ZsHdQ&u=%7COVSA7AGAYZ46M1YW%2FzpD%2BNRSwclh25QhA6l0R1Ur6SM%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdqr7txT5h5pBFO8QuUxv-3SzL3P7oF5e4is0ojtsn2zHULyu-rEp_4eKUm0Vln25yFFKEBzby2_CSCwukQCb8P3iqF4ILNQtHg589wVRk11BLvSP9f2WjFgFX6M401Rfq9RDkvtScW3AcaXCrsRVV3VjAghzwx21LejdAbsqaEh2hBsqdC-moy2CbNaT62wJvSVInPvIZMzeUn5gNoG5LJhTVYZ3Sdu5v4M216_6Rzm-Mh7JeNknxUpqZOpNrLfLlk9P6dQWkTBAF4xLRHy8wP_Vit_xw0k76TGYNV2idRWyqCXQCIAjQEH2ElyS_aHgUgRvAgf6evLRsVD-DsrezXXUI8-atT4avJgumO5gq16Wwo7DVt0uijPyR0YN_NPXZnHRDHRO3wUipLS89C0c8hfZP_0UdWpqciV35jZoBlk-U_8639DQ9cO8JNnNzAnzpe9vwcRPShdigqSVUt8mGWS0hqzPRt5Euh-yYh0Mz6YRzHIiDSfltKURDC2BHBM_GYOhc2De1t0sBNGzOxpEszWXMaO1NF1SHYFe7voBnl4LhW6sXPJmPhtDfqg7_6NgEUkFDgkKORoLBNoTyfRphNHqe_t4Bu95Y&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvq3hofIQZfGYIb6QiM0PoqC16AbJntKxXNWdkfdwwI23ARABIABg9e2ygfwDggEXY2EtcHViLTQwNzA1MDI0OTM2NTM0NzTIAQmpAmExRh9x37E-qAMByAMCqgTdAU_QvUVw3k4hvxNzxs7ixsNMfmSmDuPLQIw27eZLq4HV3cgGcxkmOKgK6Ggbx8QXSK9UkC9_sVJJxUXLWKrGcIxP6__fu98Bneq-N3mVLR6lPYHQIoRsNRkCzCdFpouiGZQQfbKlL1JDgLMkVsvwC5p9QOSYLrn25UuVoNM9bmywdz-FzHnv4_1w4vY2z7qzemP2PAWEkV1PHDPR_zL8gFRs96gqK833_fgbfIqPT2p-G8f5y1ERjzOdkKXWjuigYY6Y1Fc1YHSgdOqgCRtrOUKOlFKdyTYGLN89diiWgAbL37_7l8yi9RegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3yy14nGwXjb-h43HKvt-80EvllSQ%26client%3Dca-pub-4070502493653474%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
2f021144aeb4ca4c4f73895b81b1e6539c6b2e6e987158eec2406698b4943e24
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 02:38:27 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 01 Sep 2023 06:30:10 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"64f184f2-1236e"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
74606
expires
Thu, 19 Sep 2024 02:38:27 GMT
all
csm.eu.criteo.net/ Frame 5351 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=WSnRYSFuWSg7HfRBDnOZsF_YaB7bE1fhnEeF4Ph1wvftk8NVpGt6A-ErrqhlwXo1wo4Ivxi8_dBjnDP_5VopbBMLiFGyi4ODkQuZ7-fvWzf2ED7QfTLTVj4h3uczY6GpJW7D-TYbBgmJOtseWkHh35Bxydqb9ZvyJG4MwMU0bP4fQ9Kl9Y1wH_RDtehne6nFCq2Ip3WTV7XxVoimeJtL2k6teUIS0cLGw-zJ-Kxe-Ms2_GREjTefXbq2VXMgVhXLrh4BzQ&sds=2&rev=88356&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRDyoQAITHEDogg-AA1QInlocjKGEA8q_ZsHdQ&u=%7COVSA7AGAYZ46M1YW%2FzpD%2BNRSwclh25QhA6l0R1Ur6SM%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdqr7txT5h5pBFO8QuUxv-3SzL3P7oF5e4is0ojtsn2zHULyu-rEp_4eKUm0Vln25yFFKEBzby2_CSCwukQCb8P3iqF4ILNQtHg589wVRk11BLvSP9f2WjFgFX6M401Rfq9RDkvtScW3AcaXCrsRVV3VjAghzwx21LejdAbsqaEh2hBsqdC-moy2CbNaT62wJvSVInPvIZMzeUn5gNoG5LJhTVYZ3Sdu5v4M216_6Rzm-Mh7JeNknxUpqZOpNrLfLlk9P6dQWkTBAF4xLRHy8wP_Vit_xw0k76TGYNV2idRWyqCXQCIAjQEH2ElyS_aHgUgRvAgf6evLRsVD-DsrezXXUI8-atT4avJgumO5gq16Wwo7DVt0uijPyR0YN_NPXZnHRDHRO3wUipLS89C0c8hfZP_0UdWpqciV35jZoBlk-U_8639DQ9cO8JNnNzAnzpe9vwcRPShdigqSVUt8mGWS0hqzPRt5Euh-yYh0Mz6YRzHIiDSfltKURDC2BHBM_GYOhc2De1t0sBNGzOxpEszWXMaO1NF1SHYFe7voBnl4LhW6sXPJmPhtDfqg7_6NgEUkFDgkKORoLBNoTyfRphNHqe_t4Bu95Y&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvq3hofIQZfGYIb6QiM0PoqC16AbJntKxXNWdkfdwwI23ARABIABg9e2ygfwDggEXY2EtcHViLTQwNzA1MDI0OTM2NTM0NzTIAQmpAmExRh9x37E-qAMByAMCqgTdAU_QvUVw3k4hvxNzxs7ixsNMfmSmDuPLQIw27eZLq4HV3cgGcxkmOKgK6Ggbx8QXSK9UkC9_sVJJxUXLWKrGcIxP6__fu98Bneq-N3mVLR6lPYHQIoRsNRkCzCdFpouiGZQQfbKlL1JDgLMkVsvwC5p9QOSYLrn25UuVoNM9bmywdz-FzHnv4_1w4vY2z7qzemP2PAWEkV1PHDPR_zL8gFRs96gqK833_fgbfIqPT2p-G8f5y1ERjzOdkKXWjuigYY6Y1Fc1YHSgdOqgCRtrOUKOlFKdyTYGLN89diiWgAbL37_7l8yi9RegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3yy14nGwXjb-h43HKvt-80EvllSQ%26client%3Dca-pub-4070502493653474%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.17 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 25 Sep 2023 02:38:26 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 5351 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRDyoQAITHEDogg-AA1QInlocjKGEA8q_ZsHdQ&u=%7COVSA7AGAYZ46M1YW%2FzpD%2BNRSwclh25QhA6l0R1Ur6SM%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdqr7txT5h5pBFO8QuUxv-3SzL3P7oF5e4is0ojtsn2zHULyu-rEp_4eKUm0Vln25yFFKEBzby2_CSCwukQCb8P3iqF4ILNQtHg589wVRk11BLvSP9f2WjFgFX6M401Rfq9RDkvtScW3AcaXCrsRVV3VjAghzwx21LejdAbsqaEh2hBsqdC-moy2CbNaT62wJvSVInPvIZMzeUn5gNoG5LJhTVYZ3Sdu5v4M216_6Rzm-Mh7JeNknxUpqZOpNrLfLlk9P6dQWkTBAF4xLRHy8wP_Vit_xw0k76TGYNV2idRWyqCXQCIAjQEH2ElyS_aHgUgRvAgf6evLRsVD-DsrezXXUI8-atT4avJgumO5gq16Wwo7DVt0uijPyR0YN_NPXZnHRDHRO3wUipLS89C0c8hfZP_0UdWpqciV35jZoBlk-U_8639DQ9cO8JNnNzAnzpe9vwcRPShdigqSVUt8mGWS0hqzPRt5Euh-yYh0Mz6YRzHIiDSfltKURDC2BHBM_GYOhc2De1t0sBNGzOxpEszWXMaO1NF1SHYFe7voBnl4LhW6sXPJmPhtDfqg7_6NgEUkFDgkKORoLBNoTyfRphNHqe_t4Bu95Y&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvq3hofIQZfGYIb6QiM0PoqC16AbJntKxXNWdkfdwwI23ARABIABg9e2ygfwDggEXY2EtcHViLTQwNzA1MDI0OTM2NTM0NzTIAQmpAmExRh9x37E-qAMByAMCqgTdAU_QvUVw3k4hvxNzxs7ixsNMfmSmDuPLQIw27eZLq4HV3cgGcxkmOKgK6Ggbx8QXSK9UkC9_sVJJxUXLWKrGcIxP6__fu98Bneq-N3mVLR6lPYHQIoRsNRkCzCdFpouiGZQQfbKlL1JDgLMkVsvwC5p9QOSYLrn25UuVoNM9bmywdz-FzHnv4_1w4vY2z7qzemP2PAWEkV1PHDPR_zL8gFRs96gqK833_fgbfIqPT2p-G8f5y1ERjzOdkKXWjuigYY6Y1Fc1YHSgdOqgCRtrOUKOlFKdyTYGLN89diiWgAbL37_7l8yi9RegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3yy14nGwXjb-h43HKvt-80EvllSQ%26client%3Dca-pub-4070502493653474%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 02:38:27 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 19 Sep 2024 02:38:27 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 5351 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRDyoQAITHEDogg-AA1QInlocjKGEA8q_ZsHdQ&u=%7COVSA7AGAYZ46M1YW%2FzpD%2BNRSwclh25QhA6l0R1Ur6SM%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdqr7txT5h5pBFO8QuUxv-3SzL3P7oF5e4is0ojtsn2zHULyu-rEp_4eKUm0Vln25yFFKEBzby2_CSCwukQCb8P3iqF4ILNQtHg589wVRk11BLvSP9f2WjFgFX6M401Rfq9RDkvtScW3AcaXCrsRVV3VjAghzwx21LejdAbsqaEh2hBsqdC-moy2CbNaT62wJvSVInPvIZMzeUn5gNoG5LJhTVYZ3Sdu5v4M216_6Rzm-Mh7JeNknxUpqZOpNrLfLlk9P6dQWkTBAF4xLRHy8wP_Vit_xw0k76TGYNV2idRWyqCXQCIAjQEH2ElyS_aHgUgRvAgf6evLRsVD-DsrezXXUI8-atT4avJgumO5gq16Wwo7DVt0uijPyR0YN_NPXZnHRDHRO3wUipLS89C0c8hfZP_0UdWpqciV35jZoBlk-U_8639DQ9cO8JNnNzAnzpe9vwcRPShdigqSVUt8mGWS0hqzPRt5Euh-yYh0Mz6YRzHIiDSfltKURDC2BHBM_GYOhc2De1t0sBNGzOxpEszWXMaO1NF1SHYFe7voBnl4LhW6sXPJmPhtDfqg7_6NgEUkFDgkKORoLBNoTyfRphNHqe_t4Bu95Y&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvq3hofIQZfGYIb6QiM0PoqC16AbJntKxXNWdkfdwwI23ARABIABg9e2ygfwDggEXY2EtcHViLTQwNzA1MDI0OTM2NTM0NzTIAQmpAmExRh9x37E-qAMByAMCqgTdAU_QvUVw3k4hvxNzxs7ixsNMfmSmDuPLQIw27eZLq4HV3cgGcxkmOKgK6Ggbx8QXSK9UkC9_sVJJxUXLWKrGcIxP6__fu98Bneq-N3mVLR6lPYHQIoRsNRkCzCdFpouiGZQQfbKlL1JDgLMkVsvwC5p9QOSYLrn25UuVoNM9bmywdz-FzHnv4_1w4vY2z7qzemP2PAWEkV1PHDPR_zL8gFRs96gqK833_fgbfIqPT2p-G8f5y1ERjzOdkKXWjuigYY6Y1Fc1YHSgdOqgCRtrOUKOlFKdyTYGLN89diiWgAbL37_7l8yi9RegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3yy14nGwXjb-h43HKvt-80EvllSQ%26client%3Dca-pub-4070502493653474%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 02:38:27 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 19 Sep 2024 02:38:27 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 0D43 		0
133 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=ChwjoofIQZeuEIdmK7APmkKyQCM_ZtZNczPrvubQJwI23ARABIABg9e2ygfwDggEXY2EtcHViLTQwNzA1MDI0OTM2NTM0NzTIAQmpAkpI81cYLYM-qAMByAMCqgThAU_QZibD0tSvnEfo-nJD6inPHJr41YtvVxvpqIhdkkxe0Z25snPMGFtadnhKwlVyOjcP6PTCWXNLuIrBe2WseTLFaJc22tg-6XKAwd5WTFhuTZo9AmA-0-UkUfK1ur_-wDxi3q5bvfHPQ1sbYUn9dHGd_mH8NBET1lCZYkkTOfrpeTmXauVldmo70o5TDwOFOpGi9WlMiE_Ge_UkJMn2_ikwEwD2ujkJ3Rk9UUWvAFRP3VIeVwmea3TEgM6xbY2SIc-yq50lk-C3Wj4UcckAiy7UDeEnUHH0YUxxzuxApIDqPIAGtO_Vz8OF86h4oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOoAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi00MDcwNTAyNDkzNjUzNDc0GAA&sigh=FiRmgbbo4Qk&uach_m=[UACH]&cid=CAQSGwBpAlJWQdITMXMGEb26mCksQih4ZKOl8nGa1RgB&cbvp=2&vis=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4070502493653474&output=html&h=90&adk=3669304273&adf=1363183586&w=728&lmt=1695602305&format=728x90&url=https%3A%2F%2Fnotes.io%2FqRW7P&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695609505105&bpp=1&bdt=616&idt=294&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x200&correlator=7478562174352&frm=20&pv=1&ga_vid=1671426387.1695609505&ga_sid=1695609505&ga_hid=1267263139&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=430&ady=2272&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076838%2C31077701%2C42531706%2C44798321&oid=2&pvsid=2556140066144216&tmod=101447046&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CoeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=KRUSh83pBk&p=https%3A//notes.io&dtd=297
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4070502493653474&output=html&h=90&adk=3669304273&adf=1363183586&w=728&lmt=1695602305&format=728x90&url=https%3A%2F%2Fnotes.io%2FqRW7P&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695609505105&bpp=1&bdt=616&idt=294&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x200&correlator=7478562174352&frm=20&pv=1&ga_vid=1671426387.1695609505&ga_sid=1695609505&ga_hid=1267263139&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=430&ady=2272&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076838%2C31077701%2C42531706%2C44798321&oid=2&pvsid=2556140066144216&tmod=101447046&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CoeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=KRUSh83pBk&p=https%3A//notes.io&dtd=297
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 25 Sep 2023 02:38:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230920&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
9d4f1ba8d479d78ec0d8e1ca5bd2e8940f6d69be96d54425d7988c1ba0fcb9e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://notes.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 02:38:27 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12146
x-xss-protection
0
rum
notes.io/cdn-cgi/ 		0
199 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://notes.io/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 , Italy, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://notes.io/qRW7P
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json

Response headers

date
Mon, 25 Sep 2023 02:38:27 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://notes.io
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
80bfe41d8e9eb0dc-ATL
truncated
/ Frame B0A3 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4d4936373a86c1be48153275999e9fe232c0d3fb5357ed57ee77188726e3045d

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
adview
googleads.g.doubleclick.net/pagead/ Frame B0A3 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=Cr7dcofIQZfGYIb6QiM0PoqC16AbJntKxXNWdkfdwwI23ARABIABg9e2ygfwDggEXY2EtcHViLTQwNzA1MDI0OTM2NTM0NzTIAQmpAmExRh9x37E-qAMByAMCqgTaAU_QvUVw3k4hvxNzxs7ixsNMfmSmDuPLQIw27eZLq4HV3cgGcxkmOKgK6Ggbx8QXSK9UkC9_sVJJxUXLWKrGcIxP6__fu98Bneq-N3mVLR6lPYHQIoRsNRkCzCdFpouiGZQQfbKlL1JDgLMkVsvwC5p9QOSYLrn25UuVoNM9bmywdz-FzHnv4_1w4vY2z7qzemP2PAWEkV1PHDPR_zL8gFRs96gqK833_fgbfIqPT2p-G8f5yxMTrqEdA3XrKDiHuwK4PfM7R34WfsS4i6-jBOR8K0yx0a7MuP_UgAbL37_7l8yi9RegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6gAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTQwNzA1MDI0OTM2NTM0NzQYAA&sigh=xfORcBHMda0&uach_m=[UACH]&cid=CAQSGwBpAlJWarDqTM6hrkDnQ6uJL4Rnw0tdLee0rhgB&cbvp=2&vis=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 25 Sep 2023 02:38:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
notify
rtb.nl3.eu.criteo.com/google/auction/ Frame B0A3 		0
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=kIv1F6KCMKAB2ASdg2ICAgAAANgXy94ZlmhUEKDyEGWePCI-EDOUGx_GAAASAAAKCkFRVURBUUVCQVE&wp=ZRDyoQAITHEDogg-AA1QInlocjKGEA8q_ZsHdQ&cbvp=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 02:38:26 GMT
strict-transport-security
max-age=31536000; preload;
server-processing-duration-in-ticks
148920
server
Kestrel
content-length
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://notes.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 02:38:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 25 Sep 2023 02:38:27 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 361E 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://notes.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
27645
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 24 Sep 2023 18:57:42 GMT
expires
Mon, 23 Sep 2024 18:57:42 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame DA55 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f4.1e100.net
Software
GSE /
Resource Hash
d4181940c054b32e2865eff66e1b2d2fddd68237763dc52c8a5275c2326dbd3f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-jukQErSJlP7ZwEvXPxevOg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://notes.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-jukQErSJlP7ZwEvXPxevOg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 25 Sep 2023 02:38:28 GMT
expires
Mon, 25 Sep 2023 02:38:28 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
tGcDLxZnxcZjneq6ZTfMhLSKmVRaNAcBIKHxIKG0fIc.js
pagead2.googlesyndication.com/bg/ Frame 361E 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/tGcDLxZnxcZjneq6ZTfMhLSKmVRaNAcBIKHxIKG0fIc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
sffe /
Resource Hash
b467032f1667c5c6639deaba6537cc84b48a99545a34070120a1f120a1b47c87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 24 Sep 2023 21:48:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
17370
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14772
x-xss-protection
0
last-modified
Mon, 18 Sep 2023 15:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 23 Sep 2024 21:48:58 GMT
generate_204
tpc.googlesyndication.com/ Frame 361E 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?oXJjJg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 02:38:28 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame DA55 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230920&jk=2556140066144216&rc=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame B0A3 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvTNfO0yJ3QaryTMXZeY2cyp-8PvJ1_GnJCEW5VoQYppAkgsNF6FXa-QwyhSTFTRC0_-izL-luuHpucS9F5YrSjSoaScJwLt2XcgSE&sig=Cg0ArKJSzMVNOFE_bGyMEAE&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230920&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1695609506358&rpt=140&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Sep 2023 02:38:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
all
csm.eu.criteo.net/ Frame 5351 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=WSnRYSFuWSg7HfRBDnOZsF_YaB7bE1fhnEeF4Ph1wvftk8NVpGt6A-ErrqhlwXo1wo4Ivxi8_dBjnDP_5VopbBMLiFGyi4ODkQuZ7-fvWzf2ED7QfTLTVj4h3uczY6GpJW7D-TYbBgmJOtseWkHh35Bxydqb9ZvyJG4MwMU0bP4fQ9Kl9Y1wH_RDtehne6nFCq2Ip3WTV7XxVoimeJtL2k6teUIS0cLGw-zJ-Kxe-Ms2_GREjTefXbq2VXMgVhXLrh4BzQ&sds=2&rev=88356&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRDyoQAITHEDogg-AA1QInlocjKGEA8q_ZsHdQ&u=%7COVSA7AGAYZ46M1YW%2FzpD%2BNRSwclh25QhA6l0R1Ur6SM%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdqr7txT5h5pBFO8QuUxv-3SzL3P7oF5e4is0ojtsn2zHULyu-rEp_4eKUm0Vln25yFFKEBzby2_CSCwukQCb8P3iqF4ILNQtHg589wVRk11BLvSP9f2WjFgFX6M401Rfq9RDkvtScW3AcaXCrsRVV3VjAghzwx21LejdAbsqaEh2hBsqdC-moy2CbNaT62wJvSVInPvIZMzeUn5gNoG5LJhTVYZ3Sdu5v4M216_6Rzm-Mh7JeNknxUpqZOpNrLfLlk9P6dQWkTBAF4xLRHy8wP_Vit_xw0k76TGYNV2idRWyqCXQCIAjQEH2ElyS_aHgUgRvAgf6evLRsVD-DsrezXXUI8-atT4avJgumO5gq16Wwo7DVt0uijPyR0YN_NPXZnHRDHRO3wUipLS89C0c8hfZP_0UdWpqciV35jZoBlk-U_8639DQ9cO8JNnNzAnzpe9vwcRPShdigqSVUt8mGWS0hqzPRt5Euh-yYh0Mz6YRzHIiDSfltKURDC2BHBM_GYOhc2De1t0sBNGzOxpEszWXMaO1NF1SHYFe7voBnl4LhW6sXPJmPhtDfqg7_6NgEUkFDgkKORoLBNoTyfRphNHqe_t4Bu95Y&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvq3hofIQZfGYIb6QiM0PoqC16AbJntKxXNWdkfdwwI23ARABIABg9e2ygfwDggEXY2EtcHViLTQwNzA1MDI0OTM2NTM0NzTIAQmpAmExRh9x37E-qAMByAMCqgTdAU_QvUVw3k4hvxNzxs7ixsNMfmSmDuPLQIw27eZLq4HV3cgGcxkmOKgK6Ggbx8QXSK9UkC9_sVJJxUXLWKrGcIxP6__fu98Bneq-N3mVLR6lPYHQIoRsNRkCzCdFpouiGZQQfbKlL1JDgLMkVsvwC5p9QOSYLrn25UuVoNM9bmywdz-FzHnv4_1w4vY2z7qzemP2PAWEkV1PHDPR_zL8gFRs96gqK833_fgbfIqPT2p-G8f5y1ERjzOdkKXWjuigYY6Y1Fc1YHSgdOqgCRtrOUKOlFKdyTYGLN89diiWgAbL37_7l8yi9RegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3yy14nGwXjb-h43HKvt-80EvllSQ%26client%3Dca-pub-4070502493653474%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.17 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 25 Sep 2023 02:38:27 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230920&jk=2556140066144216&bg=!mpmlmdbNAAYrDsWMCw47ADQBe5WfOGifUYy7KZXlBmI7cBDPLcjcWtOnn8g6Udy9kbcB6yBC8-JyAnT4lXKn_QLPSIMTAgAAAEhSAAAAF2gBBwoAOaI0b_urroBbtNZ85en0_jCHkuobaBaaKx5iVrAbdMCgk9q7ksDm0V2gT6Yx1absuasDzuEnN6Y0VZkCv6KZ9twTnAUjoyq7gKJQxLMqJ_QX4f1SW9NqyLxcvfYpusim9Gxl2t59tdZaMCVypHRO7zbeXXHZx_XIssIbI_dylPkmUq6sL6Bybk03ZcFH5T7-PkHbBwtYfMlqKznjoA0zinDdLRqZVFsfGrI0h5lCLMZXCHskDtb00TA8UJgwQ7R606nyWpQ3ztbrZRT5MCFXWX5KuqF0dRCiskGpVivni0iPeA1Xv7e2vKa_oObP-R_D9PThWsVh12CTpUxWBd4y1IlSHccsbuxPbCgEm_zzxV_ABy2y2sADy20NdnS96dNb2AfqE33fjV_0g1gRdCXFcvQiSE3moRST9tBn6WMj0HifMiFnSqGIwrKTjxrCc9GdOCLxqn6ljiHd2e9stAMSIRKuWaSqM6ozlwHt0gaw04mSVsMdju_3JzyDPsR5O7Ldi8MghkvTLOZ_xeOi4Dm3ahZ4z9SC3Cvw6CuWUAaMw5L6pPayoHr5IJMdgy6OqPoPLmVXV556nX-84-gWgU0LZtK0w5RA7uNxtl2R6GIPLVWNjlQqxNRvN_eB23SL1KOZPFKDPee0VAqUVj3jO10mrNHBpbizLI9cSqodzIOyxAQe5eZdWUnRbXCHbZ9CUSjd6LdzEE9mTXtwLigtSHu3nx83W1f2zA5utdz8cprDJlsO62ZBj_fSmJk9RaDG7n4kpcFm9scO_aQql3DIjbBSfz8cEapLUPcZYB8WElj8aiQA-aiuE583vkvcY97B_JPdnC5f931KlRbXOb79XSEdgPmVBw3KEP4ueM8vTKT6dXsHWQnoj39fvsEn-HsOhh29jf5tYLMWD6iEYWsXuMLCJ3q39lAmM-7AQIfOxW6yo6nRtRza4qLlVmPUW53RLrZxwFPs6MHC6K63INMujn7z9BPRoAZWXcPwjT3nCTkuPB7_73SBn0SH1hqLTfU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://notes.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

52 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| documentPictureInPicture object| adsbygoogle object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots boolean| google_apltlad function| google_spfd number| google_unique_id object| google_sv_map string| google_user_agent_client_hint function| $ function| jQuery function| popUp function| copyToTextOutFunc function| copyToText function| setCookie function| getCookie function| checkCookie function| gtag object| dataLayer object| google_tag_manager object| __cfBeacon number| google_rum_task_id_counter object| jQuery112409124681964884471 object| gaGlobal function| google_sa_impl boolean| _gfp_p_ number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| google_llp object| googletag object| GoogleGcLKhOms object| google_image_requests

13 Cookies

Domain/Path Name / Value
notes.io/ Name: PHPSESSID
Value: ksrfqfpl9r3t7enlvjste00slv
.notes.io/ Name: _ga_H0XVNMGVTV
Value: GS1.1.1695609505.1.0.1695609505.60.0.0
.notes.io/ Name: _ga
Value: GA1.1.1671426387.1695609505
.notes.io/ Name: __gads
Value: ID=fb1e97a5d2261a6a-22c89b7193de0006:T=1695609505:RT=1695609505:S=ALNI_MaJ4GJF79HRUUXvmaNtWKWal19m5A
.notes.io/ Name: __gpi
Value: UID=00000c83515c461a:T=1695609505:RT=1695609505:S=ALNI_MYPhvZIRMVNRKG04SsXG0_81ah8uw
.adform.net/ Name: C
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUmZt7GF2d_koqJoRYlOYSLv8t1RJBiqvz2Z5mhF7i3zUIRcizkEhDMVGAhoxDM
.adform.net/ Name: uid
Value: 29644143329161935
.adform.net/ Name: TPC
Value: 1695609506453
cct.shop.post.ch/ Name: PHPSESSID
Value: 741dv66jjsaf7bf8ullu9buooo
.post.ch/ Name: ppv2439
Value: 2023092504382632681474313X116404V2439174827F
inter.ch.kuhnrikon.com/ Name: PHPSESSID
Value: lk87du0eeh74kskh35s5io4pga
.inter.ch.kuhnrikon.com/ Name: ppv2451
Value: 2023092504382732681474315X116404V2451174915BSpv10522290

1 Console Messages

Source Level URL
Text
other warning
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.eu.criteo.com
assets.bly.ch
cat.fr3.eu.criteo.com
cct.shop.post.ch
csm.eu.criteo.net
dash.ct0.ch
googleads.g.doubleclick.net
inter.ch.kuhnrikon.com
notes.io
pagead2.googlesyndication.com
partner.googleadservices.com
region1.analytics.google.com
rtb.nl3.eu.criteo.com
s1.adform.net
static.cloudflareinsights.com
static.criteo.net
stats.g.doubleclick.net
tpc.googlesyndication.com
track.adform.net
www.adtracker.ch
www.google.ch
www.google.com
www.googletagmanager.com
www.googletagservices.com
104.16.57.101
138.201.13.253
142.250.185.162
142.250.185.226
142.250.185.232
142.250.186.132
142.250.186.65
142.250.74.195
172.217.16.194
172.217.18.2
173.194.76.155
178.250.1.10
178.250.7.17
178.250.7.2
178.250.7.4
178.250.7.9
188.114.97.3
216.239.32.36
37.157.4.29
37.157.5.73
84.200.5.215
94.130.16.67
011a1aebdf086c6cf9c92c114f9227ff687d51306256031e2029371d0ee4d97c
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e
0b7935c3f61f35b3859886408bc60fee0849a674b7cf18a836b23e89db7f2c4d
0ff68407b71ff03c432cca13da1e5296a765d3e91d2c3f18f356e4be99bebf1c
1750efe32545524d16dfb0ec0e7f27bf1e8f9b3f0e1223e4c09958b9d3897f03
1a48cef259e19dc934a2dbf42aa4ce0fcd2544b890abfee064c1ebc922a3f28e
1d1a0d90b4cfb1d98abf3ecc7b4a372b8285f1a9d905d6587f5f14a16f67a1ba
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2a018a841b6975de20578c7c63607d4529281ae923f4c3ba172cb4d1d5e7c5bc
2c7700b4f17c98726894ffd50bbb33856f758fc61f90ad86829ce84db18e1b10
2f021144aeb4ca4c4f73895b81b1e6539c6b2e6e987158eec2406698b4943e24
2f6bc396d110fdd03709c3abdff243d74ce8047aeb20b19869ec8582d0fa0c4f
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3455ffe2314f116620d28b7f333df276112d895421bc80a117361f3007c79ef5
382bf7b8f9a0f686cae1be6a882f3d588a1dc35d839c0aff0c3c6d9cd365a893
38d388d9c7ac8c0d5e4d6210314e98f5e888456e9ac87614b160c6d9098f07f1
42ae8ff6ab42a1788012299b4be64fa1571d1eab8c6d66be656d02ff10d4285e
4379be5183ca1fab04176123c1006cf4aecd4bc7560782f2e15fcf210c019bb0
46d72aae9d4a3d95505f41765ef9f541d3bde5b21ddfa63ca2ac5b9b2fed6003
4aa9a139f3c1f97a8b564f4165ba8c33e5f6b55a0c1f2646ef57c7bc0e87e26c
4d4936373a86c1be48153275999e9fe232c0d3fb5357ed57ee77188726e3045d
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fbcb3ac2b54766a4469f7cbaddab896205e86532bdb730e07ae2d21e2ed35cd
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5adcaa9cafe32cc7d25b923fb3e5230b75a7be5c2f34797b1ffa5cecedab81cf
5e3483b903087992179e337c5b50d3d1768181543b2615915bb53529190fabee
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
67fd821b8cbf7173173b93ab14e85ec18d6a244a7f5d9389e8048f5d9c38fbdc
6aea16ed3951e79753b35a167f7899eb824d34f0711cf33739da16b54d6848e4
71409f8b486cef6225f67eddcbd21f2731ac72ccc82d3889e71a1cd53f43e09c
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
73bf38e360808e83c5e94f6089326848f56880e84dc21c7ab1cc538e6f2b83c4
7cd13946687442925b2383aeb0273086a585e5d3bc3733de296ca83528d34aa1
7fa824848a15c37307853e4c65d6b1774d4de33b83fc0f4567193443ea0f78ca
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
854a5cc12540c33c5d748da0b9bce95a25c72f9ef7fc4f92bbca033f8df835cc
8d2e3d6d62127384bc1c8b79f750a5dc37ea915c6e3a7c08fda86e2a9b855768
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
91afdb71f29e4a91f6fb9ea0c5c9cdbe42d543c727ebf59f2039286cb1e434d8
91d3239ad47ca0101a089b51ff7c39818a6c5dc9cb8513151245f9f4f3d72df1
9b90937bdac082504869f2e7f5ab0cdae955ca4081694733ffd27a521e90dbaf
9d4f1ba8d479d78ec0d8e1ca5bd2e8940f6d69be96d54425d7988c1ba0fcb9e1
9ee0b01060addead4f3b89403193a9db4b1e7948f05be57a1367c868464f8e71
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e6f4e3b47708f456723686f7229139f65c9590fd610ad4483aa37ab623100e
a5ee2889a6667a9109444c3049d12b00e4d415039b49e07dfec29c91a2911a8d
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a88d92e2876436beeb002b35dd4161535db42e6dd90ebd024ee57e96133fee01
afb2ca57a17df4ec594641ffa0ed6410fb85d072e8105affb26f03811edaafb3
b467032f1667c5c6639deaba6537cc84b48a99545a34070120a1f120a1b47c87
ba3bf985a518064038848ef64cb3bcdf0120868d10e861d9231ac9734c08f821
bf40f3d3dcd31f19de9a2b7da30d13d736eec2900d093fb4d6aa8eda2c2abd40
c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391
c9fc0f3c3f11b6f21cbc598cbfb5ed8cd37358c4eee457acbe2886b8e449d0a0
cd1e65fd03eb5e219a3ea73711a044bbdba580de75e7d0108bc2ce2a99fd73fe
d4181940c054b32e2865eff66e1b2d2fddd68237763dc52c8a5275c2326dbd3f
d6ab241fbbf7c976659bcaa9cbb5c1367d899b47ce4dcd25a58e633dfef1ea7e
d833f6f80bf8752e3030fc195f7745248ce1e18b245051313b68d6a6f8a28dbb
d9e7213bd1de2e07001870ec2470a3347053cd9066ee982022fb597ac5e6001e
db2ba4889dd6b787459213e432032ea294061cedf2b335b423c93e923d36472a
dd43d486434121095a1a87b10d00af75be9b3876da1b100cabdad4fc1ec08699
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e676afbd0ddf8afafc01c7bf13e9ddeee39e6b662ae259f8266090cb785b927e
ee4e500b7f32e3206973ece465318edd8d521b9612c7b8be811d1f006780355b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f57cfe8a95a48688f2f43be56518d6349c0b713e2e2e00df65dfff4253592002
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f67174d2943244fae08bed4e6787e163eeffbd65a5125b29f33c54b27c0db981
fb00fe51694e9a062bdd78d55e256b8b9b512907f1f886c952b1e6184fa4f3f4
fbd3c5938f018a95deb7c9d078d2fa48209f78516d0c5d1cf40bcad47ba2fb9d
fcbe61c8a75836204c74b660cc354dc661afcd19863640940795a901d606bd4d