notes.io Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://notes.io/wt7uU
Submission: On December 24 via manual (December 24th 2023, 9:55:07 am UTC) from DE — Scanned from CH

Summary HTTP 149 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 32 IPs in 5 countries across 18 domains to perform 149 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is notes.io. The Cisco Umbrella rank of the primary domain is 994042.
TLS certificate: Issued by GTS CA 1P5 on November 19th 2023. Valid for: 3 months.

This is the only time notes.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
35	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:3965	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:3::12 2a02:2638:3::12	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
9	2a00:1450:400... 2a00:1450:4001:81c::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2	184.30.17.67 184.30.17.67	16625 (AKAMAI-AS) (AKAMAI-AS)
1	213.227.153.223 213.227.153.223	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	146.75.118.132 146.75.118.132	54113 (FASTLY) (FASTLY)
11	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.1.6 178.250.1.6	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
22	2a02:2638:3::10 2a02:2638:3::10	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:2638:3::1a 2a02:2638:3::1a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	213.227.153.222 213.227.153.222	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
14	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:d::c 2a02:2638:d::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	44.193.136.11 44.193.136.11	14618 (AMAZON-AES) (AMAZON-AES)
2 2	98.98.134.242 98.98.134.242	21859 (ZEN-ECN) (ZEN-ECN)
1	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
2	98.98.134.245 98.98.134.245	21859 (ZEN-ECN) (ZEN-ECN)
1	41.63.96.2 41.63.96.2	22822 (LLNW) (LLNW)
1	18.66.248.112 18.66.248.112	16509 (AMAZON-02) (AMAZON-02)
1	2600:1f14:b4f... 2600:1f14:b4f:4b01:3851:4f93:66e2:747e	16509 (AMAZON-02) (AMAZON-02)
3	3.95.91.14 3.95.91.14	14618 (AMAZON-AES) (AMAZON-AES)
149	32

35 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

notes.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.30.17.67 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-17-67.deploy.static.akamaitechnologies.com

widgets.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.227.153.223 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

b1t-eudc1.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.118.132 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

zem.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a02:2638:3::10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

imageproxy.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.227.153.222 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

b1-eudc1.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:d::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.193.136.11 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-193-136-11.compute-1.amazonaws.com

q.adrta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 98.98.134.242 (United States) 2 redirects

ASN21859 (ZEN-ECN, US)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 98.98.134.245 (United States)

ASN21859 (ZEN-ECN, US)

wins-eu.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 41.63.96.2 (Frankfurt am Main, Germany)

ASN22822 (LLNW, US)
PTR: https-41-63-96-2.hhn.llnw.net

cdn01.basis.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.248.112 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-112.dus51.r.cloudfront.net

pix.adrta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f14:b4f:4b01:3851:4f93:66e2:747e (Boardman, United States)

ASN16509 (AMAZON-02, US)

ipv6.adrta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.95.91.14 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-95-91-14.compute-1.amazonaws.com

adrta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
35	criteo.net static.criteo.net — Cisco Umbrella Rank: 631 imageproxy.eu.criteo.net — Cisco Umbrella Rank: 10143 csm.eu.criteo.net — Cisco Umbrella Rank: 9625	173 KB
35	notes.io notes.io — Cisco Umbrella Rank: 994042	220 KB
20	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 148	308 KB
17	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2693 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1404 www.google.com — Cisco Umbrella Rank: 2	125 KB
16	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 stats.g.doubleclick.net — Cisco Umbrella Rank: 75 cm.g.doubleclick.net — Cisco Umbrella Rank: 219	63 KB
7	adrta.com q.adrta.com — Cisco Umbrella Rank: 3100 pix.adrta.com — Cisco Umbrella Rank: 3864 ipv6.adrta.com — Cisco Umbrella Rank: 3324 adrta.com — Cisco Umbrella Rank: 2159	14 KB
4	sitescout.com 2 redirects pixel-sync.sitescout.com — Cisco Umbrella Rank: 681 wins-eu.sitescout.com — Cisco Umbrella Rank: 34245	1 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	193 KB
3	criteo.com ads.eu.criteo.com — Cisco Umbrella Rank: 9522 cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 10971 rtb.fr3.eu.criteo.com — Cisco Umbrella Rank: 16316	59 KB
2	zemanta.com b1t-eudc1.zemanta.com — Cisco Umbrella Rank: 25865 b1-eudc1.zemanta.com — Cisco Umbrella Rank: 27582	250 B
2	outbrain.com widgets.outbrain.com — Cisco Umbrella Rank: 2138	15 KB
1	basis.net cdn01.basis.net — Cisco Umbrella Rank: 6042	103 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 4719	591 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 204	5 KB
1	outbrainimg.com zem.outbrainimg.com — Cisco Umbrella Rank: 3815	9 KB
1	google.ch www.google.ch — Cisco Umbrella Rank: 30501	408 B
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 864	7 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	79 KB
149	18

	Domain	Requested by
35	notes.io	notes.io static.cloudflareinsights.com
22	imageproxy.eu.criteo.net	ads.eu.criteo.com
14	fundingchoicesmessages.google.com	pagead2.googlesyndication.com notes.io
14	googleads.g.doubleclick.net	pagead2.googlesyndication.com notes.io googleads.g.doubleclick.net
11	static.criteo.net	ads.eu.criteo.com cdnjs.cloudflare.com static.criteo.net
11	pagead2.googlesyndication.com	notes.io pagead2.googlesyndication.com www.googletagservices.com tpc.googlesyndication.com
9	tpc.googlesyndication.com	googleads.g.doubleclick.net notes.io pagead2.googlesyndication.com tpc.googlesyndication.com
3	adrta.com	pix.adrta.com
3	www.googletagservices.com	googleads.g.doubleclick.net notes.io
2	wins-eu.sitescout.com	notes.io
2	pixel-sync.sitescout.com	2 redirects
2	q.adrta.com	notes.io q.adrta.com
2	www.google.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	csm.eu.criteo.net	ads.eu.criteo.com
2	widgets.outbrain.com	googleads.g.doubleclick.net
1	ipv6.adrta.com	pix.adrta.com
1	pix.adrta.com	q.adrta.com
1	cdn01.basis.net	notes.io
1	cm.g.doubleclick.net	googleads.g.doubleclick.net
1	rtb.fr3.eu.criteo.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	www.google.com
1	b1-eudc1.zemanta.com	notes.io
1	cdnjs.cloudflare.com	ads.eu.criteo.com
1	cat.nl3.eu.criteo.com	ads.eu.criteo.com
1	zem.outbrainimg.com	googleads.g.doubleclick.net
1	b1t-eudc1.zemanta.com	googleads.g.doubleclick.net
1	ads.eu.criteo.com	googleads.g.doubleclick.net
1	www.google.ch	notes.io
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	static.cloudflareinsights.com	notes.io
1	www.googletagmanager.com	notes.io
149	32

This site contains links to these domains. Also see Links.

Domain
tik.la
quickreplies.app
www.metromedya.com

Subject Issuer	Validity	Valid
notes.io GTS CA 1P5	`2023-11-19` - `2024-02-17`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-10` - `2024-04-09`	a year	crt.sh
*.google.ch GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-14` - `2024-12-14`	a year	crt.sh
*.zemanta.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-16` - `2024-09-05`	a year	crt.sh
*.outbrainimg.com R3	`2023-11-28` - `2024-02-26`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-15` - `2024-03-10`	3 months	crt.sh
*.nl3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-03` - `2024-02-28`	3 months	crt.sh
*.eu.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-17` - `2024-01-18`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.fr3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-08` - `2024-03-03`	3 months	crt.sh
*.adrta.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-07` - `2024-07-23`	a year	crt.sh
*.sitescout.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2023-01-09` - `2024-02-02`	a year	crt.sh
cdn01.basis.net GeoTrust TLS RSA CA G1	`2023-05-30` - `2024-06-15`	a year	crt.sh

This page contains 16 frames:

Primary Page: https://notes.io/wt7uU
Frame ID: E17C6FE8BDA03B9596F9FAFE7C2B7C95
Requests: 64 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html
Frame ID: 4D2AC1E32914D120CFECA73BCFB67CD9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4070502493653474&output=html&h=200&slotname=3868234696&adk=549409105&adf=954533980&pi=t.ma~as.3868234696&w=1200&fwrn=4&lmt=1703411702&rafmt=11&format=1200x200&url=https%3A%2F%2Fnotes.io%2Fwt7uU&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703411702525&bpp=3&bdt=311&idt=230&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&correlator=3251519291353&frm=20&pv=2&ga_vid=763161084.1703411703&ga_sid=1703411703&ga_hid=577917265&ga_fc=1&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=194&ady=122&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079438%2C31079714%2C31079964%2C31079979%2C31080103%2C95320885&oid=2&pvsid=3792896025820638&tmod=245286006&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=241
Frame ID: A307F55626B7973B54FB047C4D8B6356
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4070502493653474&output=html&h=90&adk=3669304273&adf=1363183586&w=728&lmt=1703411702&format=728x90&url=https%3A%2F%2Fnotes.io%2Fwt7uU&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703411702528&bpp=1&bdt=314&idt=245&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x200&correlator=3251519291353&frm=20&pv=1&ga_vid=763161084.1703411703&ga_sid=1703411703&ga_hid=577917265&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=430&ady=4612&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079438%2C31079714%2C31079964%2C31079979%2C31080103%2C95320885&oid=2&pvsid=3792896025820638&tmod=245286006&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=248
Frame ID: 3779E1773F58D823BD89129DDDE97CFD
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4070502493653474&output=html&adk=1812271804&adf=3025194257&lmt=1703411702&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x810_l%7C500x810_r&format=0x0&url=https%3A%2F%2Fnotes.io%2Fwt7uU&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703411702541&bpp=2&bdt=327&idt=236&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x200%2C728x90&nras=1&correlator=3251519291353&frm=20&pv=1&ga_vid=763161084.1703411703&ga_sid=1703411703&ga_hid=577917265&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079438%2C31079714%2C31079964%2C31079979%2C31080103%2C95320885&oid=2&pvsid=3792896025820638&tmod=245286006&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=244
Frame ID: 6369437333E6E66E23DC71CC032221B4
Requests: 1 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZYf_9gAMLCcKcbbRAA0z3Cirf8HTuOYs4xne9A&u=%7C0vN2%2BO0XR2pZYNICeFBiXW6h%2BxPBM8a5mzwbjz%2BPKnE%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNq3-pxKMVsrD8omUlRR6RplaanJFN1_xneJ9StvaC69D8Q5nm2qV2mOt5pyOAVEnFg8oDMuDw76twDb84BZs1Wfmnp3HF7nWacG-caQ7lQ_Im3_SqAHOjU23cKLsRyLhnzEk8-_3s9Vc9B2slpvvdbqr0A-oTdN4qPCFjTmKTMd0N9ObYN4rH6jwK44EyfQRtsbefPOTceYa0lcpEZFDJRseQJHEvhZC3aBOXWl3Oh6yUfDdV5DklzA1oPIfbzK2boxndn3cfye3kFyV3jGoWWsvYssbrDLBcUqj1S1-Z0DTgchew4F72s-mWOwyE26zwlXqkIBlA8MFMN-XpI0NZ_dTib2yMZ3HvEEojpYKMKbTb-TDgwqKIVieq-ekdUCJ35NN9zENvqxtGWN9i5Jt_NoiPM8BeSL_dQ6wRCG2_sW1Dy1fpj_rI7iZKpUZajPgLdOKaZYjxQr9xG2UCmE0oeX--ZgwApjPsvFbMlZKLQ33N3kXzZccEPC_MQRbdXj-htWQWu2MbzjnIRKA1lihscpejVg1TGkliN2pQpEXlZ0AmdNwI8RCT4qS0x4-yh69vol166bbSpNgi&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRjL49v-HZafYMNHtxgPc57Q4yZ7SsVzNhuPWkwHAjbcBEAEgAGD1BYIBF2NhLXB1Yi00MDcwNTAyNDkzNjUzNDc0yAEJqQJx9dySZnqyPqgDAcgDAqoE6QFP0PFzwkkOAgOvWDqIBYC-4HVq23JeyRhX7Tr_WCgDOrugvdOHE0pboxuYTQaeyAifkXwPV0o6RP-FWo1c8jGrZnbK9FWp0BBBrlPRqkJv6t_fLQsFhyrP8JQzk23sfK-RQI4tcawfHyo1p7tFX3rpgEkXEBIfVNTOBXqGN6ZyK5pJJfYTGS_pbLsGvnxowVK5AgqnD5A0Q7nxK3a7gSQNbZyCey5BhQbvXBzTLAg4MWkqmIt0f_9nA8pBoghHKmXoZ43rxrjzd56mnuUwfhGr8tWy3kZZZkFIw3w8tJvGSW7WkM7ySwLsH4AGo4nZrNr2yIZQoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WPGNzovnp4MD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_059grYbNwvHj1l8K66Bl_0kXG4Jw%26client%3Dca-pub-4070502493653474%26adurl%3D
Frame ID: 317B4F583831FA647D7D476BC8CD1358
Requests: 38 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4070502493653474&output=html&h=280&adk=1660337510&adf=3767030899&pi=t.aa~a.179182922~i.28~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1703411703&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7194745760&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fnotes.io%2Fwt7uU&ea=0&fwr=0&pra=3&rh=200&rw=1488&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703411703673&bpp=1&bdt=1459&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D921c0f79e32c40bd%3AT%3D1703411702%3ART%3D1703411702%3AS%3DALNI_MY9j_x1b-jGNOLJQ9QjAtgshFCoCg&gpic=UID%3D00000ce796ae7267%3AT%3D1703411702%3ART%3D1703411702%3AS%3DALNI_Mbm3zifSwEhb3Ig_0Qfl7zLa-MiPw&prev_fmts=1200x200%2C728x90%2C0x0&nras=2&correlator=3251519291353&frm=20&pv=1&ga_vid=763161084.1703411703&ga_sid=1703411703&ga_hid=577917265&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=194&ady=1180&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079438%2C31079714%2C31079964%2C31079979%2C31080103%2C95320885&oid=2&psts=AOrYGsnxNwBH9CLi8DxCK9D3zdGpjWuORDX0h9Js8teQBK6TuJoNdGblRk_145BfUNJj7x5ahzy6Q9yKc7wP%2CAOrYGsmzf6m1TkOw8hWy4CAPZk6rqwRSvH49wmnTGb1JFkhUbXz5l-nShMt_72f82RmKjJOi3KGCLzUC3C148HM9&pvsid=3792896025820638&tmod=245286006&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=44
Frame ID: 288779E06AC10CFCC7E8F29B9D65C177
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4070502493653474&output=html&h=280&adk=1660337510&adf=2234306316&pi=t.aa~a.179182922~i.34~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1703411703&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7194745760&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fnotes.io%2Fwt7uU&ea=0&fwr=0&pra=3&rh=200&rw=1488&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703411703673&bpp=1&bdt=1459&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D921c0f79e32c40bd%3AT%3D1703411702%3ART%3D1703411702%3AS%3DALNI_MY9j_x1b-jGNOLJQ9QjAtgshFCoCg&gpic=UID%3D00000ce796ae7267%3AT%3D1703411702%3ART%3D1703411702%3AS%3DALNI_Mbm3zifSwEhb3Ig_0Qfl7zLa-MiPw&prev_fmts=1200x200%2C728x90%2C0x0%2C1200x280&nras=3&correlator=3251519291353&frm=20&pv=1&ga_vid=763161084.1703411703&ga_sid=1703411703&ga_hid=577917265&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=194&ady=1694&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079438%2C31079714%2C31079964%2C31079979%2C31080103%2C95320885&oid=2&psts=AOrYGsnxNwBH9CLi8DxCK9D3zdGpjWuORDX0h9Js8teQBK6TuJoNdGblRk_145BfUNJj7x5ahzy6Q9yKc7wP%2CAOrYGsmzf6m1TkOw8hWy4CAPZk6rqwRSvH49wmnTGb1JFkhUbXz5l-nShMt_72f82RmKjJOi3KGCLzUC3C148HM9&pvsid=3792896025820638&tmod=245286006&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&dtd=46
Frame ID: 58E8918B0C56163093A5BCB9EC8CDAE9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4070502493653474&output=html&h=280&adk=1660337510&adf=2065172108&pi=t.aa~a.179182922~i.50~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1703411703&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7194745760&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fnotes.io%2Fwt7uU&ea=0&fwr=0&pra=3&rh=200&rw=1488&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703411703673&bpp=1&bdt=1459&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D921c0f79e32c40bd%3AT%3D1703411702%3ART%3D1703411702%3AS%3DALNI_MY9j_x1b-jGNOLJQ9QjAtgshFCoCg&gpic=UID%3D00000ce796ae7267%3AT%3D1703411702%3ART%3D1703411702%3AS%3DALNI_Mbm3zifSwEhb3Ig_0Qfl7zLa-MiPw&prev_fmts=1200x200%2C728x90%2C0x0%2C1200x280%2C1200x280&nras=4&correlator=3251519291353&frm=20&pv=1&ga_vid=763161084.1703411703&ga_sid=1703411703&ga_hid=577917265&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=194&ady=2559&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079438%2C31079714%2C31079964%2C31079979%2C31080103%2C95320885&oid=2&psts=AOrYGsnxNwBH9CLi8DxCK9D3zdGpjWuORDX0h9Js8teQBK6TuJoNdGblRk_145BfUNJj7x5ahzy6Q9yKc7wP%2CAOrYGsmzf6m1TkOw8hWy4CAPZk6rqwRSvH49wmnTGb1JFkhUbXz5l-nShMt_72f82RmKjJOi3KGCLzUC3C148HM9&pvsid=3792896025820638&tmod=245286006&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=3&fsb=1&dtd=47
Frame ID: 3D18128B4CACA8F92B0AC22CEFDE0AAB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4070502493653474&output=html&h=280&adk=1660337510&adf=3471279378&pi=t.aa~a.179182922~i.54~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1703411703&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7194745760&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fnotes.io%2Fwt7uU&ea=0&fwr=0&pra=3&rh=200&rw=1488&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703411703673&bpp=1&bdt=1459&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D921c0f79e32c40bd%3AT%3D1703411702%3ART%3D1703411702%3AS%3DALNI_MY9j_x1b-jGNOLJQ9QjAtgshFCoCg&gpic=UID%3D00000ce796ae7267%3AT%3D1703411702%3ART%3D1703411702%3AS%3DALNI_Mbm3zifSwEhb3Ig_0Qfl7zLa-MiPw&prev_fmts=1200x200%2C728x90%2C0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=3251519291353&frm=20&pv=1&ga_vid=763161084.1703411703&ga_sid=1703411703&ga_hid=577917265&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=194&ady=3041&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079438%2C31079714%2C31079964%2C31079979%2C31080103%2C95320885&oid=2&psts=AOrYGsnxNwBH9CLi8DxCK9D3zdGpjWuORDX0h9Js8teQBK6TuJoNdGblRk_145BfUNJj7x5ahzy6Q9yKc7wP%2CAOrYGsmzf6m1TkOw8hWy4CAPZk6rqwRSvH49wmnTGb1JFkhUbXz5l-nShMt_72f82RmKjJOi3KGCLzUC3C148HM9&pvsid=3792896025820638&tmod=245286006&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=4&fsb=1&dtd=49
Frame ID: CC28F3E2876EFC75D45778D1ADE469C0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4070502493653474&output=html&h=280&adk=1660337510&adf=236418961&pi=t.aa~a.179182922~i.58~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1703411703&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7194745760&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fnotes.io%2Fwt7uU&ea=0&fwr=0&pra=3&rh=200&rw=1488&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703411703673&bpp=1&bdt=1459&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D921c0f79e32c40bd%3AT%3D1703411702%3ART%3D1703411702%3AS%3DALNI_MY9j_x1b-jGNOLJQ9QjAtgshFCoCg&gpic=UID%3D00000ce796ae7267%3AT%3D1703411702%3ART%3D1703411702%3AS%3DALNI_Mbm3zifSwEhb3Ig_0Qfl7zLa-MiPw&prev_fmts=1200x200%2C728x90%2C0x0%2C1200x280%2C1200x280%2C1200x280%2C1200x280&nras=6&correlator=3251519291353&frm=20&pv=1&ga_vid=763161084.1703411703&ga_sid=1703411703&ga_hid=577917265&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=194&ady=3516&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079438%2C31079714%2C31079964%2C31079979%2C31080103%2C95320885&oid=2&psts=AOrYGsnxNwBH9CLi8DxCK9D3zdGpjWuORDX0h9Js8teQBK6TuJoNdGblRk_145BfUNJj7x5ahzy6Q9yKc7wP%2CAOrYGsmzf6m1TkOw8hWy4CAPZk6rqwRSvH49wmnTGb1JFkhUbXz5l-nShMt_72f82RmKjJOi3KGCLzUC3C148HM9&pvsid=3792896025820638&tmod=245286006&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&btvi=5&fsb=1&dtd=51
Frame ID: 95AA549BC7FCE8989E7A9C258AC73CC2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4070502493653474&output=html&h=280&adk=1660337510&adf=4274018217&pi=t.aa~a.179182922~i.62~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1703411703&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7194745760&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fnotes.io%2Fwt7uU&ea=0&fwr=0&pra=3&rh=200&rw=1488&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703411703673&bpp=1&bdt=1459&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D921c0f79e32c40bd%3AT%3D1703411702%3ART%3D1703411702%3AS%3DALNI_MY9j_x1b-jGNOLJQ9QjAtgshFCoCg&gpic=UID%3D00000ce796ae7267%3AT%3D1703411702%3ART%3D1703411702%3AS%3DALNI_Mbm3zifSwEhb3Ig_0Qfl7zLa-MiPw&prev_fmts=1200x200%2C728x90%2C0x0%2C1200x280%2C1200x280%2C1200x280%2C1200x280%2C1200x280&nras=7&correlator=3251519291353&frm=20&pv=1&ga_vid=763161084.1703411703&ga_sid=1703411703&ga_hid=577917265&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=194&ady=3991&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079438%2C31079714%2C31079964%2C31079979%2C31080103%2C95320885&oid=2&psts=AOrYGsnxNwBH9CLi8DxCK9D3zdGpjWuORDX0h9Js8teQBK6TuJoNdGblRk_145BfUNJj7x5ahzy6Q9yKc7wP%2CAOrYGsmzf6m1TkOw8hWy4CAPZk6rqwRSvH49wmnTGb1JFkhUbXz5l-nShMt_72f82RmKjJOi3KGCLzUC3C148HM9&pvsid=3792896025820638&tmod=245286006&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=9&uci=a!9&btvi=6&fsb=1&dtd=52
Frame ID: D0A3F4E82AED660EF9E843A02954E805
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 8F68DAE9105C28789DBA023E106E4721
Requests: 1 HTTP requests in this frame

Frame: https://q.adrta.com/aa.js?cb=1703411702903
Frame ID: B36A252210C51154BE5660592FDAAE97
Requests: 17 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1B53F7792B30A07F0C98211017C24C5C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E8AC1E2A09A962507A2E951142EA8FB7
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

10 Unexpected ADHD Private : Notes

Detected technologies

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

149
Requests

99 %
HTTPS

63 %
IPv6

18
Domains

32
Subdomains

32
IPs

5
Countries

1373 kB
Transfer

3113 kB
Size

14
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://tik.la/repostnotesio

Search URL Search Domain Scan URL

URL: https://quickreplies.app/
Title: Paste Keyboard iOS - Quick Replies

Search URL Search Domain Scan URL

URL: https://www.metromedya.com/tr/
Title: Metromedya

Search URL Search Domain Scan URL

URL: https://www.metromedya.com/tr/hizmetlerimiz/ios-uygulama-gelistirme.html
Title: ios uygulama geliştirme

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 111

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&wb=1&hdid=0 HTTP 302
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=8&wb=1&hdid=0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=IBQNgynES2ikRagT15L8bWWH__c

149 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request wt7uU Show response
notes.io/ 20 KB
8 KB 213ms
141ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://notes.io/wt7uU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e1502116110773ebf467d200a9c3f5b2a12c6ff17610a0d1677407562585ef74

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 83a7f761fc974c51-MXP
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 24 Dec 2023 09:55:02 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KgJGWvJIMdmuo%2BIwctCOYmQEexMifT6xnBe2QPuL8zrzYzj20h61gpQnIiLy1xa0NN3qpJz%2F%2FUHZ7MQ2EVVqR5%2F5JUCvfQ%2F5UUe8bUBNI4kmgmHWkrdXogwUe31vW5faYcwtBE6Q8A%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 notes.min.css
notes.io/theme/styles/ 13 KB
4 KB 37ms
36ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://notes.io/theme/styles/notes.min.css
Requested by: Host: notes.io
URL: https://notes.io/wt7uU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f57cfe8a95a48688f2f43be56518d6349c0b713e2e2e00df65dfff4253592002

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://notes.io/wt7uU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 09:55:02 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sun, 06 Mar 2022 21:47:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2170018
etag: W/"62252c0a-3587"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rpGNpanjcQxzlZOQYRLHfEzSaniAPXkts50rRSSBUQu19TpXKsALMrreOfa6OU%2BFuH2rJUt0%2BjLJpQJKnp4RMUDxXxR62Jx%2FS0k6hLIH%2FF6PzTCc%2F4%2BTx3%2BAc64CGhOO77NR%2Bdm5EQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000, public, no-transform
cf-ray: 83a7f762edb64c51-MXP
alt-svc: h3=":443"; ma=86400
expires: Thu, 28 Nov 2024 07:08:04 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
51 KB 221ms
108ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: notes.io
URL: https://notes.io/wt7uU

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

075cd9b26316c410afe04d54f0adfdfacf5586ada368d1f5ec061516e70ea7ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://notes.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 09:55:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51281
x-xss-protection: 0
server: cafe
etag: 13260251557676511056
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 24 Dec 2023 09:55:02 GMT

GET
H2 200 whatisnotesio.png
notes.io/theme/images/ 2 KB
2 KB 35ms
35ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://notes.io/theme/images/whatisnotesio.png
Requested by: Host: notes.io
URL: https://notes.io/wt7uU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fbd3c5938f018a95deb7c9d078d2fa48209f78516d0c5d1cf40bcad47ba2fb9d

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://notes.io/wt7uU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 09:55:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2013485
alt-svc: h3=":443"; ma=86400
content-length: 1625
last-modified: Sun, 06 Mar 2022 21:47:54 GMT
server: cloudflare
etag: "62252c0a-659"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AsvzZnZPLLPU%2FKrWK8PPUpew3TwT%2FTxqjNW%2FZ2mgNpm8IpGzbZcZyjDXRDED8y3atfjjs8bN5qZSuN7eo1p3bY%2F87%2FMpE5aT1rHy9kYdeGNjs1pqLZ21eSx3rCtyUr%2FhcJhInYzPtg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000, public, no-transform
accept-ranges: bytes
cf-ray: 83a7f762edbb4c51-MXP
expires: Sat, 30 Nov 2024 02:36:57 GMT

GET
H2 200 logo.png
notes.io/theme/images/ 3 KB
4 KB 65ms
64ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://notes.io/theme/images/logo.png
Requested by: Host: notes.io
URL: https://notes.io/wt7uU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b7935c3f61f35b3859886408bc60fee0849a674b7cf18a836b23e89db7f2c4d

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://notes.io/wt7uU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 09:55:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2080129
alt-svc: h3=":443"; ma=86400
content-length: 3336
last-modified: Sun, 06 Mar 2022 21:47:54 GMT
server: cloudflare
etag: "62252c0a-d08"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i0jmJnegvts78t6zrrlp1oVmANzr8NGXnNYGD%2Fr559X5IcJf%2FTzhKLRbEavYsHIxgG7X3V4XYEV0F0WxypR4XxqBh6cEnWVEQZd13QIT%2B%2F5KPKCkv99e7SmqfVN8qCpyJbiU6Qoa%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000, public, no-transform
accept-ranges: bytes
cf-ray: 83a7f762fde34c51-MXP
expires: Fri, 29 Nov 2024 08:06:13 GMT

GET
H2 200 fastEasyShort.png
notes.io/theme/images/ 1 KB
1 KB 34ms
34ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://notes.io/theme/images/fastEasyShort.png
Requested by: Host: notes.io
URL: https://notes.io/wt7uU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 38d388d9c7ac8c0d5e4d6210314e98f5e888456e9ac87614b160c6d9098f07f1

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://notes.io/wt7uU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 09:55:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2258963
alt-svc: h3=":443"; ma=86400
content-length: 1052
last-modified: Sun, 06 Mar 2022 21:47:54 GMT
server: cloudflare
etag: "62252c0a-41c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3g%2Be43nXoC1%2FRR87x%2BcP6l8j03E970%2BhOINo3wqVeHHE6wXdO6O4YWDNwBqvhiW%2BDOSvqzh579qMopHCzCU%2ByMAnuKCAAYI6S%2F8DXFfsyt8HTCVbNyDKl%2Bs4ybHxeT82LQDbe93pzA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000, public, no-transform
accept-ranges: bytes
cf-ray: 83a7f762edba4c51-MXP
expires: Wed, 27 Nov 2024 06:25:39 GMT

GET
H2 200 ajax-loader.gif
notes.io/theme/images/ 2 KB
2 KB 35ms
33ms Image
image/gif 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://notes.io/theme/images/ajax-loader.gif
Requested by: Host: notes.io
URL: https://notes.io/wt7uU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db2ba4889dd6b787459213e432032ea294061cedf2b335b423c93e923d36472a

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://notes.io/wt7uU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 09:55:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2013485
alt-svc: h3=":443"; ma=86400
content-length: 1785
last-modified: Sun, 06 Mar 2022 21:47:54 GMT
server: cloudflare
etag: "62252c0a-6f9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TLtFAnjMSKVRJOLEibQH%2F9alA9tzIGAYeB9tDg6jIByzdmS%2FRo98NP4Xqv87ZYdJqKwGBCV682mS3Pet3802UVhogo1oi48jMpJm%2Fwck7l30KCkbXb3pdhkxRFHeDIaZg%2FRNF4vnRg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=31536000, public, no-transform
accept-ranges: bytes
cf-ray: 83a7f762fddb4c51-MXP
expires: Sat, 30 Nov 2024 02:36:57 GMT

GET
H2 200 repost.jpg
notes.io/theme/banners/ 42 KB
43 KB 39ms
38ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://notes.io/theme/banners/repost.jpg
Requested by: Host: notes.io
URL: https://notes.io/wt7uU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1d1a0d90b4cfb1d98abf3ecc7b4a372b8285f1a9d905d6587f5f14a16f67a1ba

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://notes.io/wt7uU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 09:55:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2242513
alt-svc: h3=":443"; ma=86400
content-length: 43481
last-modified: Mon, 04 Sep 2023 18:22:52 GMT
server: cloudflare
etag: "64f6207c-a9d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5EaVSrVFfZoYPU5it%2BAnV0f05hS5BB0e7kkDg33eBUipUxWHgPz8zPJl8MNQwTCfafZl7%2F%2BBDRBN3dX3DQqKDcQJ9hN9LSfmXl%2FFG6K0bkJ0BLcTMuVoHJZQvtAt9tarFqVcOxz69Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000, public, no-transform
accept-ranges: bytes
cf-ray: 83a7f762fddc4c51-MXP
expires: Wed, 27 Nov 2024 10:59:49 GMT

GET
H2 200 email-decode.min.js Show response
notes.io/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 31ms
30ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://notes.io/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: notes.io
URL: https://notes.io/wt7uU

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://notes.io/wt7uU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 09:55:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 19 Dec 2023 14:09:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6581a422-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z%2FL2bUhidOQrF8kr7Ne4vo0yLfKic4wIVVXfLFD7ElwiwqxY%2BfsrO%2Fy7HkJSboamBElty%2FbA1wZv6WJ9lM6vumHsGyP7NwPBjGcZhdV3RiSxoDoAKJbCckK2qUiyPwYcq3aRdYb%2B8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 83a7f762fdde4c51-MXP
expires: Tue, 26 Dec 2023 09:55:02 GMT

GET
H2 200 jquery.min.js Show response
notes.io/theme/scripts/ 95 KB
33 KB 36ms
35ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://notes.io/theme/scripts/jquery.min.js
Requested by: Host: notes.io
URL: https://notes.io/wt7uU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://notes.io/wt7uU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 09:55:02 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sun, 06 Mar 2022 21:47:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1995806
etag: W/"62252c0a-17b8b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IMWSp1RaOB1SVkFgV%2F%2F%2B6QkUKZZZrRdVoO5D7P0ZYYrhT4WB0SinqFULtQ5nzyRd5F5ol760OzHrQ%2BLCJWhRfG%2Bt1b%2BXi8uRJv4NvFl4vZuMxSDPKatpYdPzWKr0x6JD3my3lX37pw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000, public, no-transform
cf-ray: 83a7f762fde04c51-MXP
alt-svc: h3=":443"; ma=86400
expires: Sat, 30 Nov 2024 07:31:36 GMT

GET
H2 200 notes.min.js Show response
notes.io/theme/scripts/ 6 KB
2 KB 64ms
63ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://notes.io/theme/scripts/notes.min.js
Requested by: Host: notes.io
URL: https://notes.io/wt7uU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a5ee2889a6667a9109444c3049d12b00e4d415039b49e07dfec29c91a2911a8d

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://notes.io/wt7uU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 09:55:02 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sun, 06 Mar 2022 21:47:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2258963
etag: W/"62252c0a-1799"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KRhrJudCWoZlhbax76DmSKGP4PKcukypQY7r0LRAckbyYVpTOwBT1KUA1PObTn3ykFxcVpOLvIl993jdboPGlMAKpoFTYQAEbj%2FiDf6EQ2p0ql1MbjgXsBJdeorOP30pzAn9o%2Fn%2F1w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000, public, no-transform
cf-ray: 83a7f762fde24c51-MXP
alt-svc: h3=":443"; ma=86400
expires: Wed, 27 Nov 2024 06:25:39 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 222 KB
79 KB 176ms
65ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-H0XVNMGVTV

Requested by

Host: notes.io
URL: https://notes.io/wt7uU

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5f7dfc5bafd3943b9b7e98dd6887a38f7b947bd45551acd4183f414a903474a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://notes.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 09:55:02 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 80854
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 24 Dec 2023 09:55:02 GMT

GET
H2 200 v84a3a4012de94ce1a686ba8c167c359c1696973893317 Show response
static.cloudflareinsights.com/beacon.min.js/ 20 KB
7 KB 155ms
100ms Script
text/javascript 2606:4700::6810:3965
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by: Host: notes.io
URL: https://notes.io/wt7uU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer: https://notes.io/
Origin: https://notes.io
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 09:55:02 GMT
content-encoding: gzip
last-modified: Tue, 10 Oct 2023 21:38:13 GMT
server: cloudflare
etag: W/"2023.10.0"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 83a7f7635dc301db-ZRH

GET
H2 200 background.jpg
notes.io/theme/images/ 96 KB
96 KB 46ms
46ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://notes.io/theme/images/background.jpg
Requested by: Host: notes.io
URL: https://notes.io/theme/styles/notes.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2c7700b4f17c98726894ffd50bbb33856f758fc61f90ad86829ce84db18e1b10

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://notes.io/theme/styles/notes.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 09:55:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4003490
alt-svc: h3=":443"; ma=86400
content-length: 98299
last-modified: Sun, 06 Mar 2022 21:47:54 GMT
server: cloudflare
etag: "62252c0a-17ffb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m7%2BptXMG0wjjAP4wAqkXSTzFGMr%2BvtPQ5AnKSh1TPbCoem626Kuxj%2Fx%2BgQW19RWM6tFr6fKnFO%2BgQYKJ4nnzKNb2CCKRsLL0fnzl54V9bpwG3bG5%2B3sGszS5KBewm1RmRSs2N4ggyw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000, public, no-transform
accept-ranges: bytes
cf-ray: 83a7f7632dff4c51-MXP
expires: Thu, 07 Nov 2024 01:50:12 GMT

GET
H2 200 barsol.png
notes.io/theme/images/ 256 B
593 B 44ms
42ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://notes.io/theme/images/barsol.png
Requested by: Host: notes.io
URL: https://notes.io/theme/styles/notes.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fcbe61c8a75836204c74b660cc354dc661afcd19863640940795a901d606bd4d

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://notes.io/theme/styles/notes.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 09:55:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2258962
alt-svc: h3=":443"; ma=86400
content-length: 256
last-modified: Sun, 06 Mar 2022 21:47:54 GMT
server: cloudflare
etag: "62252c0a-100"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MsHSyH5%2FtXrlis41OWT3jpndQPGnNOQcEtCoqMDW1jz9LotsUzmexLrOeDEfjwBfZWs0jB0Iu8fMVr2mUk5L%2BfBMduMfftC2s99%2FKQ0unXu4%2Byh9Qcr4f84vpoHAcRyv0xpZG62phQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000, public, no-transform
accept-ranges: bytes
cf-ray: 83a7f7632e014c51-MXP
expires: Wed, 27 Nov 2024 06:25:40 GMT

GET
H2 200 barback.png
notes.io/theme/images/ 133 B
460 B 44ms
42ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://notes.io/theme/images/barback.png
Requested by: Host: notes.io
URL: https://notes.io/theme/styles/notes.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd1e65fd03eb5e219a3ea73711a044bbdba580de75e7d0108bc2ce2a99fd73fe

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://notes.io/theme/styles/notes.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 09:55:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 295364
alt-svc: h3=":443"; ma=86400
content-length: 133
last-modified: Sun, 06 Mar 2022 21:47:54 GMT
server: cloudflare
etag: "62252c0a-85"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wLhWCySkdYl0omTsIYKb%2BO5HQ6oxgIhfV%2B5kabc1%2FijBCBtW9oC7%2FvznBZVOfYzgbuf6vGy5Aap1Ua8bEcF5uYeHkgqUjKkuaT5qhiBpTIgKVHjjgEHkvldnyMGoMqXYqeO%2FAOik0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000, public, no-transform
accept-ranges: bytes
cf-ray: 83a7f7632e034c51-MXP
expires: Thu, 19 Dec 2024 23:52:18 GMT

GET
H2 200 random2.png
notes.io/theme/images/ 2 KB
2 KB 46ms
45ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://notes.io/theme/images/random2.png
Requested by: Host: notes.io
URL: https://notes.io/theme/styles/notes.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 854a5cc12540c33c5d748da0b9bce95a25c72f9ef7fc4f92bbca033f8df835cc

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://notes.io/theme/styles/notes.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 09:55:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1995806
alt-svc: h3=":443"; ma=86400
content-length: 1986
last-modified: Sun, 06 Mar 2022 21:47:54 GMT
server: cloudflare
etag: "62252c0a-7c2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SflnCWHrpOEBQ5Z8r7PKUoZgQeRdZGtZM24XRpf4cZpnfwNpIAEoSdd%2B%2Fpldn2sajjhIwP9LNl0w6Bh%2BjxKvbXwffzpyDN8KZbg%2F9%2BYF66GUTuEIaMOZQaDe6w2bjfl7gboXZnBtaA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000, public, no-transform
accept-ranges: bytes
cf-ray: 83a7f7632e054c51-MXP
expires: Sat, 30 Nov 2024 07:31:36 GMT

GET
H2 200 share.png
notes.io/theme/images/ 2 KB
2 KB 44ms
43ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://notes.io/theme/images/share.png
Requested by: Host: notes.io
URL: https://notes.io/theme/styles/notes.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e676afbd0ddf8afafc01c7bf13e9ddeee39e6b662ae259f8266090cb785b927e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://notes.io/theme/styles/notes.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 09:55:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2013485
alt-svc: h3=":443"; ma=86400
content-length: 1664
last-modified: Sun, 06 Mar 2022 21:47:54 GMT
server: cloudflare
etag: "62252c0a-680"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gxQ8X9XepFc5xrV%2FMG%2Fh5s6%2BA0Swd9iuggl0%2FrhdmVJRcQd207B9qQ6y0Rki3eZtwYvSHby9ztnpNoetmXUuZcY4a0%2Bl3%2B7LBnG6Mg11CHG%2BjqJMT2F6x6HbEimARFqLVdvR%2BYEyhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000, public, no-transform
accept-ranges: bytes
cf-ray: 83a7f7632e064c51-MXP
expires: Sat, 30 Nov 2024 02:36:57 GMT

GET
H2 200 comingsoon.png
notes.io/theme/images/ 3 KB
4 KB 45ms
43ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://notes.io/theme/images/comingsoon.png
Requested by: Host: notes.io
URL: https://notes.io/theme/styles/notes.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d9e7213bd1de2e07001870ec2470a3347053cd9066ee982022fb597ac5e6001e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://notes.io/theme/styles/notes.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 09:55:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2258962
alt-svc: h3=":443"; ma=86400
content-length: 3344
last-modified: Sun, 06 Mar 2022 21:47:54 GMT
server: cloudflare
etag: "62252c0a-d10"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fl6n4p4ewHBaa7PekyTqYoslznhNa5HgSjFMz%2FCB8S4TfK2djLs1IAHbX6A0EDF4dtemKnYrFC5RN5SxesBGmYCGMG2gThQnKJ7PHltUjCCmYLjVNpbvRCMl3YwuA16Tdf8vfBgADg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000, public, no-transform
accept-ranges: bytes
cf-ray: 83a7f7632e074c51-MXP
expires: Wed, 27 Nov 2024 06:25:40 GMT

GET
H2 200 account.png
notes.io/theme/images/ 2 KB
2 KB 45ms
44ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://notes.io/theme/images/account.png
Requested by: Host: notes.io
URL: https://notes.io/theme/styles/notes.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf40f3d3dcd31f19de9a2b7da30d13d736eec2900d093fb4d6aa8eda2c2abd40

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://notes.io/theme/styles/notes.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 09:55:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2077904
alt-svc: h3=":443"; ma=86400
content-length: 1726
last-modified: Sun, 06 Mar 2022 21:47:54 GMT
server: cloudflare
etag: "62252c0a-6be"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ml3B7R%2Bx3cjVwEV27BY7Ttf0nydofXhDmVFTPiOeID%2BL8EGIx1aSojQpuVcjEREiel3bd9VvdfpuqMz23zGVOKYyYD7sOLKB8etwahAicIAGPnWs0Jn34x0saqj0Fp1RpBuVUIhvzA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000, public, no-transform
accept-ranges: bytes
cf-ray: 83a7f7632e084c51-MXP
expires: Fri, 29 Nov 2024 08:43:18 GMT

GET
H2 200 myNotes.png
notes.io/theme/images/ 2 KB
2 KB 46ms
45ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://notes.io/theme/images/myNotes.png
Requested by: Host: notes.io
URL: https://notes.io/theme/styles/notes.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4fbcb3ac2b54766a4469f7cbaddab896205e86532bdb730e07ae2d21e2ed35cd

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://notes.io/theme/styles/notes.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 09:55:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2077904
alt-svc: h3=":443"; ma=86400
content-length: 2080
last-modified: Sun, 06 Mar 2022 21:47:54 GMT
server: cloudflare
etag: "62252c0a-820"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9BT2XBCQ5MvXSUqsa%2BlOfYStRjec85Myw4dMliKDYDbZTs3XLaWhWVGJVSe7K9aO2Pd5R1JWGp4myZgpVNlTMYrssNfX%2B85NYy4rg9i0LsZzlqQZCwhP7LorRwIPEumZdqXshKmLQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000, public, no-transform
accept-ranges: bytes
cf-ray: 83a7f7632e0e4c51-MXP
expires: Fri, 29 Nov 2024 08:43:18 GMT

GET
H2 200 barsag.png
notes.io/theme/images/ 281 B
573 B 46ms
45ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://notes.io/theme/images/barsag.png
Requested by: Host: notes.io
URL: https://notes.io/theme/styles/notes.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42ae8ff6ab42a1788012299b4be64fa1571d1eab8c6d66be656d02ff10d4285e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://notes.io/theme/styles/notes.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 09:55:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1995806
alt-svc: h3=":443"; ma=86400
content-length: 281
last-modified: Sun, 06 Mar 2022 21:47:54 GMT
server: cloudflare
etag: "62252c0a-119"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=agf1QJBQDtXYm9oGTZUV8iqH9avAwgMVMV86jH0S0sBwA1711vh4Ps2fUb08BODzysvsPvwyceIBX%2B7hVr5je3ptlTedzbQnWBWo%2BkxDIE7cQu3jYEsYc8X6oZOAvjriuigsvjIltQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000, public, no-transform
accept-ranges: bytes
cf-ray: 83a7f7632e104c51-MXP
expires: Sat, 30 Nov 2024 07:31:36 GMT

GET
H2 200 notespageback.png
notes.io/theme/images/ 94 B
525 B 46ms
46ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://notes.io/theme/images/notespageback.png
Requested by: Host: notes.io
URL: https://notes.io/theme/styles/notes.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afb2ca57a17df4ec594641ffa0ed6410fb85d072e8105affb26f03811edaafb3

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://notes.io/theme/styles/notes.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 09:55:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2181948
alt-svc: h3=":443"; ma=86400
content-length: 94
last-modified: Sun, 06 Mar 2022 21:47:54 GMT
server: cloudflare
etag: "62252c0a-5e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=by%2B%2Fym0wahym4bLpIP2CvDOG63nHX73tbPt81uWJI1KEFdBQc8zi12mQtnaSlLUdvx8DyBp58txKAgcjlqAiRWfffYxpSX6gk6Z0hmenPIGYfVYMg6NBuIUdah3E9m8y4dbJf18%2F5w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000, public, no-transform
accept-ranges: bytes
cf-ray: 83a7f7632e114c51-MXP
expires: Thu, 28 Nov 2024 03:49:14 GMT

GET
H2 200 notesline.png
notes.io/theme/images/ 89 B
414 B 47ms
47ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://notes.io/theme/images/notesline.png
Requested by: Host: notes.io
URL: https://notes.io/theme/styles/notes.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ff68407b71ff03c432cca13da1e5296a765d3e91d2c3f18f356e4be99bebf1c

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://notes.io/theme/styles/notes.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 09:55:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 295364
alt-svc: h3=":443"; ma=86400
content-length: 89
last-modified: Sun, 06 Mar 2022 21:47:54 GMT
server: cloudflare
etag: "62252c0a-59"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BeId7voBqdnhj5bUT1sATQU2aAr12mI83sa4Bea0ONi%2B5K%2BNcXaOa7htpDNx33Sb92rKqLC4PJAXXMRUwPa3OO%2FcDMJSgbBMqakCzC8PgdQf%2FnK30UuCj348XjRpVioNluuC9uwY6w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000, public, no-transform
accept-ranges: bytes
cf-ray: 83a7f7632e154c51-MXP
expires: Thu, 19 Dec 2024 23:52:18 GMT

GET
H2 200 notespagebottom1.png
notes.io/theme/images/ 233 B
580 B 58ms
58ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://notes.io/theme/images/notespagebottom1.png
Requested by: Host: notes.io
URL: https://notes.io/theme/styles/notes.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 011a1aebdf086c6cf9c92c114f9227ff687d51306256031e2029371d0ee4d97c

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://notes.io/theme/styles/notes.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 09:55:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2077904
alt-svc: h3=":443"; ma=86400
content-length: 233
last-modified: Sun, 06 Mar 2022 21:47:54 GMT
server: cloudflare
etag: "62252c0a-e9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=whY9sHxNSW4Vq8cbhhEudP4f7Mbj91VkHAcZga%2B%2Bm%2FmqQKbApz0ocr4WJfLGlPW65UHP5YdlUHXyDZ6cD5zb0Tv0JpfXjQCad4aimrObNuIfHZ2AD90T1K6a8rxLXUMDVGFAfOr5UQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000, public, no-transform
accept-ranges: bytes
cf-ray: 83a7f7633e1e4c51-MXP
expires: Fri, 29 Nov 2024 08:43:18 GMT

GET
H2 200 notespagebottom2.png
notes.io/theme/images/ 91 B
425 B 59ms
58ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://notes.io/theme/images/notespagebottom2.png
Requested by: Host: notes.io
URL: https://notes.io/theme/styles/notes.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a88d92e2876436beeb002b35dd4161535db42e6dd90ebd024ee57e96133fee01

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://notes.io/theme/styles/notes.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 09:55:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1995806
alt-svc: h3=":443"; ma=86400
content-length: 91
last-modified: Sun, 06 Mar 2022 21:47:54 GMT
server: cloudflare
etag: "62252c0a-5b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wzGaHv80WDbxdA%2FdrBL9REhanxPn7T8mFVW83kIdRNGNOr612Nl4XqoIeUBI9dJKcUstM1Ou8lQ1iHWBWOOyyImFRok9u40vAW1ogIVbrU%2ByLra%2B%2F9tHCfI3M7Cw2ugmJTr0Z%2ButVA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000, public, no-transform
accept-ranges: bytes
cf-ray: 83a7f7633e1f4c51-MXP
expires: Sat, 30 Nov 2024 07:31:36 GMT

GET
H2 200 notespagebottom3.png
notes.io/theme/images/ 198 B
544 B 58ms
58ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://notes.io/theme/images/notespagebottom3.png
Requested by: Host: notes.io
URL: https://notes.io/theme/styles/notes.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 71409f8b486cef6225f67eddcbd21f2731ac72ccc82d3889e71a1cd53f43e09c

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://notes.io/theme/styles/notes.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 09:55:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2077904
alt-svc: h3=":443"; ma=86400
content-length: 198
last-modified: Sun, 06 Mar 2022 21:47:54 GMT
server: cloudflare
etag: "62252c0a-c6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XtmNvns50zgYiboY7RnHGqH%2FMUON3Q8hheHAWs4s4wsrjIjmusZv9f%2BvWKVtygSGOlz68zXE3so80QOQxBD2FEYz9bR5yLF5eohI5u%2FYbAJCIexSnBC2cFtw64EtESWyP%2Bdz0S2KZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000, public, no-transform
accept-ranges: bytes
cf-ray: 83a7f7633e214c51-MXP
expires: Fri, 29 Nov 2024 08:43:18 GMT

GET
H3 200 1.png
notes.io/theme/images/messagebox/ 208 B
770 B 35ms
34ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://notes.io/theme/images/messagebox/1.png
Requested by: Host: notes.io
URL: https://notes.io/theme/styles/notes.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f6bc396d110fdd03709c3abdff243d74ce8047aeb20b19869ec8582d0fa0c4f

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://notes.io/theme/styles/notes.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 09:55:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2087736
alt-svc: h3=":443"; ma=86400
content-length: 208
last-modified: Sun, 06 Mar 2022 21:47:54 GMT
server: cloudflare
etag: "62252c0a-d0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Re5DKRbg%2F40iBemzNJZkRrXQ1kAErRUl2cRSPVL%2FLRZZRk1vINxhJlGBYoYFc9SVsvROuydvABy0zsk2AA8BGg4FHz9p0%2FKSM57DFHMYpIpyYzo0vaQ1%2FjI9NASIc6o5nww%2Bdq%2B%2B4A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000, public, no-transform
accept-ranges: bytes
cf-ray: 83a7f763fc1bbab1-MXP
priority: u=3,i
expires: Fri, 29 Nov 2024 05:59:26 GMT

GET
H3 200 2.png
notes.io/theme/images/messagebox/ 84 B
605 B 36ms
35ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://notes.io/theme/images/messagebox/2.png
Requested by: Host: notes.io
URL: https://notes.io/theme/styles/notes.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b90937bdac082504869f2e7f5ab0cdae955ca4081694733ffd27a521e90dbaf

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://notes.io/theme/styles/notes.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 09:55:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2077904
alt-svc: h3=":443"; ma=86400
content-length: 84
last-modified: Sun, 06 Mar 2022 21:47:54 GMT
server: cloudflare
etag: "62252c0a-54"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CzazfeFUmBNqZij7aLc52owq4U%2Fn%2FVxHaqvRvwjnyrV5c04QbFZA02axzLU4KlugrfJvinlUPhBsrO9GVAVkjIZdgO%2FR9BowDNTaYZ9jEvGaq2Ahv1XqSFMGzv1astirw3wPS%2Fk5Qw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000, public, no-transform
accept-ranges: bytes
cf-ray: 83a7f763fc1dbab1-MXP
priority: u=3,i
expires: Fri, 29 Nov 2024 08:43:18 GMT

GET
H3 200 closeBTN.png
notes.io/theme/images/messagebox/ 662 B
1 KB 37ms
36ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://notes.io/theme/images/messagebox/closeBTN.png
Requested by: Host: notes.io
URL: https://notes.io/theme/styles/notes.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6ab241fbbf7c976659bcaa9cbb5c1367d899b47ce4dcd25a58e633dfef1ea7e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://notes.io/theme/styles/notes.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 09:55:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1338271
alt-svc: h3=":443"; ma=86400
content-length: 662
last-modified: Sun, 06 Mar 2022 21:47:54 GMT
server: cloudflare
etag: "62252c0a-296"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wJfgn3mTFvWfoVrUn07RhB9qbpcMHnd2BdKpxgGRZJ9JYOwgwQFkLZK5h7639yYiAd3tNpAI1ngtnGl5zc%2Bd5%2FOz192onLQ3VMfOZg7W%2F%2Bw98DLgj8Xm2i8x0RXZmrG1xduAkBeIhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000, public, no-transform
accept-ranges: bytes
cf-ray: 83a7f763fc1ebab1-MXP
priority: u=3,i
expires: Sat, 07 Dec 2024 22:10:31 GMT

GET
H3 200 3.png
notes.io/theme/images/messagebox/ 216 B
733 B 45ms
44ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://notes.io/theme/images/messagebox/3.png
Requested by: Host: notes.io
URL: https://notes.io/theme/styles/notes.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb00fe51694e9a062bdd78d55e256b8b9b512907f1f886c952b1e6184fa4f3f4

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://notes.io/theme/styles/notes.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 09:55:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2077904
alt-svc: h3=":443"; ma=86400
content-length: 216
last-modified: Sun, 06 Mar 2022 21:47:54 GMT
server: cloudflare
etag: "62252c0a-d8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wAC6gabpJ9PmFiQcllEA6eNogagGdZDl36btoYImf2u555o79zKDqiz%2B72BDGekvQDizt5AyfdMu4NtFFERknMZ8T%2F554O9fWi%2F2PduijIr12LmIxDDoSdqBWlFKoYprqmcc9w7xpg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000, public, no-transform
accept-ranges: bytes
cf-ray: 83a7f763fc20bab1-MXP
priority: u=3,i
expires: Fri, 29 Nov 2024 08:43:18 GMT

GET
H3 200 4.png
notes.io/theme/images/messagebox/ 80 B
602 B 43ms
42ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://notes.io/theme/images/messagebox/4.png
Requested by: Host: notes.io
URL: https://notes.io/theme/styles/notes.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd43d486434121095a1a87b10d00af75be9b3876da1b100cabdad4fc1ec08699

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://notes.io/theme/styles/notes.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 09:55:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2258961
alt-svc: h3=":443"; ma=86400
content-length: 80
last-modified: Sun, 06 Mar 2022 21:47:54 GMT
server: cloudflare
etag: "62252c0a-50"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bx59Eqmk%2FCn6qOJ5iKhXm1oz8eamfhCHpk%2FoaHA21MwP4TWQm3Kkgt62aQ3pdQ65WiflUI4XYVbTDbSQl28JqeEbbEsA0LjUr7eY97%2BbUp5%2BeChKZ5Mm%2Bgmgt4I7v4ytJ2EnKVZkcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000, public, no-transform
accept-ranges: bytes
cf-ray: 83a7f763fc21bab1-MXP
priority: u=3,i
expires: Wed, 27 Nov 2024 06:25:41 GMT

GET
H3 200 5.png
notes.io/theme/images/messagebox/ 81 B
602 B 39ms
38ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://notes.io/theme/images/messagebox/5.png
Requested by: Host: notes.io
URL: https://notes.io/theme/styles/notes.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a2e6f4e3b47708f456723686f7229139f65c9590fd610ad4483aa37ab623100e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://notes.io/theme/styles/notes.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 09:55:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2258961
alt-svc: h3=":443"; ma=86400
content-length: 81
last-modified: Sun, 06 Mar 2022 21:47:54 GMT
server: cloudflare
etag: "62252c0a-51"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TnZM6G0jthltaDskmy28hHECE2V5coRiJrAilb9IvWXGafIx1%2FJAHLs5QTB27ztpPZ%2Flpmf%2BnRf%2FO2e%2FQKtrb42jErHVwl4Jbqlq6tFlpYEm2x90vPjiJKGfsQMpENepnQ4OQfTVbg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000, public, no-transform
accept-ranges: bytes
cf-ray: 83a7f763fc22bab1-MXP
priority: u=3,i
expires: Wed, 27 Nov 2024 06:25:41 GMT

GET
H3 200 6.png
notes.io/theme/images/messagebox/ 190 B
718 B 43ms
42ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://notes.io/theme/images/messagebox/6.png
Requested by: Host: notes.io
URL: https://notes.io/theme/styles/notes.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 67fd821b8cbf7173173b93ab14e85ec18d6a244a7f5d9389e8048f5d9c38fbdc

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://notes.io/theme/styles/notes.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 09:55:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2099908
alt-svc: h3=":443"; ma=86400
content-length: 190
last-modified: Sun, 06 Mar 2022 21:47:54 GMT
server: cloudflare
etag: "62252c0a-be"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a8BovP%2Bk%2Fl%2FRwUJWb%2FwPsTv%2FAoyk5njVS2nFcQ0C%2FlV4SMCP8JY1OWKZ3%2FQGgnFlYpVRpnouvV3h0kIuKk1Tkr7NDI6IqZBjCl4xN2a%2Fgtj3HAHzZCaI0X03vxIYwvTa93vgbhfqZw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000, public, no-transform
accept-ranges: bytes
cf-ray: 83a7f763fc23bab1-MXP
priority: u=3,i
expires: Fri, 29 Nov 2024 02:36:34 GMT

GET
H3 200 7.png
notes.io/theme/images/messagebox/ 84 B
609 B 38ms
37ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://notes.io/theme/images/messagebox/7.png
Requested by: Host: notes.io
URL: https://notes.io/theme/styles/notes.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e3483b903087992179e337c5b50d3d1768181543b2615915bb53529190fabee

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://notes.io/theme/styles/notes.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 09:55:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2258962
alt-svc: h3=":443"; ma=86400
content-length: 84
last-modified: Sun, 06 Mar 2022 21:47:54 GMT
server: cloudflare
etag: "62252c0a-54"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ho82kjQll3kSZouwL4BPKVAui16%2B%2BwiwNK%2B7ysCEyNL3DdCIuvejQCLWwowfSrvbYrDFTTfhnSOKhXxtD8jUn1LX8%2FmCJKPdJcaLd%2Bh9MAQaU8%2B5k4CRVjZTweqUUHho9GIeGTDbrw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000, public, no-transform
accept-ranges: bytes
cf-ray: 83a7f763fc25bab1-MXP
priority: u=3,i
expires: Wed, 27 Nov 2024 06:25:40 GMT

GET
H3 200 8.png
notes.io/theme/images/messagebox/ 195 B
716 B 41ms
40ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://notes.io/theme/images/messagebox/8.png
Requested by: Host: notes.io
URL: https://notes.io/theme/styles/notes.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46d72aae9d4a3d95505f41765ef9f541d3bde5b21ddfa63ca2ac5b9b2fed6003

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://notes.io/theme/styles/notes.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 09:55:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2258961
alt-svc: h3=":443"; ma=86400
content-length: 195
last-modified: Sun, 06 Mar 2022 21:47:54 GMT
server: cloudflare
etag: "62252c0a-c3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BbVYufSOqcYCjXvC8Kd3tJyja0deXIkH9nDV1U4TUb22Lun8DxkjR65QIYHqa%2BjK4hVnc1KU6J9F0MUTgKQJPbTtwomxFrPyQl3VruprJjesoQAc1CvW6%2B9u5P3w7nm%2FMbX907oomg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000, public, no-transform
accept-ranges: bytes
cf-ray: 83a7f763fc26bab1-MXP
priority: u=3,i
expires: Wed, 27 Nov 2024 06:25:41 GMT

GET
H3 200 closeBtn.png
notes.io/theme/images/ 644 B
1 KB 36ms
36ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://notes.io/theme/images/closeBtn.png
Requested by: Host: notes.io
URL: https://notes.io/theme/styles/notes.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7cd13946687442925b2383aeb0273086a585e5d3bc3733de296ca83528d34aa1

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://notes.io/theme/styles/notes.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 09:55:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1995805
alt-svc: h3=":443"; ma=86400
content-length: 644
last-modified: Sun, 06 Mar 2022 21:47:54 GMT
server: cloudflare
etag: "62252c0a-284"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ruMcdEsQXgOqdNgOtr3WOsHoz8uYhcD8KX45lnYuLhqtzfimvQXtifYHTurMMO6XdRribvFEmwewMe879A2ebKHf8RWtg0ak%2FtC6y%2BFJXFGowABANLakAHyquGfXCBIRYrVFreXTPw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000, public, no-transform
accept-ranges: bytes
cf-ray: 83a7f7640c28bab1-MXP
priority: u=3,i
expires: Sat, 30 Nov 2024 07:31:37 GMT

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ 399 KB
135 KB 115ms
114ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d1980b2ff1c1bc1d1a109f41807602e60ffb9d741dd2d20ebdf818b785b0891

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://notes.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 09:55:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137924
x-xss-protection: 0
server: cafe
etag: 12092095142277381491
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 24 Dec 2023 09:55:02 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/ Frame 4D2A 9 KB
4 KB 161ms
51ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://notes.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 72324
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 23 Dec 2023 13:49:38 GMT
etag: 5585625838579639069
expires: Sat, 06 Jan 2024 13:49:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
region1.analytics.google.com/g/ 0
248 B 115ms
43ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-H0XVNMGVTV&gtm=45je3bt0v9131004855&_p=1703411702315&_gaz=1&gcd=11l1l1l1l1&dma=0&cid=763161084.1703411703&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1703411702&sct=1&seg=0&dl=https%3A%2F%2Fnotes.io%2Fwt7uU&dt=10%20Unexpected%20ADHD%20Private%20%3A%20Notes&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=569
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H0XVNMGVTV
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://notes.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 09:55:02 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://notes.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
248 B 111ms
37ms Ping
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-H0XVNMGVTV&cid=763161084.1703411703&gtm=45je3bt0v9131004855&aip=1&dma=0&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H0XVNMGVTV
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://notes.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 09:55:02 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://notes.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.ch/ads/ 42 B
408 B 181ms
60ms Image
image/gif 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ch/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-H0XVNMGVTV&cid=763161084.1703411703&gtm=45je3bt0v9131004855&aip=1&dma=0&gcd=11l1l1l1l1&z=1038687143

Requested by

Host: notes.io
URL: https://notes.io/wt7uU

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://notes.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 09:55:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A307 36 KB
15 KB 307ms
306ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4070502493653474&output=html&h=200&slotname=3868234696&adk=549409105&adf=954533980&pi=t.ma~as.3868234696&w=1200&fwrn=4&lmt=1703411702&rafmt=11&format=1200x200&url=https%3A%2F%2Fnotes.io%2Fwt7uU&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703411702525&bpp=3&bdt=311&idt=230&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&correlator=3251519291353&frm=20&pv=2&ga_vid=763161084.1703411703&ga_sid=1703411703&ga_hid=577917265&ga_fc=1&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=194&ady=122&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079438%2C31079714%2C31079964%2C31079979%2C31080103%2C95320885&oid=2&pvsid=3792896025820638&tmod=245286006&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=241

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

93e37bf47869885c0a24760fa9b6b4701f167af8fa9cf25f46e92435bb395aa5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://notes.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 14743
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 24 Dec 2023 09:55:03 GMT
expires: Sun, 24 Dec 2023 09:55:03 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3779 39 KB
16 KB 328ms
327ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4070502493653474&output=html&h=90&adk=3669304273&adf=1363183586&w=728&lmt=1703411702&format=728x90&url=https%3A%2F%2Fnotes.io%2Fwt7uU&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703411702528&bpp=1&bdt=314&idt=245&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x200&correlator=3251519291353&frm=20&pv=1&ga_vid=763161084.1703411703&ga_sid=1703411703&ga_hid=577917265&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=430&ady=4612&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079438%2C31079714%2C31079964%2C31079979%2C31080103%2C95320885&oid=2&pvsid=3792896025820638&tmod=245286006&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=248

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8e5b9418bd1477cbb686818accc2a39caae33da9a5ea8f25d18c26a9955fb90b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://notes.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 16191
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 24 Dec 2023 09:55:03 GMT
expires: Sun, 24 Dec 2023 09:55:03 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6369 77 KB
21 KB 628ms
628ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4070502493653474&output=html&adk=1812271804&adf=3025194257&lmt=1703411702&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x810_l%7C500x810_r&format=0x0&url=https%3A%2F%2Fnotes.io%2Fwt7uU&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703411702541&bpp=2&bdt=327&idt=236&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x200%2C728x90&nras=1&correlator=3251519291353&frm=20&pv=1&ga_vid=763161084.1703411703&ga_sid=1703411703&ga_hid=577917265&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079438%2C31079714%2C31079964%2C31079979%2C31080103%2C95320885&oid=2&pvsid=3792896025820638&tmod=245286006&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=244

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a96bb3b367d8f7e4e5a1d4695b148646f7e26975c9cb155ec4f0b20a0a9d1e66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://notes.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 21683
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 24 Dec 2023 09:55:03 GMT
expires: Sun, 24 Dec 2023 09:55:03 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 317B 203 KB
58 KB 212ms
124ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZYf_9gAMLCcKcbbRAA0z3Cirf8HTuOYs4xne9A&u=%7C0vN2%2BO0XR2pZYNICeFBiXW6h%2BxPBM8a5mzwbjz%2BPKnE%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNq3-pxKMVsrD8omUlRR6RplaanJFN1_xneJ9StvaC69D8Q5nm2qV2mOt5pyOAVEnFg8oDMuDw76twDb84BZs1Wfmnp3HF7nWacG-caQ7lQ_Im3_SqAHOjU23cKLsRyLhnzEk8-_3s9Vc9B2slpvvdbqr0A-oTdN4qPCFjTmKTMd0N9ObYN4rH6jwK44EyfQRtsbefPOTceYa0lcpEZFDJRseQJHEvhZC3aBOXWl3Oh6yUfDdV5DklzA1oPIfbzK2boxndn3cfye3kFyV3jGoWWsvYssbrDLBcUqj1S1-Z0DTgchew4F72s-mWOwyE26zwlXqkIBlA8MFMN-XpI0NZ_dTib2yMZ3HvEEojpYKMKbTb-TDgwqKIVieq-ekdUCJ35NN9zENvqxtGWN9i5Jt_NoiPM8BeSL_dQ6wRCG2_sW1Dy1fpj_rI7iZKpUZajPgLdOKaZYjxQr9xG2UCmE0oeX--ZgwApjPsvFbMlZKLQ33N3kXzZccEPC_MQRbdXj-htWQWu2MbzjnIRKA1lihscpejVg1TGkliN2pQpEXlZ0AmdNwI8RCT4qS0x4-yh69vol166bbSpNgi&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRjL49v-HZafYMNHtxgPc57Q4yZ7SsVzNhuPWkwHAjbcBEAEgAGD1BYIBF2NhLXB1Yi00MDcwNTAyNDkzNjUzNDc0yAEJqQJx9dySZnqyPqgDAcgDAqoE6QFP0PFzwkkOAgOvWDqIBYC-4HVq23JeyRhX7Tr_WCgDOrugvdOHE0pboxuYTQaeyAifkXwPV0o6RP-FWo1c8jGrZnbK9FWp0BBBrlPRqkJv6t_fLQsFhyrP8JQzk23sfK-RQI4tcawfHyo1p7tFX3rpgEkXEBIfVNTOBXqGN6ZyK5pJJfYTGS_pbLsGvnxowVK5AgqnD5A0Q7nxK3a7gSQNbZyCey5BhQbvXBzTLAg4MWkqmIt0f_9nA8pBoghHKmXoZ43rxrjzd56mnuUwfhGr8tWy3kZZZkFIw3w8tJvGSW7WkM7ySwLsH4AGo4nZrNr2yIZQoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WPGNzovnp4MD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_059grYbNwvHj1l8K66Bl_0kXG4Jw%26client%3Dca-pub-4070502493653474%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4070502493653474&output=html&h=200&slotname=3868234696&adk=549409105&adf=954533980&pi=t.ma~as.3868234696&w=1200&fwrn=4&lmt=1703411702&rafmt=11&format=1200x200&url=https%3A%2F%2Fnotes.io%2Fwt7uU&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703411702525&bpp=3&bdt=311&idt=230&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&correlator=3251519291353&frm=20&pv=2&ga_vid=763161084.1703411703&ga_sid=1703411703&ga_hid=577917265&ga_fc=1&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=194&ady=122&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079438%2C31079714%2C31079964%2C31079979%2C31080103%2C95320885&oid=2&pvsid=3792896025820638&tmod=245286006&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=241

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

8ec07804f571b1a26149ea652468127a180ba6335509bb1bf2a99808e469e460

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Sun, 24 Dec 2023 09:55:02 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=P42uNQHmW9-8f12LlJERCSjSj_C5B0K9msrdGGU02BovTpbs44QQvM_E3F2UFyEYMDgYyWMH1Tu6WCivdnXRQ_8wJrSweIW1xDtYqs07y96rend2VVhjiB_TicSTMPIOcNrAfXUMqxxhYz6kWxnolpgIBqKVVaPeYgJ7GAy_ZjTaTQpDQlDuKwS-wX7aXJLE27J5ByjEjedntb7gCI3Q-A4Tgqkvsy9AcKycl6MvksPImgizZesQyj9qfibN_x16w6_h6Q"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 55129496
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame A307 3 KB
1 KB 103ms
38ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 20:41:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47584
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 06 Jan 2024 20:41:59 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame A307 20 KB
9 KB 93ms
29ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28844
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 Jan 2024 01:54:19 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame A307 203 KB
65 KB 151ms
86ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 09:55:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 24 Dec 2023 09:55:03 GMT

GET
H2 200 widget.js Show response
widgets.outbrain.com/n2d/widget/ Frame 3779 53 KB
14 KB 93ms
34ms Script
application/x-javascript 184.30.17.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/n2d/widget/widget.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4070502493653474&output=html&h=90&adk=3669304273&adf=1363183586&w=728&lmt=1703411702&format=728x90&url=https%3A%2F%2Fnotes.io%2Fwt7uU&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703411702528&bpp=1&bdt=314&idt=245&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x200&correlator=3251519291353&frm=20&pv=1&ga_vid=763161084.1703411703&ga_sid=1703411703&ga_hid=577917265&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=430&ady=4612&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079438%2C31079714%2C31079964%2C31079979%2C31080103%2C95320885&oid=2&pvsid=3792896025820638&tmod=245286006&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=248
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-67.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 86d45e218fa301b4e1f81d6ecad50c1a8f847e669aa2d9c91f0b487ceb56b67f

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-request-headers: X-OB-STG,X-OB-PRD
date: Sun, 24 Dec 2023 09:55:03 GMT
content-encoding: gzip
content-length: 13570
last-modified: Thu, 21 Dec 2023 11:55:58 GMT
server: AkamaiNetStorage
etag: "0870125456b597823ee2a02abcdfe5cb:1703160319.705865"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
expires: Sun, 24 Dec 2023 13:55:03 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 3779 3 KB
1 KB 72ms
37ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4070502493653474&output=html&h=90&adk=3669304273&adf=1363183586&w=728&lmt=1703411702&format=728x90&url=https%3A%2F%2Fnotes.io%2Fwt7uU&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703411702528&bpp=1&bdt=314&idt=245&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x200&correlator=3251519291353&frm=20&pv=1&ga_vid=763161084.1703411703&ga_sid=1703411703&ga_hid=577917265&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=430&ady=4612&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079438%2C31079714%2C31079964%2C31079979%2C31080103%2C95320885&oid=2&pvsid=3792896025820638&tmod=245286006&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=248

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 20:41:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47584
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 06 Jan 2024 20:41:59 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 3779 20 KB
8 KB 68ms
32ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28844
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 Jan 2024 01:54:19 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3779 203 KB
64 KB 157ms
127ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 09:55:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 24 Dec 2023 09:55:03 GMT

GET
DATA 200
OK truncated
/ Frame A307 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fcfebc8c44f4bafecc91011df455412553173eb94caf02983686d201d8ee0dce

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 achoice.svg
widgets.outbrain.com/images/widgetIcons/ Frame 3779 990 B
1 KB 50ms
50ms Image
image/svg+xml 184.30.17.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4070502493653474&output=html&h=90&adk=3669304273&adf=1363183586&w=728&lmt=1703411702&format=728x90&url=https%3A%2F%2Fnotes.io%2Fwt7uU&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703411702528&bpp=1&bdt=314&idt=245&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x200&correlator=3251519291353&frm=20&pv=1&ga_vid=763161084.1703411703&ga_sid=1703411703&ga_hid=577917265&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=430&ady=4612&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079438%2C31079714%2C31079964%2C31079979%2C31080103%2C95320885&oid=2&pvsid=3792896025820638&tmod=245286006&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=248
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-67.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires: Tue, 23 Jan 2024 09:55:03 GMT
date: Sun, 24 Dec 2023 09:55:03 GMT
last-modified: Tue, 05 Dec 2023 07:28:21 GMT
server: AkamaiNetStorage
etag: "5ab8e16b5f46213840bcd403e349419c:1701762077.100249"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 990
access-control-request-headers: X-OB-STG,X-OB-PRD

GET
H/1.1 200
OK /
b1t-eudc1.zemanta.com/t/imp/impression/2ZIUJFWZRMYTZ4LXA5CXU4AW7GPXIELMZBICUC4EWIMEGGIY57UGYXTLUBONB5UXFY7EX6VKEYCDTHHYPZYA7G5BTNURFV2HO6UMG3JPHK3CPQBZQLINF63JIJ6UJN4GGPZI7YYP7FCZ6BAIX56NNXVTSZ6HOV... Frame 3779 26 B
151 B 176ms
34ms Image
image/gif 213.227.153.223
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b1t-eudc1.zemanta.com/t/imp/impression/2ZIUJFWZRMYTZ4LXA5CXU4AW7GPXIELMZBICUC4EWIMEGGIY57UGYXTLUBONB5UXFY7EX6VKEYCDTHHYPZYA7G5BTNURFV2HO6UMG3JPHK3CPQBZQLINF63JIJ6UJN4GGPZI7YYP7FCZ6BAIX56NNXVTSZ6HOVWAHYFITV5I5U3JAXEES3NA3QLF2EN4A5LVJXYV7WVOY3RNKUZR2MRJZTRA5A4QAUSIREDQK2JFUYTQM4Y6KNZRI4GT36LLHSIK5G5U4SQYE4JS6BNMW3XR5OGVWPPW47CYIYJPXWNE52KR6WTMP3G6ENXUS3CDXNFPL6UBIBCT4UXR3WRJPKBVYL6VOPFL6Q6A5NODPR6KO7EPUHYQD3VQ/?
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4070502493653474&output=html&h=90&adk=3669304273&adf=1363183586&w=728&lmt=1703411702&format=728x90&url=https%3A%2F%2Fnotes.io%2Fwt7uU&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703411702528&bpp=1&bdt=314&idt=245&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x200&correlator=3251519291353&frm=20&pv=1&ga_vid=763161084.1703411703&ga_sid=1703411703&ga_hid=577917265&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=430&ady=4612&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079438%2C31079714%2C31079964%2C31079979%2C31080103%2C95320885&oid=2&pvsid=3792896025820638&tmod=245286006&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=248
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.227.153.223 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 24 Dec 2023 09:55:03 GMT
Connection: keep-alive
Content-Length: 26
Content-Type: image/gif

GET
H2 200 0aee8a2ffe083c2e2cd0b56c86bc6928c4.png
zem.outbrainimg.com/p/srv/sha/77/c7/72/ Frame 3779 8 KB
9 KB 168ms
28ms Image
image/jpeg 146.75.118.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zem.outbrainimg.com/p/srv/sha/77/c7/72/0aee8a2ffe083c2e2cd0b56c86bc6928c4.png?fit=crop&crop=faces&w=180&h=90&fm=jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

146.75.118.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

24d18bcf8211d5ae00302987ae9d022aa37207d9adf7209fea35a98b52612c4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 09:55:03 GMT
via: 1.1 varnish
x-content-type-options: nosniff
age: 2040253
x-cache: HIT, MISS, HIT
x-imgix-id: 17580994ae37060fdac910812b5fb148904c3c2d
cross-origin-resource-policy: cross-origin
content-length: 8452
x-served-by: cache-sjc10044-SJC, cache-fra-eddf8230045-FRA, cache-fra-eddf8230024-FRA
x-imgix-render-farm: 01.140328
last-modified: Thu, 30 Nov 2023 19:10:50 GMT
server: imgix
x-timer: S1703411703.371520,VS0,VE0
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 2

GET
DATA 200
OK truncated
/ Frame 3779 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60abefb68e8ee31093c223f34165e1c5b2ea1a27b5864f693f60c49b2d07ffcc

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 317B 2 KB
1 KB 104ms
34ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZYf_9gAMLCcKcbbRAA0z3Cirf8HTuOYs4xne9A&u=%7C0vN2%2BO0XR2pZYNICeFBiXW6h%2BxPBM8a5mzwbjz%2BPKnE%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNq3-pxKMVsrD8omUlRR6RplaanJFN1_xneJ9StvaC69D8Q5nm2qV2mOt5pyOAVEnFg8oDMuDw76twDb84BZs1Wfmnp3HF7nWacG-caQ7lQ_Im3_SqAHOjU23cKLsRyLhnzEk8-_3s9Vc9B2slpvvdbqr0A-oTdN4qPCFjTmKTMd0N9ObYN4rH6jwK44EyfQRtsbefPOTceYa0lcpEZFDJRseQJHEvhZC3aBOXWl3Oh6yUfDdV5DklzA1oPIfbzK2boxndn3cfye3kFyV3jGoWWsvYssbrDLBcUqj1S1-Z0DTgchew4F72s-mWOwyE26zwlXqkIBlA8MFMN-XpI0NZ_dTib2yMZ3HvEEojpYKMKbTb-TDgwqKIVieq-ekdUCJ35NN9zENvqxtGWN9i5Jt_NoiPM8BeSL_dQ6wRCG2_sW1Dy1fpj_rI7iZKpUZajPgLdOKaZYjxQr9xG2UCmE0oeX--ZgwApjPsvFbMlZKLQ33N3kXzZccEPC_MQRbdXj-htWQWu2MbzjnIRKA1lihscpejVg1TGkliN2pQpEXlZ0AmdNwI8RCT4qS0x4-yh69vol166bbSpNgi&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRjL49v-HZafYMNHtxgPc57Q4yZ7SsVzNhuPWkwHAjbcBEAEgAGD1BYIBF2NhLXB1Yi00MDcwNTAyNDkzNjUzNDc0yAEJqQJx9dySZnqyPqgDAcgDAqoE6QFP0PFzwkkOAgOvWDqIBYC-4HVq23JeyRhX7Tr_WCgDOrugvdOHE0pboxuYTQaeyAifkXwPV0o6RP-FWo1c8jGrZnbK9FWp0BBBrlPRqkJv6t_fLQsFhyrP8JQzk23sfK-RQI4tcawfHyo1p7tFX3rpgEkXEBIfVNTOBXqGN6ZyK5pJJfYTGS_pbLsGvnxowVK5AgqnD5A0Q7nxK3a7gSQNbZyCey5BhQbvXBzTLAg4MWkqmIt0f_9nA8pBoghHKmXoZ43rxrjzd56mnuUwfhGr8tWy3kZZZkFIw3w8tJvGSW7WkM7ySwLsH4AGo4nZrNr2yIZQoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WPGNzovnp4MD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_059grYbNwvHj1l8K66Bl_0kXG4Jw%26client%3Dca-pub-4070502493653474%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 09:55:03 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 18 Dec 2024 09:55:03 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 317B 2 KB
1 KB 109ms
39ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 09:55:03 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 18 Dec 2024 09:55:03 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 317B 308 B
636 B 104ms
38ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 09:55:03 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Wed, 18 Dec 2024 09:55:03 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 317B 293 B
621 B 108ms
42ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 09:55:03 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Wed, 18 Dec 2024 09:55:03 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 317B 43 B
348 B 119ms
35ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=Zx1tH4QzBN3zN_QRqTOXoYUdmGi0xYY-my3IHH-Wa4yJUBm-hVfkO_ameZhnHDM19LMVxC3XkGvsqcqTgIL0wkcDByVX3PlJJWwx3Pg8USvM5ELVbehAkeHSPk-GuazzaQMOc-0ITFlhwPw_rU2cOZHDDr5N7Zn45kVYCbGpyemiID0jIZUzYljRyc4kNTvGJpEFIMrOEBETGisgz20dAXUSYVqilY0VBwiBRMjhMKZ-J59eFuUwqxHSKoL0eS6Pj0WWEyk1Q65wBfiimFgX2Tvd88nBBi8mJGJY_eA2p7KZe-SzMUQTmH1OMFk1-m03BYzWLTLrXTgKDLjtnlHT1l_6bkZGtBSA_M_DFa_kxigQ4M2IKaLYYrbESK2YbYhipfOuJkEhT_WFI-9JGMIs7Zffqmi0OpX3FRBeOJWH1oBHE7WE

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 09:55:02 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1641958
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 317B 12 KB
5 KB 78ms
30ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 09:55:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2275330
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IM9IttZvHV5ucOrjtC9UKaVME38WOgip9dMJtLZ2GUp7KQosSu5EeXjsu3DewGU%2BADZCAXWEUeopgVEsGFBBNcLAtD1BMvCkLGqGm1JH1ofbGtN9JhGwLhQ0h0AVKneP81WkTWXrHz0zTRmwQyT94UoD"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 83a7f76a7d9524be-ZRH
expires: Fri, 13 Dec 2024 09:55:03 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 317B 12 KB
6 KB 94ms
37ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 09:55:03 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 18 Dec 2024 09:55:03 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 317B 1 KB
1 KB 158ms
80ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=396&m=0&partner=97215&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F97215%2F230227%2Fb895686af0ef4c14b7c7a731718d4377_magnanni.logo-2x.jpg&v=3&w=196&rid=4&s=MPGoGo7rZSL1Td69d3HmL1So

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

0a51b3c32576974ef48aa7c6bc2cd9b881ff3f229c90aa4d7fe9983c4842bbdc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 09:55:03 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 1252
expires: Tue, 03 Dec 2024 03:04:40 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 317B 7 KB
7 KB 157ms
79ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=97215&q=80&r=0&u=https%3A%2F%2Feu.magnanni.com%2Fmedia%2Fcatalog%2Fproduct%2F2%2F5%2F25314_men_onyx_grey-and-navy_side.jpg&v=3&w=400&rid=4&s=M44JQ3K5J7bbQc3Tn7FSq-MN&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

648f54c430d2c6a851bd1708961ccd63740adf397470750354a631b0350a77e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 09:55:02 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 6868
expires: Fri, 13 Dec 2024 07:58:33 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 317B 5 KB
5 KB 145ms
67ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=97215&q=80&r=0&u=https%3A%2F%2Feu.magnanni.com%2Fmedia%2Fcatalog%2Fproduct%2F2%2F4%2F24815_men_andreo_navy_side.jpg&v=3&w=400&rid=4&s=JS_RmfTka2FXU6uVUHIliHO5&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

87e5bce0f9cb02b3849976db08535f08895614573931f8ff4ed32934ff786c2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 09:55:02 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 4934
expires: Tue, 03 Dec 2024 15:41:32 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 317B 4 KB
4 KB 156ms
78ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=97215&q=80&r=0&u=https%3A%2F%2Feu.magnanni.com%2Fmedia%2Fcatalog%2Fproduct%2F2%2F4%2F24534_men_jadiel_black_side.jpg&v=3&w=400&rid=4&s=0Ib2rwCtSYGMLxirUAh6_NQR&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

927aae7eaa3046904366f7b811e82e802f791f53071cc8d3c30dc12de0dd9cfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 09:55:03 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 4102
expires: Fri, 06 Dec 2024 15:41:55 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 317B 7 KB
7 KB 114ms
37ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=97215&q=80&r=0&u=https%3A%2F%2Feu.magnanni.com%2Fmedia%2Fcatalog%2Fproduct%2F2%2F4%2F24004-8_men_cody_safari-suede_side.jpg&v=3&w=400&rid=4&s=rP3Alwmwxep3_zlHf3dUYicy&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

04f4d53be8c040a227c2b64232ff8b1ce8de132b02273d391e615927e5f85eac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 09:55:02 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 6892
expires: Mon, 16 Dec 2024 18:44:33 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 317B 5 KB
6 KB 119ms
41ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=97215&q=80&r=0&u=https%3A%2F%2Feu.magnanni.com%2Fmedia%2Fcatalog%2Fproduct%2F2%2F5%2F25499_men_levu_midbrown_side.jpg&v=3&w=400&rid=4&s=WvguxOZGWH5vHTX7vq5KeohH&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

530b140be7e578c5ab6f6c237c919ada37ef79232c39ca8aef547ed6338825d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 09:55:02 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 5438
expires: Sat, 14 Dec 2024 09:50:03 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 317B 5 KB
5 KB 88ms
87ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=97215&q=80&r=0&u=https%3A%2F%2Feu.magnanni.com%2Fmedia%2Fcatalog%2Fproduct%2F2%2F5%2F25075_women_arlyne_cognac-and-brown_side_v2.jpg&v=3&w=400&rid=4&s=oPPVNRsbETtijNAih2HkN6eq&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

d976ed13a180b2f8babe70192b787533252166c03c147c85843d9d58f328095c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 09:55:03 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 5068
expires: Sat, 14 Dec 2024 08:14:51 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 317B 7 KB
8 KB 83ms
82ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=97215&q=80&r=0&u=https%3A%2F%2Feu.magnanni.com%2Fmedia%2Fcatalog%2Fproduct%2F2%2F4%2F24821_men_montana-v_cuero_side_v2.jpg&v=3&w=400&rid=4&s=L5tF9gI2frAOQBMp08MJ3BLc&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

6a9247786fa121a1efb13d4c1b1908ca31882ec3764eecf0364da233fd6e1fbc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 09:55:02 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 7568
expires: Fri, 06 Dec 2024 15:30:44 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 317B 5 KB
5 KB 106ms
105ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=97215&q=80&r=0&u=https%3A%2F%2Feu.magnanni.com%2Fmedia%2Fcatalog%2Fproduct%2F2%2F4%2F24800_men_xavier_brown_side.jpg&v=3&w=400&rid=4&s=1DuDugaDzSAk9NanyNS_9H9n&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

32ee7e6142b97c6fb2f0cb1bfc7b78f819d2ae4b851a7828c4a8ceb7d0685336

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 09:55:03 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 5416
expires: Fri, 06 Dec 2024 08:42:58 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 317B 8 KB
8 KB 105ms
104ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=97215&q=80&r=0&u=https%3A%2F%2Feu.magnanni.com%2Fmedia%2Fcatalog%2Fproduct%2F2%2F4%2F24788-6_men_marcelo_cognac_side.jpg&v=3&w=400&rid=4&s=nsECWqa-sOgJDVk-HsGtqkFr&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

27ee29e8f92c3913ab60d79989625113a2a3778bfb0a1b00489c6b8d131e8e5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 09:55:03 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 8370
expires: Sat, 14 Dec 2024 09:30:32 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 317B 5 KB
5 KB 107ms
106ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=97215&q=80&r=0&u=https%3A%2F%2Feu.magnanni.com%2Fmedia%2Fcatalog%2Fproduct%2F2%2F4%2F24722_men_reddik-ii_black_side.jpg&v=3&w=400&rid=4&s=gwG5Nxer__ziREMxkIy95A7u&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

ce8d0d9355a24e71c7a88488af4498b4ff04ee1f101ed8b2200de9b31b3174e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 09:55:02 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 4658
expires: Fri, 06 Dec 2024 10:04:14 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 317B 5 KB
6 KB 110ms
109ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=97215&q=80&r=0&u=https%3A%2F%2Feu.magnanni.com%2Fmedia%2Fcatalog%2Fproduct%2F2%2F4%2F24139_men_abel_taupe_side.jpg&v=3&w=400&rid=4&s=spgSEfOKT9vr1UaPc92I_Vyc&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

83e4efa73bc2c7a3edf7709f5674c5f351d6b5d398b48388ddfdbdcc890fe87d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 09:55:02 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 5610
expires: Fri, 06 Dec 2024 14:12:18 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 317B 3 KB
4 KB 119ms
118ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=97215&q=80&r=0&u=https%3A%2F%2Feu.magnanni.com%2Fmedia%2Fcatalog%2Fproduct%2F1%2F3%2F13232-888_men_cruz_safari_side.jpg&v=3&w=400&rid=4&s=wj_UxkkVBdNWL-qjr_TxevwA&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

d138d1a17eea08d9800f3f569857130a5e90b0aa04b9cdfe22a32126fa97ef92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 09:55:03 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 3576
expires: Fri, 29 Nov 2024 06:29:43 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 317B 6 KB
6 KB 113ms
112ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=97215&q=80&r=0&u=https%3A%2F%2Feu.magnanni.com%2Fmedia%2Fcatalog%2Fproduct%2F2%2F5%2F25360_men_romero-iii_grey-suede_side.jpg&v=3&w=400&rid=4&s=cetv41CZSEfEIKKfFo-7T4CA&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

84d8189e6ea9ef938931b17ed2e11a543356be0840e424c9f1e04ade2cc316bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 09:55:02 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 6224
expires: Sat, 14 Dec 2024 08:21:11 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 317B 4 KB
4 KB 116ms
115ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=97215&q=80&r=0&u=https%3A%2F%2Feu.magnanni.com%2Fmedia%2Fcatalog%2Fproduct%2F2%2F4%2F24838_men_santo_black_side.jpg&v=3&w=400&rid=4&s=R8CojS13EianrdSA8sKncRJ4&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

1eed1d67d6a9d31f89ba331d090138d8ece3878c66e503cd748a71a8770b2e00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 09:55:02 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 4158
expires: Sun, 08 Dec 2024 15:49:42 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 317B 6 KB
6 KB 123ms
122ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=97215&q=80&r=0&u=https%3A%2F%2Feu.magnanni.com%2Fmedia%2Fcatalog%2Fproduct%2F2%2F2%2F22294_men_geo_taupe_side.jpg&v=3&w=400&rid=4&s=bZRuh_jvQyPfh9yROu1nj1GT&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

d7a8ba21ccda994b2162bc01608b70f548f5ee0b577b4ef92043a24bc3e8cb2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 09:55:02 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 6360
expires: Fri, 06 Dec 2024 11:20:05 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 317B 7 KB
7 KB 132ms
131ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=97215&q=80&r=0&u=https%3A%2F%2Feu.magnanni.com%2Fmedia%2Fcatalog%2Fproduct%2F2%2F3%2F23859_men_minos_cuero_side.jpg&v=3&w=400&rid=4&s=tAooxVH5Aytyps1qntvLVqDP&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

2562cd4b9b6658553bde47cfa6285a9ff75e0e688aa11ffd18494dbac5750df6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 09:55:03 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 6676
expires: Tue, 03 Dec 2024 15:59:25 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 317B 6 KB
6 KB 139ms
138ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=97215&q=80&r=0&u=https%3A%2F%2Feu.magnanni.com%2Fmedia%2Fcatalog%2Fproduct%2F0%2F1%2F013341_1_magnanni_cabrera_cuero_23953_side.jpg&v=3&w=400&rid=4&s=9KiRajbDGkfy8PpgQhjz1pbA&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

aa8d0a9541b493b851eb7895743b25b190eb124920d33b949898ae29d2c8275c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 09:55:02 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 5734
expires: Tue, 03 Dec 2024 07:16:22 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 317B 4 KB
4 KB 128ms
127ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=97215&q=80&r=0&u=https%3A%2F%2Feu.magnanni.com%2Fmedia%2Fcatalog%2Fproduct%2F2%2F5%2F25282_men_danillo_sky-blue-suede_side.jpg&v=3&w=400&rid=4&s=WS09maA8YFm8TVAjEnJ-0dxa&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

41584fbff76e300573505bcd27aefcbbd8993f1762d5441299fe494d430a52de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 09:55:03 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 4174
expires: Thu, 05 Dec 2024 02:04:31 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 317B 6 KB
6 KB 125ms
124ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=97215&q=80&r=0&u=https%3A%2F%2Feu.magnanni.com%2Fmedia%2Fcatalog%2Fproduct%2F2%2F5%2F25121-13_men_loda_taupe-suede_side.jpg&v=3&w=400&rid=4&s=LDX8cfzxZfIgUvLVZuypEgjN&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

dea147b204d79e0b2e7be22298a3125aaf750d4df41e01e0c52acc0cb97f2d52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 09:55:02 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 5636
expires: Fri, 06 Dec 2024 11:55:26 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 317B 9 KB
9 KB 137ms
136ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=97215&q=80&r=0&u=https%3A%2F%2Feu.magnanni.com%2Fmedia%2Fcatalog%2Fproduct%2F2%2F5%2F25447-13_men_daroca_torba_side.jpg&v=3&w=400&rid=4&s=eAfNQ46kOb4J6oariaHdXz8A&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

52ab32a502a79bcd4ebc6bc1755facd05754b9f9500d234c62a5471e07f4867f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 09:55:02 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 9262
expires: Sat, 14 Dec 2024 13:40:38 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 317B 5 KB
5 KB 133ms
133ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=97215&q=80&r=0&u=https%3A%2F%2Feu.magnanni.com%2Fmedia%2Fcatalog%2Fproduct%2F2%2F4%2F24548_women_astro_white_side_v2.jpg&v=3&w=400&rid=4&s=NPwq_tKOEvI5tzfoyDXMxO-j&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

63cec35da28301108fc71bbdcfaf16bc6b6f320b94bff5937ec811e869dfd569

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 09:55:03 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 4746
expires: Tue, 03 Dec 2024 16:08:02 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 317B 0
128 B 123ms
41ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=P42uNQHmW9-8f12LlJERCSjSj_C5B0K9msrdGGU02BovTpbs44QQvM_E3F2UFyEYMDgYyWMH1Tu6WCivdnXRQ_8wJrSweIW1xDtYqs07y96rend2VVhjiB_TicSTMPIOcNrAfXUMqxxhYz6kWxnolpgIBqKVVaPeYgJ7GAy_ZjTaTQpDQlDuKwS-wX7aXJLE27J5ByjEjedntb7gCI3Q-A4Tgqkvsy9AcKycl6MvksPImgizZesQyj9qfibN_x16w6_h6Q&sds=2&rev=89863&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 24 Dec 2023 09:55:02 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 317B 2 KB
1 KB 50ms
50ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 09:55:03 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 18 Dec 2024 09:55:03 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 317B 2 KB
1 KB 34ms
34ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 09:55:03 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 18 Dec 2024 09:55:03 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 3779 0
23 B 95ms
95ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C2XFQ9v-HZbmTMZK-1fAPlo6HwAzXrJyCbsrq_Lz9EMCNtwEQASAAYPUFggEXY2EtcHViLTQwNzA1MDI0OTM2NTM0NzTIAQmoAwHIAwKqBOkBT9C9ptG3v-rG1wozUPYy4xqVPLZzNpb7wYmSJMbua5K7mVMO3ZLuyKmE8G_IUkqzAcVswuc4m-Zn4NkEBOfcP3TWBb8QJ66QD8A5hgGI0OANKv9CAdCzZAD323P3OwsCP30wNE19Vxt-45WKnX4sGlfjzcaFl53w0IseD9tIOiyuBOvC7H3IBE6jcVqqVXv5utgzhjbwXpC8tQdyIhhl2-Wq6Z_etFXeqqacI3Hox0OBmEXmlhszbJG01wNhtk-HJLAnRfSk7wVNA3gtMEGk-pwAZybBfzeIvbyxuBr3Uvl5RumwKRoYWVOABvqF-e-QpsK64gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpYusvOi-engwOACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNDA3MDUwMjQ5MzY1MzQ3NBgA&sigh=11nr5-pLEJA&uach_m=%5BUACH%5D&cid=CAQSTgAvHhf_pk_wG0QeGnVqVYC8GHkW7ZZuPCQdffMq_rQCIuKhMp7iHj9mZ9KCARknyzEgxrt_W7dlBKfgjz-JsSC_Tbi5lkqj96kAdwRl3BgB&cbvp=2&vis=1

Requested by

Host: notes.io
URL: https://notes.io/wt7uU

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4070502493653474&output=html&h=90&adk=3669304273&adf=1363183586&w=728&lmt=1703411702&format=728x90&url=https%3A%2F%2Fnotes.io%2Fwt7uU&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703411702528&bpp=1&bdt=314&idt=245&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x200&correlator=3251519291353&frm=20&pv=1&ga_vid=763161084.1703411703&ga_sid=1703411703&ga_hid=577917265&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=430&ady=4612&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079438%2C31079714%2C31079964%2C31079979%2C31080103%2C95320885&oid=2&pvsid=3792896025820638&tmod=245286006&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=248
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 24 Dec 2023 09:55:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 24 Dec 2023 09:55:03 GMT

GET
H/1.1 200
OK /
b1-eudc1.zemanta.com/bidder/win/googleadx_display/82123567-a242-11ee-a0a8-7b757e17da95/ZYf_9gAMSbkIFV8SAAHHFji1wPDfwXm2vgoP9A/ZK6COPOXZ7UZXM3LJBECMT677Q7TQBI3WATPP6JR2XVVHG4U4P7G6JU2ADLBX736P2D474A... Frame 3779 0
99 B 108ms
37ms Image
text/plain 213.227.153.222
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b1-eudc1.zemanta.com/bidder/win/googleadx_display/82123567-a242-11ee-a0a8-7b757e17da95/ZYf_9gAMSbkIFV8SAAHHFji1wPDfwXm2vgoP9A/ZK6COPOXZ7UZXM3LJBECMT677Q7TQBI3WATPP6JR2XVVHG4U4P7G6JU2ADLBX736P2D474AUUD32SH57VR3VEJXMNHIPFAGFYSRXIGGEUW2FYBDVY6INB752WRNLUU2WZMAIRVIH73KU32BMELQR6MME5THLAMOWZQFUMXKCIMFMJAKLHMHEJCZABD6O6V2VK7SP4XNKKO3FITZZ24YZIBUUDPZZMLPFC7P5EJSSEYHPMUKZ52UF76S4OMKOJEFMPU3T6RSC5VQ3MCSJVSSXUL5KH4BUAP5QCEVIKAZS46XH7XNYVN4KTKAAWX2OPUQVNGN7AZ2WYGDTUMDI3VPDLT2XOBBRABEFDCIUECTSS5PTR32IKSISM2YWOAG2AD666J33HTAY3XZDJNGID643KUHEVK4VPCLH66YHPJTTGBP6XBQ3OZTDL4CY3FRF7RKS4EENHJGVEI3R5O6EQ4VLOJGSEYWUFF6PC5SUVHI326ZARUKEDF4A/?amtw=&cbvp=2
Requested by: Host: notes.io
URL: https://notes.io/wt7uU
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.227.153.222 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection: keep-alive
Date: Sun, 24 Dec 2023 09:55:03 GMT
Content-Length: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ 160 KB
55 KB 144ms
144ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

93ebcff6a5333fc1913c11890c8681b60592f802aead4cc0354ca786d351be56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://notes.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 09:55:03 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56010
x-xss-protection: 0
server: cafe
etag: 15006334322659906156
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 24 Dec 2023 09:55:03 GMT

GET
H2 200 ca-pub-4070502493653474 Show response
fundingchoicesmessages.google.com/i/ 182 KB
61 KB 187ms
81ms Script
application/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-4070502493653474?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6b3bf23daef41ba20900e9c819b8750e86a8fff4c632fcec4912a74b86ed3933

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-ThGH4i0C7t-G8Z1xG-j-Fg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://notes.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 09:55:03 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-ThGH4i0C7t-G8Z1xG-j-Fg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 async-ads.js Show response
www.google.com/adsense/search/ 142 KB
52 KB 102ms
38ms Script
text/javascript 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/adsense/search/async-ads.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5d491fd9bf0607b4786419e2d1199b3fb7e7cab2fef39e7bfb2f5d4fc983253

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://notes.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 09:55:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
etag: "13458896677077541490"
vary: Accept-Encoding
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
accept-ranges: bytes
link: <https://www.adsensecustomsearchads.com>; rel="preconnect"
expires: Sun, 24 Dec 2023 09:55:03 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 83ms
83ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_auto_rs&sts=ok&evt=place&vh=1200&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079438%2C31079714%2C31079964%2C31079979%2C31080103%2C95320885&hl=en&pvc=3792896025820638

Requested by

Host: notes.io
URL: https://notes.io/wt7uU

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://notes.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 09:55:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 nunitosans-700.css
static.criteo.net/design/googlefont/nunitosans/ Frame 317B 2 KB
808 B 34ms
31ms Stylesheet
text/css 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/nunitosans/nunitosans-700.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

27a8c6042dcb878ffd6f98485b4f4a151217f31b344bcbdf7079a2dc30095776

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 09:55:03 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:10:50 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f06a-67a"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 18 Dec 2024 09:55:03 GMT

GET
H2 200 nunitosans-400.css
static.criteo.net/design/googlefont/nunitosans/ Frame 317B 2 KB
807 B 35ms
32ms Stylesheet
text/css 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/nunitosans/nunitosans-400.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f8a7a2c0722117661ca84a437b362e2bda0c1f88365c9f38993e4e166c8fd186

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 09:55:03 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:10:49 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f069-67a"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 18 Dec 2024 09:55:03 GMT

GET
H2 200 nunitosans-400-latin.woff2
static.criteo.net/design/googlefont/nunitosans/ Frame 317B 17 KB
17 KB 136ms
68ms Font
application/octet-stream 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/nunitosans/nunitosans-400-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/nunitosans/nunitosans-400.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ea45c4c4ef9081cfd5aac2cf039ce0a9e53650afcc63dd9f31924571a76aee2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/nunitosans/nunitosans-400.css
Origin: https://ads.eu.criteo.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 09:55:03 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:10:49 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f069-4254"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 18 Dec 2024 09:55:03 GMT

GET
H2 200 nunitosans-700-latin.woff2
static.criteo.net/design/googlefont/nunitosans/ Frame 317B 17 KB
17 KB 140ms
82ms Font
application/octet-stream 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/nunitosans/nunitosans-700-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/nunitosans/nunitosans-700.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

0c7f4920095694476c9df96d4a04c4b0bdb7e8c69cefe0e0e596939749508098

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/nunitosans/nunitosans-700.css
Origin: https://ads.eu.criteo.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 09:55:03 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:10:50 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f06a-42dc"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 18 Dec 2024 09:55:03 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 370 B
591 B 169ms
59ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=notes.io&client=partner-pub-4070502493653474&product=SAS&callback=__sasCookie

Requested by

Host: www.google.com
URL: https://www.google.com/adsense/search/async-ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

860d3c8ac9a8144b61d2799c7410a7c337b3d1326a230d60c1d5cf320f081e03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://notes.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 09:55:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 239
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame A307 0
19 B 94ms
94ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CUZLD9v-HZafYMNHtxgPc57Q4yZ7SsVzNhuPWkwHAjbcBEAEgAGD1BYIBF2NhLXB1Yi00MDcwNTAyNDkzNjUzNDc0yAEJqQJx9dySZnqyPqgDAcgDAqoE5gFP0PFzwkkOAgOvWDqIBYC-4HVq23JeyRhX7Tr_WCgDOrugvdOHE0pboxuYTQaeyAifkXwPV0o6RP-FWo1c8jGrZnbK9FWp0BBBrlPRqkJv6t_fLQsFhyrP8JQzk23sfK-RQI4tcawfHyo1p7tFX3rpgEkXEBIfVNTOBXqGN6ZyK5pJJfYTGS_pbLsGvnxowVK5AgqnD5A0Q7nxK3a7gSQNbZyCey5BhQbvXBzTLAg4MWkqmIt0f_9nA8pBoghHKmWqZax5RisjSjh2uT-8XvgP_PK4aEx3fsP8C0GaRiTYZXZOWlrSooAGo4nZrNr2yIZQoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WPGNzovnp4MDgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTQwNzA1MDI0OTM2NTM0NzQYAA&sigh=tkliRbzVZGk&uach_m=%5BUACH%5D&cid=CAQSTwAvHhf_kh7fS40U3OHyqVyndl-vK3Xx_Jwvx09izepippigQaYc_cW4PmmdWJdvLrCehRS1E0mNRyi10yw18DTyZKWiKyK27IFdVOhPDnIYAQ&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4070502493653474&output=html&h=200&slotname=3868234696&adk=549409105&adf=954533980&pi=t.ma~as.3868234696&w=1200&fwrn=4&lmt=1703411702&rafmt=11&format=1200x200&url=https%3A%2F%2Fnotes.io%2Fwt7uU&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703411702525&bpp=3&bdt=311&idt=230&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&correlator=3251519291353&frm=20&pv=2&ga_vid=763161084.1703411703&ga_sid=1703411703&ga_hid=577917265&ga_fc=1&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=194&ady=122&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079438%2C31079714%2C31079964%2C31079979%2C31080103%2C95320885&oid=2&pvsid=3792896025820638&tmod=245286006&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=241
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 24 Dec 2023 09:55:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.fr3.eu.criteo.com/google/auction/ Frame A307 0
126 B 856ms
467ms Image
text/plain 2a02:2638:d::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=kLiJFrv6RLAJyAGdg2ICAgAAAEwOGgQudnLrEPb_h2ULbpr43tIXxDPXAAASAAAKCkFRVUJEd0VCRHc&wp=ZYf_9gAMLCcKcbbRAA0z3Cirf8HTuOYs4xne9A&cbvp=2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 09:55:04 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 153848
server: Kestrel
content-length: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2887 436 B
233 B 616ms
615ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4070502493653474&output=html&h=280&adk=1660337510&adf=3767030899&pi=t.aa~a.179182922~i.28~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1703411703&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7194745760&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fnotes.io%2Fwt7uU&ea=0&fwr=0&pra=3&rh=200&rw=1488&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703411703673&bpp=1&bdt=1459&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D921c0f79e32c40bd%3AT%3D1703411702%3ART%3D1703411702%3AS%3DALNI_MY9j_x1b-jGNOLJQ9QjAtgshFCoCg&gpic=UID%3D00000ce796ae7267%3AT%3D1703411702%3ART%3D1703411702%3AS%3DALNI_Mbm3zifSwEhb3Ig_0Qfl7zLa-MiPw&prev_fmts=1200x200%2C728x90%2C0x0&nras=2&correlator=3251519291353&frm=20&pv=1&ga_vid=763161084.1703411703&ga_sid=1703411703&ga_hid=577917265&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=194&ady=1180&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079438%2C31079714%2C31079964%2C31079979%2C31080103%2C95320885&oid=2&psts=AOrYGsnxNwBH9CLi8DxCK9D3zdGpjWuORDX0h9Js8teQBK6TuJoNdGblRk_145BfUNJj7x5ahzy6Q9yKc7wP%2CAOrYGsmzf6m1TkOw8hWy4CAPZk6rqwRSvH49wmnTGb1JFkhUbXz5l-nShMt_72f82RmKjJOi3KGCLzUC3C148HM9&pvsid=3792896025820638&tmod=245286006&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=44

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7891da306ac63a5ed48ddb5476adaa268d6c1241a86fbad5d974aaf7482890c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://notes.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 212
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 24 Dec 2023 09:55:04 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 58E8 436 B
232 B 249ms
249ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4070502493653474&output=html&h=280&adk=1660337510&adf=2234306316&pi=t.aa~a.179182922~i.34~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1703411703&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7194745760&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fnotes.io%2Fwt7uU&ea=0&fwr=0&pra=3&rh=200&rw=1488&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703411703673&bpp=1&bdt=1459&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D921c0f79e32c40bd%3AT%3D1703411702%3ART%3D1703411702%3AS%3DALNI_MY9j_x1b-jGNOLJQ9QjAtgshFCoCg&gpic=UID%3D00000ce796ae7267%3AT%3D1703411702%3ART%3D1703411702%3AS%3DALNI_Mbm3zifSwEhb3Ig_0Qfl7zLa-MiPw&prev_fmts=1200x200%2C728x90%2C0x0%2C1200x280&nras=3&correlator=3251519291353&frm=20&pv=1&ga_vid=763161084.1703411703&ga_sid=1703411703&ga_hid=577917265&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=194&ady=1694&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079438%2C31079714%2C31079964%2C31079979%2C31080103%2C95320885&oid=2&psts=AOrYGsnxNwBH9CLi8DxCK9D3zdGpjWuORDX0h9Js8teQBK6TuJoNdGblRk_145BfUNJj7x5ahzy6Q9yKc7wP%2CAOrYGsmzf6m1TkOw8hWy4CAPZk6rqwRSvH49wmnTGb1JFkhUbXz5l-nShMt_72f82RmKjJOi3KGCLzUC3C148HM9&pvsid=3792896025820638&tmod=245286006&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&dtd=46

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

48d13ae6ef32ad9084e71758fbf48eaa0668e743c8264f5bfb4418fc948b0799

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://notes.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 211
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 24 Dec 2023 09:55:03 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3D18 436 B
233 B 624ms
624ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4070502493653474&output=html&h=280&adk=1660337510&adf=2065172108&pi=t.aa~a.179182922~i.50~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1703411703&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7194745760&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fnotes.io%2Fwt7uU&ea=0&fwr=0&pra=3&rh=200&rw=1488&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703411703673&bpp=1&bdt=1459&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D921c0f79e32c40bd%3AT%3D1703411702%3ART%3D1703411702%3AS%3DALNI_MY9j_x1b-jGNOLJQ9QjAtgshFCoCg&gpic=UID%3D00000ce796ae7267%3AT%3D1703411702%3ART%3D1703411702%3AS%3DALNI_Mbm3zifSwEhb3Ig_0Qfl7zLa-MiPw&prev_fmts=1200x200%2C728x90%2C0x0%2C1200x280%2C1200x280&nras=4&correlator=3251519291353&frm=20&pv=1&ga_vid=763161084.1703411703&ga_sid=1703411703&ga_hid=577917265&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=194&ady=2559&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079438%2C31079714%2C31079964%2C31079979%2C31080103%2C95320885&oid=2&psts=AOrYGsnxNwBH9CLi8DxCK9D3zdGpjWuORDX0h9Js8teQBK6TuJoNdGblRk_145BfUNJj7x5ahzy6Q9yKc7wP%2CAOrYGsmzf6m1TkOw8hWy4CAPZk6rqwRSvH49wmnTGb1JFkhUbXz5l-nShMt_72f82RmKjJOi3KGCLzUC3C148HM9&pvsid=3792896025820638&tmod=245286006&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=3&fsb=1&dtd=47

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0212f39422ee353922b79ab5638bef808052bdc4ed98b043c84c0b39e4471491

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://notes.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 212
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 24 Dec 2023 09:55:04 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame CC28 436 B
233 B 614ms
614ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4070502493653474&output=html&h=280&adk=1660337510&adf=3471279378&pi=t.aa~a.179182922~i.54~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1703411703&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7194745760&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fnotes.io%2Fwt7uU&ea=0&fwr=0&pra=3&rh=200&rw=1488&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703411703673&bpp=1&bdt=1459&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D921c0f79e32c40bd%3AT%3D1703411702%3ART%3D1703411702%3AS%3DALNI_MY9j_x1b-jGNOLJQ9QjAtgshFCoCg&gpic=UID%3D00000ce796ae7267%3AT%3D1703411702%3ART%3D1703411702%3AS%3DALNI_Mbm3zifSwEhb3Ig_0Qfl7zLa-MiPw&prev_fmts=1200x200%2C728x90%2C0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=3251519291353&frm=20&pv=1&ga_vid=763161084.1703411703&ga_sid=1703411703&ga_hid=577917265&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=194&ady=3041&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079438%2C31079714%2C31079964%2C31079979%2C31080103%2C95320885&oid=2&psts=AOrYGsnxNwBH9CLi8DxCK9D3zdGpjWuORDX0h9Js8teQBK6TuJoNdGblRk_145BfUNJj7x5ahzy6Q9yKc7wP%2CAOrYGsmzf6m1TkOw8hWy4CAPZk6rqwRSvH49wmnTGb1JFkhUbXz5l-nShMt_72f82RmKjJOi3KGCLzUC3C148HM9&pvsid=3792896025820638&tmod=245286006&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=4&fsb=1&dtd=49

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0d20725aad04321073f5328493250d2fa52782c4464c1bc5a5cfcce7360cd651

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://notes.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 212
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 24 Dec 2023 09:55:04 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 95AA 436 B
233 B 598ms
597ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4070502493653474&output=html&h=280&adk=1660337510&adf=236418961&pi=t.aa~a.179182922~i.58~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1703411703&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7194745760&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fnotes.io%2Fwt7uU&ea=0&fwr=0&pra=3&rh=200&rw=1488&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703411703673&bpp=1&bdt=1459&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D921c0f79e32c40bd%3AT%3D1703411702%3ART%3D1703411702%3AS%3DALNI_MY9j_x1b-jGNOLJQ9QjAtgshFCoCg&gpic=UID%3D00000ce796ae7267%3AT%3D1703411702%3ART%3D1703411702%3AS%3DALNI_Mbm3zifSwEhb3Ig_0Qfl7zLa-MiPw&prev_fmts=1200x200%2C728x90%2C0x0%2C1200x280%2C1200x280%2C1200x280%2C1200x280&nras=6&correlator=3251519291353&frm=20&pv=1&ga_vid=763161084.1703411703&ga_sid=1703411703&ga_hid=577917265&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=194&ady=3516&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079438%2C31079714%2C31079964%2C31079979%2C31080103%2C95320885&oid=2&psts=AOrYGsnxNwBH9CLi8DxCK9D3zdGpjWuORDX0h9Js8teQBK6TuJoNdGblRk_145BfUNJj7x5ahzy6Q9yKc7wP%2CAOrYGsmzf6m1TkOw8hWy4CAPZk6rqwRSvH49wmnTGb1JFkhUbXz5l-nShMt_72f82RmKjJOi3KGCLzUC3C148HM9&pvsid=3792896025820638&tmod=245286006&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&btvi=5&fsb=1&dtd=51

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68766a964820bd881f32abbe9e6ae7f592477b98b7579fe0a538df9f56a351ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://notes.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 212
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 24 Dec 2023 09:55:04 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D0A3 436 B
233 B 595ms
595ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4070502493653474&output=html&h=280&adk=1660337510&adf=4274018217&pi=t.aa~a.179182922~i.62~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1703411703&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7194745760&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fnotes.io%2Fwt7uU&ea=0&fwr=0&pra=3&rh=200&rw=1488&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703411703673&bpp=1&bdt=1459&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D921c0f79e32c40bd%3AT%3D1703411702%3ART%3D1703411702%3AS%3DALNI_MY9j_x1b-jGNOLJQ9QjAtgshFCoCg&gpic=UID%3D00000ce796ae7267%3AT%3D1703411702%3ART%3D1703411702%3AS%3DALNI_Mbm3zifSwEhb3Ig_0Qfl7zLa-MiPw&prev_fmts=1200x200%2C728x90%2C0x0%2C1200x280%2C1200x280%2C1200x280%2C1200x280%2C1200x280&nras=7&correlator=3251519291353&frm=20&pv=1&ga_vid=763161084.1703411703&ga_sid=1703411703&ga_hid=577917265&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=194&ady=3991&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079438%2C31079714%2C31079964%2C31079979%2C31080103%2C95320885&oid=2&psts=AOrYGsnxNwBH9CLi8DxCK9D3zdGpjWuORDX0h9Js8teQBK6TuJoNdGblRk_145BfUNJj7x5ahzy6Q9yKc7wP%2CAOrYGsmzf6m1TkOw8hWy4CAPZk6rqwRSvH49wmnTGb1JFkhUbXz5l-nShMt_72f82RmKjJOi3KGCLzUC3C148HM9&pvsid=3792896025820638&tmod=245286006&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=9&uci=a!9&btvi=6&fsb=1&dtd=52

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0cca8d2464aacc00ff822ee7c3da38056e30bd03863dc29bc1ab2ab8c1747233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://notes.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 212
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 24 Dec 2023 09:55:04 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/ Frame 8F68 9 KB
4 KB 51ms
51ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://notes.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 20276
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 24 Dec 2023 04:17:07 GMT
etag: 5585625838579639069
expires: Sun, 07 Jan 2024 04:17:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 AGSKWxWoGexm4mftMvMvUbwKTmgX6_oYzuSmLobPGQnFoScdJdmMJHufCKsED9qvx29aJSlYJzO4YuP9-wp8GNZhKSJcMJnDkEDdOf3m2p-jQ3G_rvp6mAt8Ps_znHUledh-F6cH5ipx4Q== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 81ms
81ms Script
application/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWoGexm4mftMvMvUbwKTmgX6_oYzuSmLobPGQnFoScdJdmMJHufCKsED9qvx29aJSlYJzO4YuP9-wp8GNZhKSJcMJnDkEDdOf3m2p-jQ3G_rvp6mAt8Ps_znHUledh-F6cH5ipx4Q==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzAzNDExNzAzLDczMDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9ub3Rlcy5pby93dDd1VSIsbnVsbCxbWzgsIlV2RkJRUjM0UzVVIl0sWzksImRlIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.UvFBQR34S5U.es5.O/am=wA/d=1/rs=AJlcJMwHoQ20fbHqWwNC8d65sakOgGWhJg/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

739735609cb88dd5336f847f9b9c4fb438ea137a885a6522d6c3b49b371a6a25

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-2kxInNN2n9zG-Re5Zv09Og' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://notes.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 09:55:03 GMT
content-security-policy: script-src 'report-sample' 'nonce-2kxInNN2n9zG-Re5Zv09Og' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 aa.js Show response
q.adrta.com/ Frame B36A 887 B
1 KB 343ms
111ms Script
application/javascript 44.193.136.11
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://q.adrta.com/aa.js?cb=1703411702903
Requested by: Host: notes.io
URL: https://notes.io/wt7uU
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.193.136.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-193-136-11.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 9cc796557291951ae944d44bce7806779d323505c9194d7ff23d81de86dcd3ad

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 24 Dec 2023 09:55:04 GMT
content-encoding: gzip
server: nginx
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame B36A
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&wb=1&hdid=0
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=8&wb=1&hdid=0
https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=IBQNgynES2ikRagT15L8bWWH__c

170 B
409 B

131ms
51ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=IBQNgynES2ikRagT15L8bWWH__c

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 09:55:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 24 Dec 2023 09:55:03 GMT
server: A
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=IBQNgynES2ikRagT15L8bWWH__c
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame B36A 3 KB
1 KB 33ms
32ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: notes.io
URL: https://notes.io/wt7uU

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 20:41:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47584
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 06 Jan 2024 20:41:59 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame B36A 20 KB
8 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: notes.io
URL: https://notes.io/wt7uU

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28844
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 Jan 2024 01:54:19 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame B36A 203 KB
64 KB 138ms
137ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: notes.io
URL: https://notes.io/wt7uU

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 09:55:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 24 Dec 2023 09:55:03 GMT

GET
H2 200 aid:6587fff63dfccde406c60008;cid:2730832;arid:113020;c:ZYf_9gAMfNkIFVu8AA6aX-g-kxOORZvx5SaJsg;bexp:1800;uih:d0300f1c
wins-eu.sitescout.com/adx/px/ Frame B36A 43 B
267 B 118ms
33ms Image
image/gif 98.98.134.245
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wins-eu.sitescout.com/adx/px/aid:6587fff63dfccde406c60008;cid:2730832;arid:113020;c:ZYf_9gAMfNkIFVu8AA6aX-g-kxOORZvx5SaJsg;bexp:1800;uih:d0300f1c
Requested by: Host: notes.io
URL: https://notes.io/wt7uU
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 98.98.134.245 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: AC1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 09:55:03 GMT
server: AC1.1
content-type: image/gif
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
cache-control: max-age=0,no-cache,no-store
content-length: 43
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2 200 76AF05tZkaSOAN70.jpg
cdn01.basis.net/113100/113020/ Frame B36A 103 KB
103 KB 134ms
41ms Image
image/jpeg 41.63.96.2
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn01.basis.net/113100/113020/76AF05tZkaSOAN70.jpg
Requested by: Host: notes.io
URL: https://notes.io/wt7uU
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 41.63.96.2 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-41-63-96-2.hhn.llnw.net
Software: AC1.1 /
Resource Hash: ba523ef2ddc495dff5bfb7ecea9908c2253ed776bf02c0d63775d48c7061c28e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 09:55:03 GMT
last-modified: Fri, 08 Dec 2023 19:02:20 GMT
server: AC1.1
age: 139929
content-type: image/jpeg
accept-ranges: bytes
content-length: 105329
x-llid: 9e4786be16b1622866038eb0992086d9

GET
H2 200 AGSKWxXsAhTelkhV2lOsFW7pjmWJklOhPqumwAUNFxDS7K_8xLpQ7-t9VkBAL4gO0oum6SHaUMVL7OMWcmK4bX_qU-ntz5VakL5aHQcG0yKNrHTYX5-z7ugS-X15bX8hZvAtdwYhim0_TQ== Show response
fundingchoicesmessages.google.com/f/ 13 KB
6 KB 90ms
89ms Script
application/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXsAhTelkhV2lOsFW7pjmWJklOhPqumwAUNFxDS7K_8xLpQ7-t9VkBAL4gO0oum6SHaUMVL7OMWcmK4bX_qU-ntz5VakL5aHQcG0yKNrHTYX5-z7ugS-X15bX8hZvAtdwYhim0_TQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzAzNDExNzAzLDgxNjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImRlIl0sImh0dHBzOi8vbm90ZXMuaW8vd3Q3dVUiLG51bGwsW1s4LCJVdkZCUVIzNFM1VSJdLFs5LCJkZSJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

715503a82965fc4df696587bda692cf3f1640922a80a088457296b41a4b3d39a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-X-T_M6Wgl5Um1LjdL7Hakw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://notes.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 09:55:03 GMT
content-security-policy: script-src 'report-sample' 'nonce-X-T_M6Wgl5Um1LjdL7Hakw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 r.js Show response
q.adrta.com/ Frame B36A 110 B
316 B 115ms
115ms Script
application/javascript 44.193.136.11
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://q.adrta.com/r.js?v=23.000&rcb=715429&cb=1703411702903
Requested by: Host: q.adrta.com
URL: https://q.adrta.com/aa.js?cb=1703411702903
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.193.136.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-193-136-11.compute-1.amazonaws.com
Software: nginx /
Resource Hash: a2cb4cf7f8dbb7af05983e4aec1a10679da31886d9752e7fe7793d7adc40bace

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 24 Dec 2023 09:55:04 GMT
content-encoding: gzip
server: nginx
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8

GET
H2 200 cdnf.js Show response
pix.adrta.com/ Frame B36A 33 KB
12 KB 116ms
33ms Script
application/javascript 18.66.248.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pix.adrta.com/cdnf.js?v=23.000
Requested by: Host: q.adrta.com
URL: https://q.adrta.com/aa.js?cb=1703411702903
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-112.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c6d6e1b5a8106e8624cd94dfb25383a222f722bb8fa8817780d91405bccd991b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: o8Dqn2fSaANd7t63xhmbtoZe_cmSJAMf
content-encoding: gzip
via: 1.1 1b18b0df6149933160ee945c6867dc2c.cloudfront.net (CloudFront)
date: Sun, 24 Dec 2023 04:59:20 GMT
last-modified: Sat, 28 Oct 2023 05:29:11 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P1
age: 17769
x-amz-server-side-encryption: AES256
etag: W/"82b6743c32bc1214117ff9c6593e4ac5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: hOZcvQqUuK1kFGtmIto4BIMGCV3_FdZC6Kbto-aSAUCY6wTcs3yNTw==

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A307 42 B
64 B 193ms
90ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvFGOAz108mfaakEjHHPUbQzZTAmCyemgAYcrePoWsf5pHc1B73IQKhk6guPrUS-POjnHaoNZO3LaJhy-MHqxaADAbcOop-Npj3W7hNyKcvsCDv0mJAaddn&sig=Cg0ArKJSzFa5Nov-zsIVEAE&id=lidar2&mcvt=1003&p=0,0,200,1200&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=549409105&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1703411702768&rpt=582&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 09:55:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
ipv6.adrta.com/ Frame B36A 132 B
247 B 536ms
165ms Script
text/javascript 2600:1f14:b4f:4b01:3851:4f93:66e2:747e
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ipv6.adrta.com/?callback=_1703411704398

Requested by

Host: pix.adrta.com
URL: https://pix.adrta.com/cdnf.js?v=23.000

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f14:b4f:4b01:3851:4f93:66e2:747e Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

3b7a36767b8a601e41892a5b3a4ab9480530d709439d83de30509798fe4777ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 09:55:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
content-type: text/javascript; charset=utf-8

GET
H2 200 i Show response
adrta.com/ Frame B36A 143 B
271 B 341ms
111ms Script
text/javascript 3.95.91.14
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://adrta.com/i?cb=64385750&__aasv=23.001&__aaii=12577598759713568950&__aait=1703411704207&__aavz=-60&__aaib=0&__aaai=1&__aaaa=0&__aafl=0&__aaaf=0&__aaag=0&__aahd=%7B%22chrome%22%3A1%7D&__aaax=0&__aaay=0&__aapf=0&__aaec=2&__aaup=1&__aaae=0&__aaat=0&__aaav=0&__aaas=0&__aaah=0&__aaph=0&__aapw=0&__aapc=0&__aap1=0&__aap2=0&__aap3=0&__aap4=0&__aap5=0&__aass=1600x1200&__aacb=1703411702903&__aaxf=185.195.71.221%2C%2010.1.1.43&__aaci=ss&paid=ss&avid=113020&caid=2730832&publisherId=pub-4070502493653474&kv5=1&plid=7254702&segment=&kv4=2a05%3Aad00%3Ab%3A%3A&kv14=&kv1=160x600&siteId=&kv7=8&kv15=ABOVE_THE_FOLD&kv16=&kv17=&kv18=&kv24=WEB&kv22=&kv11=6587fff63dfccde406c60008&kv3=&kv55=1.0,1!google.com,pub-4070502493653474,1!centro.net,8,1&kv27=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&kv2=https%3A%2F%2Fnotes.io%2Fwt7uU&__aapu=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231207%2Fr20110914%2Fzrt_lookup_fy2021.html%23RS-1-%26adk%3D1812271803%26client%3Dca-pub-4070502493653474%26fa%3D3%26ifi%3D10%26uci%3Da!a%26btvi%3D7&__aapr=https%3A%2F%2Fnotes.io&__aatu=https%3A%2F%2Fnotes.io
Requested by: Host: pix.adrta.com
URL: https://pix.adrta.com/cdnf.js?v=23.000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.95.91.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-95-91-14.compute-1.amazonaws.com
Software: nginx /
Resource Hash: fbcc6ef0fd4c7039e42ff37f6bf26ecf4621b08d313a2b9aa7a948a2444091ab

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: text/javascript;charset=ISO-8859-1
pragma: no-cache
date: Sun, 24 Dec 2023 09:55:04 GMT
cache-control: no-cache
content-encoding: gzip
server: nginx
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 317B 0
127 B 41ms
40ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 24 Dec 2023 09:55:04 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 67ms
66ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=6.9093911043477565

Requested by

Host: notes.io
URL: https://notes.io/wt7uU

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-62Dc5lXUZfchZrQbAjtEyA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://notes.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 09:55:04 GMT
content-security-policy: script-src 'report-sample' 'nonce-62Dc5lXUZfchZrQbAjtEyA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 103ms
103ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=9.229280451210142

Requested by

Host: notes.io
URL: https://notes.io/wt7uU

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-9CUaesDoiAOPSXXVDU6xqA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://notes.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 09:55:04 GMT
content-security-policy: script-src 'report-sample' 'nonce-9CUaesDoiAOPSXXVDU6xqA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame B36A 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b14f30514515ba05a4d3c38a52df6b628f579789b5f7d30a1d91238b91ebce25

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame B36A 0
19 B 94ms
94ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CuKuQ9v-HZdn5Mby31fAP37S62AzMnsivbJC586qnEMCNtwEQASAAYN0EggEXY2EtcHViLTQwNzA1MDI0OTM2NTM0NzTIAQmoAwHIAwKqBOUBT9DAxKwangs12lAxkSJ-HYVjqoevQ8OnDQ_quFyqJ7mAsQVqslfPy4N8yXPr0wZrRMybLlmjzMNmmAaT9LfqIj0VoAExzz3Oanp6PArxR6YZSF8zN8XHDyP9QNLdpbUwuk4tlYzGMjcJzVqAUttWP0_i6tX0t84Plu7hrFqU1U0fuQWPa3fNa3Koc8xQ2ZxFndjaxSLVEKaYhexSuYgGFjWUdKnUVTkyp4vGGLAT1J-1oe5r70ZcR9SBR76IaU_9k34nZdM30I50BBf03JUkZR9huglO-zrcvgrHNNuHfKaAnFq4t4AGiuyR-pu--erhAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQATICigI6BIBAgEBIvf3BOljxpc-L56eDA4AKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi00MDcwNTAyNDkzNjUzNDc0GAA&sigh=2Hm0PjJ3eg8&uach_m=%5BUACH%5D&cid=CAQSTwAvHhf_eh4Szfe3OaUUMIerGAhWCkjG5WZ_xJMJ0GiwZFgz1ZWVyeBJJOKyIUUyUgwTcpr4FojlNbq5rCYLUzMmTiVYPfa3JhJV73_1BIsYAQ&cbvp=2&vis=1

Requested by

Host: notes.io
URL: https://notes.io/wt7uU

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 24 Dec 2023 09:55:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 aid:6587fff63dfccde406c60008;cid:2730832;arid:113020;c:ZYf_9gAMfNkIFVu8AA6aX-g-kxOORZvx5SaJsg;bexp:1800;uih:d0300f1c&cbvp=2
wins-eu.sitescout.com/adx/win/ Frame B36A 0
197 B 33ms
33ms Image
text/plain 98.98.134.245
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wins-eu.sitescout.com/adx/win/aid:6587fff63dfccde406c60008;cid:2730832;arid:113020;c:ZYf_9gAMfNkIFVu8AA6aX-g-kxOORZvx5SaJsg;bexp:1800;uih:d0300f1c&cbvp=2
Requested by: Host: notes.io
URL: https://notes.io/wt7uU
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 98.98.134.245 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 09:55:04 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
access-control-allow-origin: *
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2 200 i Show response
adrta.com/ Frame B36A 15 B
172 B 111ms
111ms Script
text/javascript 3.95.91.14
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://adrta.com/i?cb=11256205&__aasv=23.001&__aaii=12577598759713568950&__aait=1703411704207&__aasi=1948142948400929144&__aast=1703411704093&__aavi=4568387213415966296&__aavt=1703411704093&__aavz=-60&__aaib=0&__aaai=1&__aaaa=0&__aafl=0&__aaaf=1&__aaag=609&__aahd=%7B%22chrome%22%3A1%7D&__aarf=3&__aart=610&__aaax=0&__aaay=0&__aasz=160x600&__aapf=1&__aaec=2&__aaup=2&__aaat=0&__aaae=0&__aaav=0&__aaas=606&__aaah=0&__aapc=0&__aaph=0&__aapw=0&__aap1=0&__aap2=0&__aap3=0&__aap4=0&__aap5=0&__aass=1600x1200&__aaim=1&__aaho=1&__aacb=1703411702903&__aaxf=185.195.71.221%2C%2010.1.1.43&__aas21=2a05%3Aad00%3Ab%3A0%3A129%3A%3A1&__aas23=2a05%3Aad00%3Ab%3A0%3A129%3A%3A1%2C%2010.2.1.217&__aaci=ss&paid=ss&avid=113020&caid=2730832&publisherId=pub-4070502493653474&kv5=1&plid=7254702&segment=&kv4=2a05%3Aad00%3Ab%3A%3A&kv14=&kv1=160x600&siteId=&kv7=8&kv15=ABOVE_THE_FOLD&kv16=&kv17=&kv18=&kv24=WEB&kv22=&kv11=6587fff63dfccde406c60008&kv3=&kv55=1.0,1!google.com,pub-4070502493653474,1!centro.net,8,1&kv27=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&kv2=https%3A%2F%2Fnotes.io%2Fwt7uU&__aapu=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231207%2Fr20110914%2Fzrt_lookup_fy2021.html%23RS-1-%26adk%3D1812271803%26client%3Dca-pub-4070502493653474%26fa%3D3%26ifi%3D10%26uci%3Da!a%26btvi%3D7&__aapr=https%3A%2F%2Fnotes.io&__aatu=https%3A%2F%2Fnotes.io
Requested by: Host: pix.adrta.com
URL: https://pix.adrta.com/cdnf.js?v=23.000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.95.91.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-95-91-14.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 0832fd95ee636ce4ee93987e86eacc95ae8284fa5944919afb4c39913df029e0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: text/javascript;charset=ISO-8859-1
pragma: no-cache
date: Sun, 24 Dec 2023 09:55:05 GMT
cache-control: no-cache
server: nginx
content-length: 15
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H3 204 AGSKWxV_KIUKSRd4h6zrlc_nfqSm-Q92LshhwE9KLKag8xUjosxw1VgSvr5tY5mVBzLhENdvLG7noeCRx3F9_32dbv6VxeWLjLwmk-fPi_rop7QM7x5oljylkpDnKwXJbqHzS_GQMp5L3w== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 136ms
79ms XHR
text/html 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxV_KIUKSRd4h6zrlc_nfqSm-Q92LshhwE9KLKag8xUjosxw1VgSvr5tY5mVBzLhENdvLG7noeCRx3F9_32dbv6VxeWLjLwmk-fPi_rop7QM7x5oljylkpDnKwXJbqHzS_GQMp5L3w==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-xrdx0_s8qmapVy5zCKva0w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://notes.io/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 24 Dec 2023 09:55:05 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-xrdx0_s8qmapVy5zCKva0w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://notes.io
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 104ms
103ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231207&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c52545f2518d75ba5f9007fe0f054447ea120c5848a2489161709601d60ea79a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://notes.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 09:55:05 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12053
x-xss-protection: 0

POST
H3 204 rum Show response
notes.io/cdn-cgi/ 0
136 B 30ms
30ms XHR
text/plain 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://notes.io/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://notes.io/wt7uU
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json

Response headers

date: Sun, 24 Dec 2023 09:55:05 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://notes.io
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 83a7f7747f6fbab1-MXP

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 43ms
43ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://notes.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 09:55:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 24 Dec 2023 09:55:05 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1B53 13 KB
5 KB 29ms
28ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://notes.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 69792
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 23 Dec 2023 14:31:53 GMT
expires: Sun, 22 Dec 2024 14:31:53 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame E8AC 829 B
984 B 38ms
37ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a7778a78a5cded3b78c27bc322f08153bd37563a77368c49348a4e3dcf54816b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-QxZoRtZdPsviyJnS7SPpDw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://notes.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-QxZoRtZdPsviyJnS7SPpDw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 24 Dec 2023 09:55:05 GMT
expires: Sun, 24 Dec 2023 09:55:05 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 1B53 39 KB
15 KB 49ms
49ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 14:31:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69792
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 22 Dec 2024 14:31:53 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame E8AC 0
0 84ms
83ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231207&jk=3792896025820638&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 1B53 0
10 B 29ms
28ms Image
text/plain 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?ewBndw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 09:55:05 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 sponsorad2. Show response
fundingchoicesmessages.google.com/f/AGSKWxXXyi5v96WSzosV_P_IeIxU7MW-tPcVK3PegGd8_I3V9gFcx_4h1GPaWhC5wSXeA9xXZt1JN7kbbxn_EOH4c8vlF6rdNsSylTXHPMZirwsvwJvzxnC5ZQLueDfVWea8NzQv_1g5Qk31hvY75ZT1xyQZmDs5U... 54 B
109 B 72ms
72ms Script
application/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXXyi5v96WSzosV_P_IeIxU7MW-tPcVK3PegGd8_I3V9gFcx_4h1GPaWhC5wSXeA9xXZt1JN7kbbxn_EOH4c8vlF6rdNsSylTXHPMZirwsvwJvzxnC5ZQLueDfVWea8NzQv_1g5Qk31hvY75ZT1xyQZmDs5U5DChGfGVdz_XzvYxEYvxUWmyVC-DvBf/_/sponsorad2.?canp=adv_/msnadimg./3_ads./delivery/avw.

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.UvFBQR34S5U.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMwWfbcbLtnPlY16R7U9M_hg5D_tIw/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b8d1b305e224725defcc0ae60271143157300653a2387c711d63f26abfbc48f6

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-XqtgMFycTaFZLvtLfM5sbQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://notes.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 09:55:05 GMT
content-security-policy: script-src 'report-sample' 'nonce-XqtgMFycTaFZLvtLfM5sbQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 osd.js Show response
pagead2.googlesyndication.com/pagead/ 61 B
76 B 50ms
50ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/osd.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c45c8b81ccfcbc08127b74787d1b5974078756233de947986c357e28ed8f13ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://notes.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 09:52:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 135
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51
x-xss-protection: 0
server: cafe
etag: 16023549773543154165
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Sun, 24 Dec 2023 10:52:50 GMT

POST
H3 204 AGSKWxV_KIUKSRd4h6zrlc_nfqSm-Q92LshhwE9KLKag8xUjosxw1VgSvr5tY5mVBzLhENdvLG7noeCRx3F9_32dbv6VxeWLjLwmk-fPi_rop7QM7x5oljylkpDnKwXJbqHzS_GQMp5L3w== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 40ms
39ms XHR
text/html 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxV_KIUKSRd4h6zrlc_nfqSm-Q92LshhwE9KLKag8xUjosxw1VgSvr5tY5mVBzLhENdvLG7noeCRx3F9_32dbv6VxeWLjLwmk-fPi_rop7QM7x5oljylkpDnKwXJbqHzS_GQMp5L3w==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-u4o1Rb0Hod-nIidB4ZWbEQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://notes.io/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 24 Dec 2023 09:55:05 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-u4o1Rb0Hod-nIidB4ZWbEQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://notes.io
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxV_KIUKSRd4h6zrlc_nfqSm-Q92LshhwE9KLKag8xUjosxw1VgSvr5tY5mVBzLhENdvLG7noeCRx3F9_32dbv6VxeWLjLwmk-fPi_rop7QM7x5oljylkpDnKwXJbqHzS_GQMp5L3w== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 40ms
40ms XHR
text/html 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxV_KIUKSRd4h6zrlc_nfqSm-Q92LshhwE9KLKag8xUjosxw1VgSvr5tY5mVBzLhENdvLG7noeCRx3F9_32dbv6VxeWLjLwmk-fPi_rop7QM7x5oljylkpDnKwXJbqHzS_GQMp5L3w==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-gbJAYsAiOcCK6Ca7ig27OQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://notes.io/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 24 Dec 2023 09:55:05 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-gbJAYsAiOcCK6Ca7ig27OQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://notes.io
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxV_KIUKSRd4h6zrlc_nfqSm-Q92LshhwE9KLKag8xUjosxw1VgSvr5tY5mVBzLhENdvLG7noeCRx3F9_32dbv6VxeWLjLwmk-fPi_rop7QM7x5oljylkpDnKwXJbqHzS_GQMp5L3w== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 54ms
54ms XHR
text/html 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxV_KIUKSRd4h6zrlc_nfqSm-Q92LshhwE9KLKag8xUjosxw1VgSvr5tY5mVBzLhENdvLG7noeCRx3F9_32dbv6VxeWLjLwmk-fPi_rop7QM7x5oljylkpDnKwXJbqHzS_GQMp5L3w==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-TL-eJp_Kh5oAMYjRFPp6Ow' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://notes.io/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 24 Dec 2023 09:55:05 GMT
content-security-policy: script-src 'report-sample' 'nonce-TL-eJp_Kh5oAMYjRFPp6Ow' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://notes.io
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxV_KIUKSRd4h6zrlc_nfqSm-Q92LshhwE9KLKag8xUjosxw1VgSvr5tY5mVBzLhENdvLG7noeCRx3F9_32dbv6VxeWLjLwmk-fPi_rop7QM7x5oljylkpDnKwXJbqHzS_GQMp5L3w== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 80ms
79ms XHR
text/html 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxV_KIUKSRd4h6zrlc_nfqSm-Q92LshhwE9KLKag8xUjosxw1VgSvr5tY5mVBzLhENdvLG7noeCRx3F9_32dbv6VxeWLjLwmk-fPi_rop7QM7x5oljylkpDnKwXJbqHzS_GQMp5L3w==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-55UjnyPJ4_ILpmqwK42wIQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://notes.io/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 24 Dec 2023 09:55:05 GMT
content-security-policy: script-src 'report-sample' 'nonce-55UjnyPJ4_ILpmqwK42wIQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://notes.io
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxV7tLG62y7BYKQZBPSM-WjV7e66aEa8zJ29veysbmwYdCwqa4a2GQ98IQq0UQ5cpGngt5PeH0JexwNwdlnKqqj6mFrOm9hzx90YxOrF3T6kUdpA9bxdGPB5nL1wdq8tg7wVv7SGAA== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 71ms
71ms Script
application/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxV7tLG62y7BYKQZBPSM-WjV7e66aEa8zJ29veysbmwYdCwqa4a2GQ98IQq0UQ5cpGngt5PeH0JexwNwdlnKqqj6mFrOm9hzx90YxOrF3T6kUdpA9bxdGPB5nL1wdq8tg7wVv7SGAA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzAzNDExNzA1LDcwODAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZGUiLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9ub3Rlcy5pby93dDd1VSIsbnVsbCxbWzgsIlV2RkJRUjM0UzVVIl0sWzksImRlIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

acf8312d8e35a75c70cbaa7fe5ccb4bbd248911862df1ac9118f82aef86bf089

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-BPI9Qt-TpLSofeVbwneBcg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://notes.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 09:55:05 GMT
content-security-policy: script-src 'report-sample' 'nonce-BPI9Qt-TpLSofeVbwneBcg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxWi9vqqKI8rOfq0vrIwInGqlCL2yiroljlwovVwsQ5aGIhcy5yksCuyQRBVSzWBTZQcoah0ou1gNePV1ty-dngW4C_GN44v7gQZvO4bEwIw1pA9bzNimFZEXfFvM1QpLYkobLHtWA== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 47ms
47ms XHR
text/html 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWi9vqqKI8rOfq0vrIwInGqlCL2yiroljlwovVwsQ5aGIhcy5yksCuyQRBVSzWBTZQcoah0ou1gNePV1ty-dngW4C_GN44v7gQZvO4bEwIw1pA9bzNimFZEXfFvM1QpLYkobLHtWA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-2FQAgapdtHJjtNWuywECMg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://notes.io/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 24 Dec 2023 09:55:05 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-2FQAgapdtHJjtNWuywECMg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://notes.io
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxV_KIUKSRd4h6zrlc_nfqSm-Q92LshhwE9KLKag8xUjosxw1VgSvr5tY5mVBzLhENdvLG7noeCRx3F9_32dbv6VxeWLjLwmk-fPi_rop7QM7x5oljylkpDnKwXJbqHzS_GQMp5L3w== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 74ms
74ms XHR
text/html 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxV_KIUKSRd4h6zrlc_nfqSm-Q92LshhwE9KLKag8xUjosxw1VgSvr5tY5mVBzLhENdvLG7noeCRx3F9_32dbv6VxeWLjLwmk-fPi_rop7QM7x5oljylkpDnKwXJbqHzS_GQMp5L3w==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-PBQIHYkunY7FS8iXryNVyg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://notes.io/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 24 Dec 2023 09:55:05 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-PBQIHYkunY7FS8iXryNVyg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://notes.io
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 86ms
85ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231207&jk=3792896025820638&bg=!OjmlOXbNAAY3kmNgF5I7ADQBe5WfOOjDV9bO4qMxJDNGcOiKIA5IZg0mKHRrkc-4gj1LbbycUYrgbIn3jK7jLOfGifu0AgAAAD1SAAAAAWgBB5kCvfoY8KIOMs9KECp_krxMAEx_1SoxUvvFYHTEQmGL9QreE6IvyzlcqU3-tEgFjInKoZPfY5TgvHH7ftLpHIP-Hz-_nAt7HReqb6N68iunQzNmrr2o6ocbPEBFwf3yLfYlZz9Fpr-5FQiDe9403k3pJWXcs_nyK2JnvRpLf2xLbfb3-Eebu_3HF1dVM5mn-OM8VRGY9N4SJQqWYre3d7aDfQXb1NSnveUXZMjeRJPeY7wVfgn1uOGvtep_aCE_Ue2jtNZO4fLkKWBzxynIyfPoWTtHlbphZVjk5zsljHnSoru9C5d_-hAIpLKpq8wAbYvK9V6qy6BSqOjbgyOnZq-i6wfwE4QRg7zwNuc0O1-q0kptrLwmCn43BiCRWLZHJF5P2zLEdBWMC4iPYQ-pJcMg2UqllvolVOnQSSDIkKxzdYNyh5v_5QaXbQCIkilkoMFQM5CkQ2JYyk_6Yj7a5ZxW6MxOlMvhnTiHU0xwQREivUvBxvM61GLW4qyRJ8dSpOoTRRtpyKT2lbAZx8sUcO__rEgbJ_3ce0tUEtE-JyJh2iRj4Yc9XMLvcwSeSN1mdJGODDwFO7sWAaW3Km77EJbFd7eH_PpEtW3mcH8FiUaly-kJ3CictqNMewL07CHCi16VQojI-3dRbFjQerfH9hKps-vhTb0_6Nf8yjb5_RE88a8gV1bhn0YU_vqKSFGHU9w4HvAh4mflcgY7uIVeOUp02flAOyMNGSNHBO-8FP8p8bzbLJL-NUDkw4jqqRRnwQ_eYTK51ogNQK4xqynHgTl9KFvkjxGtrXu-DNK0w_jH0iKrXwBZg4QMOz3FoaJQL7IN-w9qWnPy8ld1twx81vOZ67kr4uaF5xmlJ3kRgClx2aPL7K7JXxSpUnY6KCINrKmFkekk0DfCI6wNIFAasotc7BPFAkZ0SCQa4RBN5pg0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://notes.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B36A 42 B
64 B 88ms
88ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsujNB4KhT2kUE5kwagxBD188ibmHe5IcyPitTL4P_gUT_H2fhXByx_9f5zV1ibu470PhMkniiGBApo9lLQBhwry-eq1HxqZyKn3nCZCiv9nOictzYffOFJF&sig=Cg0ArKJSzAE8ZYBHPZqoEAE&id=lidar2&mcvt=1000&p=0,0,604,160&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=0.99&if=1&vu=1&app=0&itpl=20&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1703411703808&rpt=361&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 09:55:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 i Show response
adrta.com/ Frame B36A 15 B
172 B 112ms
111ms Script
text/javascript 3.95.91.14
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://adrta.com/i?cb=63529843&__aasv=23.001&__aaii=12577598759713568950&__aait=1703411704207&__aasi=1948142948400929144&__aast=1703411704093&__aavi=4568387213415966296&__aavt=1703411704093&__aavz=-60&__aaib=0&__aaai=1&__aaaa=0&__aafl=0&__aaaf=1&__aaag=609&__aahd=%7B%22chrome%22%3A1%7D&__aarf=3&__aart=610&__aaax=0&__aaay=0&__aasz=160x600&__aapf=1&__aaec=2&__aaup=3&__aaat=0&__aaae=0&__aaav=1&__aaas=1102&__aaah=0&__aapc=0&__aaph=0&__aapw=0&__aap1=0&__aap2=0&__aap3=0&__aap4=0&__aap5=0&__aass=1600x1200&__aaim=1&__aawm=1&__aaho=1&__aacb=1703411702903&__aaxf=185.195.71.221%2C%2010.1.1.43&__aas21=2a05%3Aad00%3Ab%3A0%3A129%3A%3A1&__aas23=2a05%3Aad00%3Ab%3A0%3A129%3A%3A1%2C%2010.2.1.217&__aaci=ss&paid=ss&avid=113020&caid=2730832&publisherId=pub-4070502493653474&kv5=1&plid=7254702&segment=&kv4=2a05%3Aad00%3Ab%3A%3A&kv14=&kv1=160x600&siteId=&kv7=8&kv15=ABOVE_THE_FOLD&kv16=&kv17=&kv18=&kv24=WEB&kv22=&kv11=6587fff63dfccde406c60008&kv3=&kv55=1.0,1!google.com,pub-4070502493653474,1!centro.net,8,1&kv27=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&kv2=https%3A%2F%2Fnotes.io%2Fwt7uU&__aapu=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231207%2Fr20110914%2Fzrt_lookup_fy2021.html%23RS-1-%26adk%3D1812271803%26client%3Dca-pub-4070502493653474%26fa%3D3%26ifi%3D10%26uci%3Da!a%26btvi%3D7&__aapr=https%3A%2F%2Fnotes.io&__aatu=https%3A%2F%2Fnotes.io
Requested by: Host: pix.adrta.com
URL: https://pix.adrta.com/cdnf.js?v=23.000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.95.91.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-95-91-14.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 0832fd95ee636ce4ee93987e86eacc95ae8284fa5944919afb4c39913df029e0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: text/javascript;charset=ISO-8859-1
pragma: no-cache
date: Sun, 24 Dec 2023 09:55:06 GMT
cache-control: no-cache
server: nginx
content-length: 15
expires: Thu, 01 Jan 1970 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

84 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
notes.io/	1969-12-31 23:59:59	Name: PHPSESSID Value: i4uo1cl1v7ng8rfcrn09ejqtgi
.notes.io/	1970-01-21 02:46:11	Name: _ga_H0XVNMGVTV Value: GS1.1.1703411702.1.0.1703411702.60.0.0
.notes.io/	1970-01-21 02:46:11	Name: _ga Value: GA1.1.763161084.1703411703
.notes.io/	1970-01-21 02:31:47	Name: __gads Value: ID=921c0f79e32c40bd:T=1703411702:RT=1703411702:S=ALNI_MY9j_x1b-jGNOLJQ9QjAtgshFCoCg
.notes.io/	1970-01-21 02:31:47	Name: __gpi Value: UID=00000ce796ae7267:T=1703411702:RT=1703411702:S=ALNI_Mbm3zifSwEhb3Ig_0Qfl7zLa-MiPw
.doubleclick.net/	1970-01-21 02:46:11	Name: IDE Value: AHWqTUm5qYVCMxdr60yEzh2mVnsLser56-zXB3yC2NC-75mxNO5T2BnG9phZSLsQ3x8
.notes.io/	1970-01-21 02:31:47	Name: __gsas Value: ID=d43bbfbf264f0c64:T=1703411703:RT=1703411703:S=ALNI_MYQD6yMdhL6S-9PbPYPKRgJ2ryAPA
.sitescout.com/	1970-01-21 01:55:47	Name: ssi Value: 20140d83-29c4-4b68-a445-a813d792fc6d#1703411703903
.sitescout.com/	1970-01-20 17:53:23	Name: _ssuma Value: eyI2OCI6MTcwMzQxMTcwMzk0MX0
.adrta.com/	1970-01-21 02:46:11	Name: __aavi Value: 4568387213415966296
.adrta.com/	1970-01-21 02:46:11	Name: __aavt Value: 1703411704093
.adrta.com/	1969-12-31 23:59:59	Name: __aasi Value: 1948142948400929144
.adrta.com/	1969-12-31 23:59:59	Name: __aast Value: 1703411704093
.notes.io/	1970-01-21 01:55:47	Name: FCNEC Value: %5B%5B%22AKsRol8hdsEhjpgXLtpqdIkyuy74STtVJP9n7EwI9-9khP9kBDk5IcAzoaLvfpjCYavp-uT1AvLN-NprFOIdZxPU5Mb9ohA43zRbCD9cyLkT8sPm0PXCbd9h6aRzikdnNXbUskuPpb-Ss5NLAzDtZuxbrT5XsmXmrA%3D%3D%22%5D%5D

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4070502493653474&output=html&h=200&slotname=3868234696&adk=549409105&adf=954533980&pi=t.ma~as.3868234696&w=1200&fwrn=4&lmt=1703411702&rafmt=11&format=1200x200&url=https%3A%2F%2Fnotes.io%2Fwt7uU&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703411702525&bpp=3&bdt=311&idt=230&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&correlator=3251519291353&frm=20&pv=2&ga_vid=763161084.1703411703&ga_sid=1703411703&ga_hid=577917265&ga_fc=1&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=194&ady=122&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320238%2C31079438%2C31079714%2C31079964%2C31079979%2C31080103%2C95320885&oid=2&pvsid=3792896025820638&tmod=245286006&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=241 Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
other	warning	URL: https://www.google.com/adsense/search/async-ads.js(Line 210) Message: Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adrta.com
ads.eu.criteo.com
b1-eudc1.zemanta.com
b1t-eudc1.zemanta.com
cat.nl3.eu.criteo.com
cdn01.basis.net
cdnjs.cloudflare.com
cm.g.doubleclick.net
csm.eu.criteo.net
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
imageproxy.eu.criteo.net
ipv6.adrta.com
notes.io
pagead2.googlesyndication.com
partner.googleadservices.com
pix.adrta.com
pixel-sync.sitescout.com
q.adrta.com
region1.analytics.google.com
rtb.fr3.eu.criteo.com
static.cloudflareinsights.com
static.criteo.net
stats.g.doubleclick.net
tpc.googlesyndication.com
widgets.outbrain.com
wins-eu.sitescout.com
www.google.ch
www.google.com
www.googletagmanager.com
www.googletagservices.com
zem.outbrainimg.com
146.75.118.132
172.217.18.2
178.250.1.6
18.66.248.112
184.30.17.67
2001:4860:4802:34::36
213.227.153.222
213.227.153.223
2600:1f14:b4f:4b01:3851:4f93:66e2:747e
2606:4700::6810:3965
2606:4700::6811:190e
2a00:1450:4001:806::2002
2a00:1450:4001:808::200e
2a00:1450:4001:811::2002
2a00:1450:4001:811::2003
2a00:1450:4001:813::2008
2a00:1450:4001:81c::2001
2a00:1450:4001:828::2004
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2002
2a00:1450:400c:c00::9b
2a02:2638:3::10
2a02:2638:3::12
2a02:2638:3::1a
2a02:2638:3::3
2a02:2638:d::c
2a06:98c1:3121::3
3.95.91.14
41.63.96.2
44.193.136.11
98.98.134.242
98.98.134.245
011a1aebdf086c6cf9c92c114f9227ff687d51306256031e2029371d0ee4d97c
0212f39422ee353922b79ab5638bef808052bdc4ed98b043c84c0b39e4471491
04f4d53be8c040a227c2b64232ff8b1ce8de132b02273d391e615927e5f85eac
075cd9b26316c410afe04d54f0adfdfacf5586ada368d1f5ec061516e70ea7ca
0832fd95ee636ce4ee93987e86eacc95ae8284fa5944919afb4c39913df029e0
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0a51b3c32576974ef48aa7c6bc2cd9b881ff3f229c90aa4d7fe9983c4842bbdc
0b7935c3f61f35b3859886408bc60fee0849a674b7cf18a836b23e89db7f2c4d
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c7f4920095694476c9df96d4a04c4b0bdb7e8c69cefe0e0e596939749508098
0cca8d2464aacc00ff822ee7c3da38056e30bd03863dc29bc1ab2ab8c1747233
0d20725aad04321073f5328493250d2fa52782c4464c1bc5a5cfcce7360cd651
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
0ff68407b71ff03c432cca13da1e5296a765d3e91d2c3f18f356e4be99bebf1c
1d1980b2ff1c1bc1d1a109f41807602e60ffb9d741dd2d20ebdf818b785b0891
1d1a0d90b4cfb1d98abf3ecc7b4a372b8285f1a9d905d6587f5f14a16f67a1ba
1eed1d67d6a9d31f89ba331d090138d8ece3878c66e503cd748a71a8770b2e00
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
24d18bcf8211d5ae00302987ae9d022aa37207d9adf7209fea35a98b52612c4d
2562cd4b9b6658553bde47cfa6285a9ff75e0e688aa11ffd18494dbac5750df6
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
27a8c6042dcb878ffd6f98485b4f4a151217f31b344bcbdf7079a2dc30095776
27ee29e8f92c3913ab60d79989625113a2a3778bfb0a1b00489c6b8d131e8e5c
2c7700b4f17c98726894ffd50bbb33856f758fc61f90ad86829ce84db18e1b10
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f6bc396d110fdd03709c3abdff243d74ce8047aeb20b19869ec8582d0fa0c4f
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
32ee7e6142b97c6fb2f0cb1bfc7b78f819d2ae4b851a7828c4a8ceb7d0685336
38d388d9c7ac8c0d5e4d6210314e98f5e888456e9ac87614b160c6d9098f07f1
3b7a36767b8a601e41892a5b3a4ab9480530d709439d83de30509798fe4777ee
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
41584fbff76e300573505bcd27aefcbbd8993f1762d5441299fe494d430a52de
42ae8ff6ab42a1788012299b4be64fa1571d1eab8c6d66be656d02ff10d4285e
46d72aae9d4a3d95505f41765ef9f541d3bde5b21ddfa63ca2ac5b9b2fed6003
48d13ae6ef32ad9084e71758fbf48eaa0668e743c8264f5bfb4418fc948b0799
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fbcb3ac2b54766a4469f7cbaddab896205e86532bdb730e07ae2d21e2ed35cd
52ab32a502a79bcd4ebc6bc1755facd05754b9f9500d234c62a5471e07f4867f
530b140be7e578c5ab6f6c237c919ada37ef79232c39ca8aef547ed6338825d0
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
5e3483b903087992179e337c5b50d3d1768181543b2615915bb53529190fabee
5f7dfc5bafd3943b9b7e98dd6887a38f7b947bd45551acd4183f414a903474a4
60abefb68e8ee31093c223f34165e1c5b2ea1a27b5864f693f60c49b2d07ffcc
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63cec35da28301108fc71bbdcfaf16bc6b6f320b94bff5937ec811e869dfd569
648f54c430d2c6a851bd1708961ccd63740adf397470750354a631b0350a77e4
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
67fd821b8cbf7173173b93ab14e85ec18d6a244a7f5d9389e8048f5d9c38fbdc
68766a964820bd881f32abbe9e6ae7f592477b98b7579fe0a538df9f56a351ce
6a9247786fa121a1efb13d4c1b1908ca31882ec3764eecf0364da233fd6e1fbc
6b3bf23daef41ba20900e9c819b8750e86a8fff4c632fcec4912a74b86ed3933
71409f8b486cef6225f67eddcbd21f2731ac72ccc82d3889e71a1cd53f43e09c
715503a82965fc4df696587bda692cf3f1640922a80a088457296b41a4b3d39a
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
739735609cb88dd5336f847f9b9c4fb438ea137a885a6522d6c3b49b371a6a25
7891da306ac63a5ed48ddb5476adaa268d6c1241a86fbad5d974aaf7482890c8
7cd13946687442925b2383aeb0273086a585e5d3bc3733de296ca83528d34aa1
83e4efa73bc2c7a3edf7709f5674c5f351d6b5d398b48388ddfdbdcc890fe87d
84d8189e6ea9ef938931b17ed2e11a543356be0840e424c9f1e04ade2cc316bf
854a5cc12540c33c5d748da0b9bce95a25c72f9ef7fc4f92bbca033f8df835cc
860d3c8ac9a8144b61d2799c7410a7c337b3d1326a230d60c1d5cf320f081e03
86d45e218fa301b4e1f81d6ecad50c1a8f847e669aa2d9c91f0b487ceb56b67f
87e5bce0f9cb02b3849976db08535f08895614573931f8ff4ed32934ff786c2b
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
8e5b9418bd1477cbb686818accc2a39caae33da9a5ea8f25d18c26a9955fb90b
8ea45c4c4ef9081cfd5aac2cf039ce0a9e53650afcc63dd9f31924571a76aee2
8ec07804f571b1a26149ea652468127a180ba6335509bb1bf2a99808e469e460
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
927aae7eaa3046904366f7b811e82e802f791f53071cc8d3c30dc12de0dd9cfb
93e37bf47869885c0a24760fa9b6b4701f167af8fa9cf25f46e92435bb395aa5
93ebcff6a5333fc1913c11890c8681b60592f802aead4cc0354ca786d351be56
9b90937bdac082504869f2e7f5ab0cdae955ca4081694733ffd27a521e90dbaf
9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034
9cc796557291951ae944d44bce7806779d323505c9194d7ff23d81de86dcd3ad
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2cb4cf7f8dbb7af05983e4aec1a10679da31886d9752e7fe7793d7adc40bace
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a2e6f4e3b47708f456723686f7229139f65c9590fd610ad4483aa37ab623100e
a5ee2889a6667a9109444c3049d12b00e4d415039b49e07dfec29c91a2911a8d
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a7778a78a5cded3b78c27bc322f08153bd37563a77368c49348a4e3dcf54816b
a88d92e2876436beeb002b35dd4161535db42e6dd90ebd024ee57e96133fee01
a96bb3b367d8f7e4e5a1d4695b148646f7e26975c9cb155ec4f0b20a0a9d1e66
aa8d0a9541b493b851eb7895743b25b190eb124920d33b949898ae29d2c8275c
acf8312d8e35a75c70cbaa7fe5ccb4bbd248911862df1ac9118f82aef86bf089
afb2ca57a17df4ec594641ffa0ed6410fb85d072e8105affb26f03811edaafb3
b14f30514515ba05a4d3c38a52df6b628f579789b5f7d30a1d91238b91ebce25
b8d1b305e224725defcc0ae60271143157300653a2387c711d63f26abfbc48f6
ba523ef2ddc495dff5bfb7ecea9908c2253ed776bf02c0d63775d48c7061c28e
bf40f3d3dcd31f19de9a2b7da30d13d736eec2900d093fb4d6aa8eda2c2abd40
c45c8b81ccfcbc08127b74787d1b5974078756233de947986c357e28ed8f13ac
c52545f2518d75ba5f9007fe0f054447ea120c5848a2489161709601d60ea79a
c6d6e1b5a8106e8624cd94dfb25383a222f722bb8fa8817780d91405bccd991b
cd1e65fd03eb5e219a3ea73711a044bbdba580de75e7d0108bc2ce2a99fd73fe
ce8d0d9355a24e71c7a88488af4498b4ff04ee1f101ed8b2200de9b31b3174e5
d138d1a17eea08d9800f3f569857130a5e90b0aa04b9cdfe22a32126fa97ef92
d6ab241fbbf7c976659bcaa9cbb5c1367d899b47ce4dcd25a58e633dfef1ea7e
d7a8ba21ccda994b2162bc01608b70f548f5ee0b577b4ef92043a24bc3e8cb2e
d976ed13a180b2f8babe70192b787533252166c03c147c85843d9d58f328095c
d9e7213bd1de2e07001870ec2470a3347053cd9066ee982022fb597ac5e6001e
db2ba4889dd6b787459213e432032ea294061cedf2b335b423c93e923d36472a
dd43d486434121095a1a87b10d00af75be9b3876da1b100cabdad4fc1ec08699
dea147b204d79e0b2e7be22298a3125aaf750d4df41e01e0c52acc0cb97f2d52
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e1502116110773ebf467d200a9c3f5b2a12c6ff17610a0d1677407562585ef74
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5d491fd9bf0607b4786419e2d1199b3fb7e7cab2fef39e7bfb2f5d4fc983253
e676afbd0ddf8afafc01c7bf13e9ddeee39e6b662ae259f8266090cb785b927e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f57cfe8a95a48688f2f43be56518d6349c0b713e2e2e00df65dfff4253592002
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f8a7a2c0722117661ca84a437b362e2bda0c1f88365c9f38993e4e166c8fd186
fb00fe51694e9a062bdd78d55e256b8b9b512907f1f886c952b1e6184fa4f3f4
fbcc6ef0fd4c7039e42ff37f6bf26ecf4621b08d313a2b9aa7a948a2444091ab
fbd3c5938f018a95deb7c9d078d2fa48209f78516d0c5d1cf40bcad47ba2fb9d
fcbe61c8a75836204c74b660cc354dc661afcd19863640940795a901d606bd4d
fcfebc8c44f4bafecc91011df455412553173eb94caf02983686d201d8ee0dce

notes.io Open in urlscan Pro 2a06:98c1:3121::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

149 Requests

99 %HTTPS

63 %IPv6

18 Domains

32 Subdomains

32 IPs

5 Countries

1373 kBTransfer

3113 kBSize

14 Cookies

4 Outgoing links

Redirected requests

149 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

notes.io Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Screenshot
Live screenshot

Full Image

149
Requests

99 %
HTTPS

63 %
IPv6

18
Domains

32
Subdomains

32
IPs

5
Countries

1373 kB
Transfer

3113 kB
Size

14
Cookies

149 HTTP transactions
3 data transactions