URL: https://note1s.com/notes/1Q1F9MX
Submission: On April 02 via manual from US — Scanned from SG

Summary

This website contacted 17 IPs in 2 countries across 14 domains to perform 40 HTTP transactions. The main IP is 151.139.128.10, located in United States and belongs to STACKPATH-CDN, US. The main domain is note1s.com.
TLS certificate: Issued by R3 on March 2nd 2023. Valid for: 3 months.
This is the only time note1s.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
12 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 111
tpc.googlesyndication.com — Cisco Umbrella Rank: 145
344 KB
4 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 41
6 KB
4 consensu.org
quantcast.mgr.consensu.org — Cisco Umbrella Rank: 3686
test.quantcast.mgr.consensu.org — Cisco Umbrella Rank: 19603
156 KB
4 note1s.com
note1s.com
150 KB
3 gstatic.com
fonts.gstatic.com
31 KB
2 google.com
adservice.google.com — Cisco Umbrella Rank: 90
www.google.com — Cisco Umbrella Rank: 2
2 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 35
20 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 220
88 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 47
ajax.googleapis.com — Cisco Umbrella Rank: 357
32 KB
1 google.com.sg
adservice.google.com.sg — Cisco Umbrella Rank: 26990
531 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 980
601 B
1 traffic1s.com
traffic1s.com — Cisco Umbrella Rank: 285916
6 KB
1 volusion.com
cdn3.volusion.com — Cisco Umbrella Rank: 55662
189 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62
44 KB
40 14
Domain Requested by
9 pagead2.googlesyndication.com note1s.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
4 googleads.g.doubleclick.net pagead2.googlesyndication.com
4 note1s.com note1s.com
3 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
3 fonts.gstatic.com fonts.googleapis.com
3 quantcast.mgr.consensu.org note1s.com
quantcast.mgr.consensu.org
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 cdnjs.cloudflare.com note1s.com
cdnjs.cloudflare.com
1 www.google.com tpc.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.com.sg pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 test.quantcast.mgr.consensu.org quantcast.mgr.consensu.org
1 ajax.googleapis.com traffic1s.com
1 traffic1s.com note1s.com
1 cdn3.volusion.com note1s.com
1 www.googletagmanager.com note1s.com
1 fonts.googleapis.com note1s.com
40 18

This site contains links to these domains. Also see Links.

Domain
budtrader.com
mccormack-cotton.hubstack.net
pastelink.net
link1s.com
1shorten.com
kiemlua.com
Subject Issuer Validity Valid
note1s.com
R3
2023-03-02 -
2023-05-31
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-03-13 -
2023-06-05
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-08-03 -
2023-08-02
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2023-03-13 -
2023-06-05
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-03-13 -
2023-06-05
3 months crt.sh
cdn3.volusion.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1
2022-12-09 -
2023-12-21
a year crt.sh
traffic1s.com
R3
2023-02-24 -
2023-05-25
3 months crt.sh
cmp.quantcast.com
R3
2023-02-13 -
2023-05-14
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-03-13 -
2023-06-05
3 months crt.sh
*.googleadservices.com
GTS CA 1C3
2023-03-13 -
2023-06-05
3 months crt.sh
*.google.com.sg
GTS CA 1C3
2023-03-13 -
2023-06-05
3 months crt.sh
*.google.com
GTS CA 1C3
2023-03-13 -
2023-06-05
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2023-03-13 -
2023-06-05
3 months crt.sh
www.google.com
GTS CA 1C3
2023-03-13 -
2023-06-05
3 months crt.sh

This page contains 7 frames:

Primary Page: https://note1s.com/notes/1Q1F9MX
Frame ID: 7F0D8D2CC66DEC8FB07EB9EE11C862EA
Requests: 31 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230329/r20190131/zrt_lookup.html
Frame ID: 55FDCFC0CEBC87C97DE7B76865A735AE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-3452809526299067&output=html&adk=1812271804&adf=3025194257&lmt=1680450666&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fnote1s.com%2Fnotes%2F1Q1F9MX&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680450665986&bpp=4&bdt=233&idt=212&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3909736433365&frm=20&pv=2&ga_vid=1023227573.1680450666&ga_sid=1680450666&ga_hid=47544215&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773810%2C31071267&oid=2&pvsid=3055560456651804&tmod=168327875&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=232
Frame ID: C95A0A743A10E6A809D94EF3F34D29BD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-5770360435068495&output=html&h=250&slotname=5372077106&adk=3163036235&adf=3329483000&pi=t.ma~as.5372077106&w=300&lmt=1680450666&format=300x250&url=https%3A%2F%2Fnote1s.com%2Fnotes%2F1Q1F9MX&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680450665990&bpp=3&bdt=237&idt=231&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3909736433365&frm=20&pv=2&ga_vid=1023227573.1680450666&ga_sid=1680450666&ga_hid=47544215&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=650&ady=141&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773810%2C31071267&oid=2&pvsid=3055560456651804&tmod=168327875&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CeE%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=6rVUVYyvKe&p=https%3A//note1s.com&dtd=237
Frame ID: 3F56ADF6135F41A3B3885E53AD591444
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-5770360435068495&output=html&h=280&slotname=9311322114&adk=1971973793&adf=2975365663&pi=t.ma~as.9311322114&w=1200&fwrn=4&fwrnh=100&lmt=1680450666&rafmt=1&format=1200x280&url=https%3A%2F%2Fnote1s.com%2Fnotes%2F1Q1F9MX&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680450665993&bpp=2&bdt=240&idt=236&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=3909736433365&frm=20&pv=1&ga_vid=1023227573.1680450666&ga_sid=1680450666&ga_hid=47544215&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2578&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773810%2C31071267&oid=2&pvsid=3055560456651804&tmod=168327875&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CEebr%7Cp&abl=XS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=AYmKGVBE0w&p=https%3A//note1s.com&dtd=239
Frame ID: 9D917992C5D53A1E0F8EB54525A43461
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 8D984CAFE15DF4E8D0101408BD4AC8EF
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C8DDFF8B90B577F72AB04EBC594842C9
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

Note: Buy a Discount Soccer Jersey to Root to your Team

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • quantcast\.mgr\.consensu\.org

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

40
Requests

100 %
HTTPS

88 %
IPv6

14
Domains

18
Subdomains

17
IPs

2
Countries

1067 kB
Transfer

2898 kB
Size

8
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

40 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request 1Q1F9MX
note1s.com/notes/
23 KB
10 KB
Document
General
Full URL
https://note1s.com/notes/1Q1F9MX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
nginx /
Resource Hash
e4660fbf1bae29c1a7e6b675aaef2c1eeb560cddfd20eba3f6303fdc1d26700c
Security Headers
Name Value
Content-Security-Policy default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval';
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache, private
content-encoding
gzip
content-security-policy
default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval';
content-type
text/html; charset=UTF-8
date
Sun, 02 Apr 2023 15:51:05 GMT
server
nginx
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-hw
1680450665.cds019.hk1.hn,1680450665.cds025.hk1.sc,1680450665.cds025.hk1.p
x-xss-protection
1; mode=block
css
fonts.googleapis.com/
2 KB
924 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Nunito
Requested by
Host: note1s.com
URL: https://note1s.com/notes/1Q1F9MX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c05::5f , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
13fec3ec2c0627ac42565a8e76288112d98b6ab4085e680f18cc5292892fb0f9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://note1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 02 Apr 2023 15:51:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 02 Apr 2023 13:55:22 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 02 Apr 2023 15:51:05 GMT
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/
58 KB
11 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css
Requested by
Host: note1s.com
URL: https://note1s.com/notes/1Q1F9MX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://note1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 15:51:05 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2666807
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10462
last-modified
Mon, 13 Sep 2021 19:10:03 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"613fa20b-28de"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mL%2F27TqqXgwtA7sm8TgSA7f%2BGOUzeGWgcsdPilwNOjKr34coUmQn%2Bi864UrclY9%2B8s%2FY8u3F3SRHbDOzAG7j53dflhPi%2Bhy%2FPqDbPcLvxBcw4gYRoD%2FKO0%2FC3yP54lVo88k%2BWAqx3LTUCnA81McntS5x"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7b1a3b350d23401e-SIN
expires
Fri, 22 Mar 2024 15:51:05 GMT
app.css
note1s.com/css/
143 KB
28 KB
Stylesheet
General
Full URL
https://note1s.com/css/app.css?id=ebe28cb9d875b19bed6b
Requested by
Host: note1s.com
URL: https://note1s.com/notes/1Q1F9MX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
nginx /
Resource Hash
bb4e5956f130d6375ce85ca1225536f8852c4ca5b16ee74cb882ee40a4cbedd2
Security Headers
Name Value
Content-Security-Policy default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval';
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://note1s.com/notes/1Q1F9MX
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 15:51:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval';
last-modified
Sat, 26 Feb 2022 15:53:00 GMT
server
nginx
etag
W/"621a4cdc-23c92"
x-frame-options
SAMEORIGIN
x-hw
1680450665.cds019.hk1.hn,1680450665.cds029.hk1.c
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
27999
x-xss-protection
1; mode=block
js
www.googletagmanager.com/gtag/
113 KB
44 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-129758818-11
Requested by
Host: note1s.com
URL: https://note1s.com/notes/1Q1F9MX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c04::61 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
cdab2781c87c8f8251b7c4be4f31e137913a7dcd6d872095f5ae9c1f2e4ab04e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://note1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 15:51:05 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44930
x-xss-protection
0
last-modified
Sun, 02 Apr 2023 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 02 Apr 2023 15:51:05 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
138 KB
47 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3452809526299067
Requested by
Host: note1s.com
URL: https://note1s.com/notes/1Q1F9MX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c02::9c , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
485fd913936e20a8dc5bfe9f4e6b0f76546868c2d1637366b6480d93f4cefab8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://note1s.com/
Origin
https://note1s.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 15:51:05 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48342
x-xss-protection
0
server
cafe
etag
9434160075206842849
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 02 Apr 2023 15:51:05 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
139 KB
48 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1540753690967677
Requested by
Host: note1s.com
URL: https://note1s.com/notes/1Q1F9MX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c02::9c , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
afe8e7e78f9ae01691ff40173e5e45ec2a1c6a9d06b21ef4f7d8a54814d49bf8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://note1s.com/
Origin
https://note1s.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 15:51:05 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48443
x-xss-protection
0
server
cafe
etag
9297739110748167534
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 02 Apr 2023 15:51:05 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
139 KB
47 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5770360435068495
Requested by
Host: note1s.com
URL: https://note1s.com/notes/1Q1F9MX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c02::9c , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1ebab0f24b8207705096c1da64b3ae7f19e2b582bb614a40f1eae80e26b51c8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://note1s.com/
Origin
https://note1s.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 15:51:05 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48246
x-xss-protection
0
server
cafe
etag
4786828764838612679
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 02 Apr 2023 15:51:05 GMT
logo.png
note1s.com/images/
19 KB
19 KB
Image
General
Full URL
https://note1s.com/images/logo.png
Requested by
Host: note1s.com
URL: https://note1s.com/notes/1Q1F9MX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
nginx /
Resource Hash
9f726a0127ce218459cccfbec762795e5897b91c4c3ed3aa653b982c2f35fbfc
Security Headers
Name Value
Content-Security-Policy default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval';
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://note1s.com/notes/1Q1F9MX
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 15:51:05 GMT
content-security-policy
default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval';
x-content-type-options
nosniff
last-modified
Sat, 26 Feb 2022 15:53:00 GMT
server
nginx
etag
"621a4cdc-4d27"
x-frame-options
SAMEORIGIN
x-hw
1680450665.cds019.hk1.hn,1680450665.cds204.hk1.c
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
19751
x-xss-protection
1; mode=block
TT-ADAH5144-MESSI-2.jpg
cdn3.volusion.com/goz35.avhz4/v/vspfiles/photos/
188 KB
189 KB
Image
General
Full URL
https://cdn3.volusion.com/goz35.avhz4/v/vspfiles/photos/TT-ADAH5144-MESSI-2.jpg
Requested by
Host: note1s.com
URL: https://note1s.com/notes/1Q1F9MX
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.38 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx / Volusion
Resource Hash
1c335c9677066f2b1ac54957c66dda5bd7b61deb32bd933cfbb6d50a3baae12b
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://note1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=300
via
1.1 google, 1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
date
Sun, 02 Apr 2023 15:51:06 GMT
age
0
x-powered-by
Volusion
x-cache
HIT, MISS
content-length
192933
x-xss-protection
1; mode=block
x-served-by
cache-chi-klot8100087-CHI, cache-qpg1262-QPG
last-modified
Thu, 23 Jun 2016 22:05:54 GMT
server
nginx
x-timer
S1680450666.913572,VS0,VE230
etag
"456e96699bcdd11:0"
x-download-options
noopen
content-type
image/jpeg
accept-ranges
bytes
x-cache-hits
1, 0
site.js
traffic1s.com/js/
22 KB
6 KB
Script
General
Full URL
https://traffic1s.com/js/site.js?v=7
Requested by
Host: note1s.com
URL: https://note1s.com/notes/1Q1F9MX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
nginx /
Resource Hash
185fd23ab6df7cfa0d894462d25bc189df9022dac83b93e3f712499cac67dba0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://note1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 15:51:05 GMT
content-encoding
gzip
last-modified
Thu, 08 Dec 2022 13:05:14 GMT
server
nginx
etag
W/"6391e10a-5650"
x-hw
1680450665.cds025.hk1.hn,1680450665.cds212.hk1.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
5493
app.js
note1s.com/js/
258 KB
93 KB
Script
General
Full URL
https://note1s.com/js/app.js?id=0e83dba9e8630f1a1f92
Requested by
Host: note1s.com
URL: https://note1s.com/notes/1Q1F9MX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
nginx /
Resource Hash
8b5da51cc7922a21ec9681c479cb6709d39d388235a4570c7f626ddd6174485d
Security Headers
Name Value
Content-Security-Policy default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval';
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://note1s.com/notes/1Q1F9MX
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 15:51:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval';
last-modified
Sat, 26 Feb 2022 15:53:00 GMT
server
nginx
etag
W/"621a4cdc-40688"
x-frame-options
SAMEORIGIN
x-hw
1680450665.cds019.hk1.hn,1680450665.cds211.hk1.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
94951
x-xss-protection
1; mode=block
cmp2.js
quantcast.mgr.consensu.org/tcfv2/23/
266 KB
68 KB
Script
General
Full URL
https://quantcast.mgr.consensu.org/tcfv2/23/cmp2.js
Requested by
Host: note1s.com
URL: https://note1s.com/notes/1Q1F9MX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:229f:3000:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b3d7664a9bc1602bae1581a2bb4181109516fb2ae83e439e272954399a8adb12

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://note1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 22:55:49 GMT
content-encoding
br
via
1.1 242a08df1383db0d18e5cf8b76b259ce.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P1
age
60918
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
cross-origin-resource-policy
cross-origin
last-modified
Fri, 18 Dec 2020 15:09:38 GMT
server
AmazonS3
etag
W/"c6ce2ec2de0e055e2cd4aa8901f10de9"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=172800
vary
Accept-Encoding
x-amz-cf-id
CGiFIWM3kO9HHp0QCtXqAxDr4J619_xiXvS09takmPOhIFtE3EpNtw==
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
139 KB
48 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: note1s.com
URL: https://note1s.com/notes/1Q1F9MX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c02::9c , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1f5c73de04671bc5e687249b6ed12cf5f39ce088773262114a88f741d6ca3903
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://note1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 15:51:05 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48401
x-xss-protection
0
server
cafe
etag
10704818385427959726
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 02 Apr 2023 15:51:05 GMT
fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/webfonts/
76 KB
77 KB
Font
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/webfonts/fa-solid-900.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f52ae059ebd18fcb45ca5d2f81ab410ade2b54e096aa1284fd4b2b97bf3ddc9
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css
Origin
https://note1s.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 15:51:05 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2052821
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
78268
last-modified
Mon, 13 Sep 2021 19:10:03 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"613fa20b-131bc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U6DMY93EWkwSQc5ZdkBq1QTg2qayMneL7RPAl5RnVviMgSDLTgS9B3KNjD39djkK0M2ECixZGM4YLt3llS2pUPJH8JHeHraLuciatAXqs%2B%2FrbLVvxIuTPvz4LPqBbxYdQ%2F%2FNaMzNvVsoJdDCckdCnMFh"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7b1a3b35ea0b455f-SIN
expires
Fri, 22 Mar 2024 15:51:05 GMT
XRXI3I6Li01BKofiOc5wtlZ2di8HDLshdTQ3jw.woff2
fonts.gstatic.com/s/nunito/v25/
14 KB
14 KB
Font
General
Full URL
https://fonts.gstatic.com/s/nunito/v25/XRXI3I6Li01BKofiOc5wtlZ2di8HDLshdTQ3jw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c03::5e , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5e2f97ea0fb92d5e3ae31eeef403b9c34363c8fb2a387e13cf381fa97f3e8cf7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://note1s.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Mar 2023 11:30:13 GMT
x-content-type-options
nosniff
age
447652
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14060
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 19:44:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Mar 2024 11:30:13 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.6.0/
87 KB
31 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
Requested by
Host: traffic1s.com
URL: https://traffic1s.com/js/site.js?v=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c0f::5f , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://note1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Mar 2023 23:22:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
404933
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31017
x-xss-protection
0
last-modified
Wed, 10 Mar 2021 14:28:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Mar 2024 23:22:12 GMT
XRXI3I6Li01BKofiOc5wtlZ2di8HDLshdTo3j77e.woff2
fonts.gstatic.com/s/nunito/v25/
12 KB
13 KB
Font
General
Full URL
https://fonts.gstatic.com/s/nunito/v25/XRXI3I6Li01BKofiOc5wtlZ2di8HDLshdTo3j77e.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c03::5e , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a8aed46dba06a6b68d94a3204205fc78f1e9fc5c90e69ca49fad346e3b7e47b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://note1s.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Mar 2023 10:38:07 GMT
x-content-type-options
nosniff
age
450778
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12736
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 19:32:29 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Mar 2024 10:38:07 GMT
google-atp-list.json
quantcast.mgr.consensu.org/tcfv2/
151 KB
36 KB
XHR
General
Full URL
https://quantcast.mgr.consensu.org/tcfv2/google-atp-list.json
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/23/cmp2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:229f:3000:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
31d1a8b234ef7e3fcd967fe38bb63298be8faf869e0dcd5352c330ed5c18964b

Request headers

Accept
application/json, text/plain, */*
Referer
https://note1s.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 03:00:29 GMT
content-encoding
br
via
1.1 626bcc948b842c34ed60b35c5e127f38.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P1
age
46237
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Sun, 02 Apr 2023 03:00:26 GMT
server
AmazonS3
etag
W/"1dbfd79d4ea7f69c0c42a2f6065532e7"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=172800
access-control-allow-credentials
true
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
MR3dCMGyWcSXLIAPrbySQuXnfwjqzU_OmVllHyO_MSM81YX4BP6Hdw==
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-129758818-11
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c03::64 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://note1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 02 Apr 2023 14:31:18 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
4787
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Sun, 02 Apr 2023 16:31:18 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303270101/
350 KB
117 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303270101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1540753690967677
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c02::9c , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
90be087e1440e94261387983cca7fea9c94c7d95610e9868f1d5453e43329953
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://note1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 15:51:05 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
119834
x-xss-protection
0
server
cafe
etag
6058309350326726537
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sun, 02 Apr 2023 15:51:05 GMT
XRXI3I6Li01BKofiOc5wtlZ2di8HDLshdTs3j77e.woff2
fonts.gstatic.com/s/nunito/v25/
4 KB
4 KB
Font
General
Full URL
https://fonts.gstatic.com/s/nunito/v25/XRXI3I6Li01BKofiOc5wtlZ2di8HDLshdTs3j77e.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c03::5e , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7ed3b3e7cc5d46c24c6e02c7bd33100fbdd09822b0fb230956369b4881da6953
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://note1s.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 00:21:37 GMT
x-content-type-options
nosniff
age
55768
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4252
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 19:27:35 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 01 Apr 2024 00:21:37 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230329/r20190131/ Frame 55FD
10 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230329/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1540753690967677
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c03::9b , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://note1s.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

age
47819
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4549
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 02 Apr 2023 02:34:07 GMT
etag
2378337311435320485
expires
Sun, 16 Apr 2023 02:34:07 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cmp-list.json
test.quantcast.mgr.consensu.org/GVL-v2/
10 KB
3 KB
XHR
General
Full URL
https://test.quantcast.mgr.consensu.org/GVL-v2/cmp-list.json
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/23/cmp2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:23d2:8600:3:a4cd:8380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
152e7c5526b92a4bdc195f5d0186e79d1e7494bffea089229f3074434da7bea3

Request headers

Accept
application/json, text/plain, */*
Referer
https://note1s.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 03:00:39 GMT
x-amz-version-id
Q2dMm0LZtnIqBsDUTB8PNIsB16c9pwBC
content-encoding
br
via
1.1 0350bcc5158e7a7188f8505b95081286.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN52-P1
age
46227
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 30 Mar 2023 19:52:29 GMT
server
AmazonS3
etag
W/"62fd667efe0c7268fc68ea18d1179e2b"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=172800
vary
Accept-Encoding
x-amz-cf-id
5_TxkvXV4MF22hzstEY4yYWmrKi0lcyERXJNNoJuobEPyJRhfPtMlA==
vendor-list.json
quantcast.mgr.consensu.org/GVL-v2/
405 KB
49 KB
XHR
General
Full URL
https://quantcast.mgr.consensu.org/GVL-v2/vendor-list.json
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/23/cmp2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:229f:3000:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4a3f2f5497aad73b0c6813cfc9204b6b8a58a5db2e7b5b98a97988ec67ed687d

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://note1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 03:00:36 GMT
content-encoding
br
via
1.1 626bcc948b842c34ed60b35c5e127f38.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P1
age
46231
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Sun, 02 Apr 2023 03:00:32 GMT
server
AmazonS3
etag
W/"e96fe653ba58259e87381c5a1711417a"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=172800
access-control-allow-credentials
true
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
R3RT-XLrTndamRH0X3RMNopy9LhyddjI3h9_lyXHRhGryUCZqlKAbQ==
collect
www.google-analytics.com/j/
1 B
202 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&a=47544215&t=pageview&_s=1&dl=https%3A%2F%2Fnote1s.com%2Fnotes%2F1Q1F9MX&ul=en-us&de=UTF-8&dt=Note%3A%20Buy%20a%20Discount%20Soccer%20Jersey%20to%20Root%20to%20your%20Team&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=501768898&gjid=1547041669&cid=1023227573.1680450666&tid=UA-129758818-11&_gid=1970029946.1680450666&_r=1&gtm=457e33t0&jsscut=1&z=1988918494
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c03::64 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://note1s.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 02 Apr 2023 15:51:06 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://note1s.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/
387 B
601 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=note1s.com&callback=_gfp_s_&client=ca-pub-3452809526299067
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303270101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c06::9b , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2b50aa5d2c4ed653ce3df5a385e199be7d1e27f7c9b0cd2bbc1d9e0e45ea45ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://note1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 15:51:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
249
x-xss-protection
0
integrator.js
adservice.google.com.sg/adsid/
107 B
531 B
Script
General
Full URL
https://adservice.google.com.sg/adsid/integrator.js?domain=note1s.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303270101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c04::9d , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://note1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 15:51:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
456 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=note1s.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303270101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c0f::9d , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://note1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 15:51:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame C95A
0
188 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-3452809526299067&output=html&adk=1812271804&adf=3025194257&lmt=1680450666&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fnote1s.com%2Fnotes%2F1Q1F9MX&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680450665986&bpp=4&bdt=233&idt=212&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3909736433365&frm=20&pv=2&ga_vid=1023227573.1680450666&ga_sid=1680450666&ga_hid=47544215&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773810%2C31071267&oid=2&pvsid=3055560456651804&tmod=168327875&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=232
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303270101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c03::9b , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://note1s.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 02 Apr 2023 15:51:06 GMT
expires
Sun, 02 Apr 2023 15:51:06 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 3F56
436 B
235 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-5770360435068495&output=html&h=250&slotname=5372077106&adk=3163036235&adf=3329483000&pi=t.ma~as.5372077106&w=300&lmt=1680450666&format=300x250&url=https%3A%2F%2Fnote1s.com%2Fnotes%2F1Q1F9MX&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680450665990&bpp=3&bdt=237&idt=231&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3909736433365&frm=20&pv=2&ga_vid=1023227573.1680450666&ga_sid=1680450666&ga_hid=47544215&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=650&ady=141&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773810%2C31071267&oid=2&pvsid=3055560456651804&tmod=168327875&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CeE%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=6rVUVYyvKe&p=https%3A//note1s.com&dtd=237
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303270101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c03::9b , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d9a7cc93d6aa2b34188f81db2c97e928cd646e9f2623bfae09318b70d9de013c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://note1s.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
212
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 02 Apr 2023 15:51:06 GMT
expires
Sun, 02 Apr 2023 15:51:06 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 9D91
436 B
235 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-5770360435068495&output=html&h=280&slotname=9311322114&adk=1971973793&adf=2975365663&pi=t.ma~as.9311322114&w=1200&fwrn=4&fwrnh=100&lmt=1680450666&rafmt=1&format=1200x280&url=https%3A%2F%2Fnote1s.com%2Fnotes%2F1Q1F9MX&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680450665993&bpp=2&bdt=240&idt=236&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=3909736433365&frm=20&pv=1&ga_vid=1023227573.1680450666&ga_sid=1680450666&ga_hid=47544215&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2578&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773810%2C31071267&oid=2&pvsid=3055560456651804&tmod=168327875&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cm%7CEebr%7Cp&abl=XS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=AYmKGVBE0w&p=https%3A//note1s.com&dtd=239
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303270101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c03::9b , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef5b292885352242dd60f2ca37d7ffd63142e4b7b0c9265b7aeb071ce420bbb6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://note1s.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
212
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 02 Apr 2023 15:51:06 GMT
expires
Sun, 02 Apr 2023 15:51:06 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/
15 KB
11 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230329&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303270101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c02::9c , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
003eaadbb60377b65e80257e19d247d46be6824fe45b9a5e7080d31586f34ef4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://note1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 15:51:06 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11352
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303270101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c05::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://note1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 15:51:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 02 Apr 2023 15:51:06 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8D98
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c05::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://note1s.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
age
73814
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 01 Apr 2023 19:20:52 GMT
expires
Sun, 31 Mar 2024 19:20:52 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame C8DD
783 B
1 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c00::68 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
85b25b4e040d04dcdb0e0c812262bf5234afc11256745c8415d2a90fc3ca13ae
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-hELOHSG8d6TrWlYmTPGUdA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://note1s.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-hELOHSG8d6TrWlYmTPGUdA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 02 Apr 2023 15:51:06 GMT
expires
Sun, 02 Apr 2023 15:51:06 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
wMoe6OciHLqnbxL28zp4y_OVtpvKQBw-ZRrleUvee-M.js
pagead2.googlesyndication.com/bg/ Frame 8D98
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/wMoe6OciHLqnbxL28zp4y_OVtpvKQBw-ZRrleUvee-M.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c02::9c , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c0ca1ee8e7221cbaa76f12f6f33a78cbf395b69bca401c3e651ae5794bde7be3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Mar 2023 00:28:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
487363
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14116
x-xss-protection
0
last-modified
Mon, 27 Mar 2023 13:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 27 Mar 2024 00:28:23 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame C8DD
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230329&jk=3055560456651804&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c02::9c , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

generate_204
tpc.googlesyndication.com/ Frame 8D98
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?V3WyFQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c05::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 15:51:06 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230329&jk=3055560456651804&bg=!ExClEETNAAbEgrg45II7ADkAdvg8Wn9lIXzj8J6fcCPWKWgouB0yHdfPSpX7Uy_ZzZm5h0nqIwPHbQ4ZKWxlVH1-TEyz3uLVPCMCAAAAVFIAAAAEaAEHmQKjcNPkzB2iFPR4C511ktwkaPVspNwyfF5qFlTtIyTn8rvBEB2RXcC2Ql-Sq1gsg2s-se6pRjUFgFFym9hZhvB7tBMr3NzVnsJv-Pu56OuMVqgvHYzTiW10aCIRacoJanB7HyghkmMj25pq6iByQApDxni2KhaAIX402hqOBftra2H9vF34s-uCtWTP5Mwt5kDc-HoehWqianMkVL2XSnMDAbHvdNzuWTkFqaLVPaEvK02jiZrI8ylnseJN5iQ-lPZba_udf6mpGSWd3K_uJEA5CJ7TpwsvL9Ny8NiewBVBkYTaRu6YSaLqefhede-GtBmHH8t-Pb0HaTZPx8lOovb9CPhrokaO36u5FygwCjBv0vfdZKFoO8GJ6HtvXP7V0sc-VEZ1w5fnlEb9Jk7ZA-ObzBaelWV5SZQmpDEUFK5Cjw_4nZk3g6Gn0cnGyZiXfWGPkaCM7PKIC5zh8TUlbwmbMoCR6V7OlOvcE4weeHyrxoUiU5bq4vVZj4NoLw02cWXs_fqwWXz22Sqs7twNsg22iRGyTBvHCUFEPP5XQ23VG1B1aud6PSzneGxOpR7N93SlSDZJwSrLzCq2GXmErHdiJq0UdCR62SO5SJXxzeTNQ4sHZUxdFLdjWzwx9eJPWeJdivFdmbxjYXa-kA0KiE3wkzogKt211zU3aqwcp-at_MxR-PBhdmuoNSMI7VO4UO_x4k0lSGK7kIv5OcnDBhKAUZd-MVhH1tasID7fjTH5QXhdakVTxwG7XrdGsoDC0ShPsZPyQAzlImy_qnqhEwa5L9MKCj_Q0DphW6OMUz769tay8_HuZ0YEPyCcYeOldZHqO6Me5LuV5865YQ8f6KekJ_jwmEPMoUAlpPOEga3a_7Mklx7Y5b4dWyk292gHzTZfSv5K
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c02::9c , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://note1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

68 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 boolean| credentialless function| gtag object| dataLayer function| __tcfapi function| __uspapi object| adsbygoogle object| _0x947c object| initTrafficScript string| traffic_domain number| traffic_wait_time boolean| traffic_click boolean| traffic_blurred string| hidden string| traffic_countdown_id object| traffic_countdown_component object| google_tag_manager object| google_tag_data object| regeneratorRuntime function| __tcfapiui string| GoogleAnalyticsObject function| ga object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_lpabyc number| google_rum_task_id_counter string| google_user_agent_client_hint function| $ function| jQuery function| _ function| Popper function| axios object| gaplugins object| gaGlobal object| gaData number| width number| height object| jscd function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ boolean| _gfp_a_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| GoogleGcLKhOms object| google_image_requests

8 Cookies

Domain/Path Name / Value
note1s.com/ Name: XSRF-TOKEN
Value: eyJpdiI6InlKV2pXL0toN0t6ZzNQS00zRDQ0Zmc9PSIsInZhbHVlIjoidUpqVExkcW9VN3Q4MzRUSURkWDlYWnlla0VXWGNsdmN3NUt3b0hQL0MvY3RhSTBzQzB4VFdpSGNYM2diR2hFVU9haWx5RTkvWUtrcFN0K2lFWWR2T05xT1kxQ3Boc0l6dTlFTGR1Y0k2K3luckV3aFpxQ1gyaUs0bWFOL1QySHUiLCJtYWMiOiI3MjE2ZDIyNWEwM2Y4NjEwZmZhYmIwMjRiNTQyNjczZmEyODdhYWY3Yjc2ZDIxZDJhM2YxZjYzMmEyZjMwYzBiIn0%3D
note1s.com/ Name: online_notepad_take_notes_and_earn_money_at_note1scom_session
Value: eyJpdiI6IjVFV0FMblZ3NlRMaGpyVU5WMStQWXc9PSIsInZhbHVlIjoiSzNXVW93YWkrSU5Db1JuRmJ5eGk4VnhIcXUycWdBNURReFJlSzE5TjNLUlhnSHlldnFoZUx3ZTdlQktFaDZvbTRsZGlWcmg1dGJqU2hNRnBGL0lMa3BuOFVKYzlETVY4Q1hCWTNDWGtnQWx5MGRjb2FMQ0IrOGQvNklrSzRlVm8iLCJtYWMiOiIyN2I5ZjlkMmEwNjcxZGJiODk1ZGRjNDI1MWZjNzk2MzU4OGM3OWUwZjRhY2Q5MzRjN2E0ZTExYzZmOGVkZjMyIn0%3D
.note1s.com/ Name: _ga
Value: GA1.2.1023227573.1680450666
.note1s.com/ Name: _gid
Value: GA1.2.1970029946.1680450666
.note1s.com/ Name: _gat_gtag_UA_129758818_11
Value: 1
.note1s.com/ Name: __gads
Value: ID=81dea8e7510c1715-2295194df2dc00fa:T=1680450666:RT=1680450666:S=ALNI_Mag8oJF4Db4sx0FKQ22p9ugL4oIPA
.note1s.com/ Name: __gpi
Value: UID=00000beb6869cd1f:T=1680450666:RT=1680450666:S=ALNI_Ma67VJBFNK0e-1QEr-xtuHju3Bw3A
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission

2 Console Messages

Source Level URL
Text
security warning URL: https://note1s.com/notes/1Q1F9MX
Message:
Mixed Content: The page at 'https://note1s.com/notes/1Q1F9MX' was loaded over HTTPS, but requested an insecure element 'http://cdn3.volusion.com/goz35.avhz4/v/vspfiles/photos/TT-ADAH5144-MESSI-2.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://note1s.com/notes/1Q1F9MX(Line 223)
Message:
Mixed Content: The page at 'https://note1s.com/notes/1Q1F9MX' was loaded over HTTPS, but requested an insecure element 'http://cdn3.volusion.com/goz35.avhz4/v/vspfiles/photos/TT-ADAH5144-MESSI-2.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval';
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.com.sg
ajax.googleapis.com
cdn3.volusion.com
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
note1s.com
pagead2.googlesyndication.com
partner.googleadservices.com
quantcast.mgr.consensu.org
test.quantcast.mgr.consensu.org
tpc.googlesyndication.com
traffic1s.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
151.101.1.38
151.139.128.10
2404:6800:4003:c00::68
2404:6800:4003:c02::9c
2404:6800:4003:c03::5e
2404:6800:4003:c03::64
2404:6800:4003:c03::9b
2404:6800:4003:c04::61
2404:6800:4003:c04::9d
2404:6800:4003:c05::5f
2404:6800:4003:c05::84
2404:6800:4003:c06::9b
2404:6800:4003:c0f::5f
2404:6800:4003:c0f::9d
2600:9000:229f:3000:9:46dc:4700:93a1
2600:9000:23d2:8600:3:a4cd:8380:93a1
2606:4700::6811:180e
003eaadbb60377b65e80257e19d247d46be6824fe45b9a5e7080d31586f34ef4
13fec3ec2c0627ac42565a8e76288112d98b6ab4085e680f18cc5292892fb0f9
152e7c5526b92a4bdc195f5d0186e79d1e7494bffea089229f3074434da7bea3
185fd23ab6df7cfa0d894462d25bc189df9022dac83b93e3f712499cac67dba0
1c335c9677066f2b1ac54957c66dda5bd7b61deb32bd933cfbb6d50a3baae12b
1ebab0f24b8207705096c1da64b3ae7f19e2b582bb614a40f1eae80e26b51c8a
1f5c73de04671bc5e687249b6ed12cf5f39ce088773262114a88f741d6ca3903
2b50aa5d2c4ed653ce3df5a385e199be7d1e27f7c9b0cd2bbc1d9e0e45ea45ef
31d1a8b234ef7e3fcd967fe38bb63298be8faf869e0dcd5352c330ed5c18964b
485fd913936e20a8dc5bfe9f4e6b0f76546868c2d1637366b6480d93f4cefab8
4a3f2f5497aad73b0c6813cfc9204b6b8a58a5db2e7b5b98a97988ec67ed687d
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5e2f97ea0fb92d5e3ae31eeef403b9c34363c8fb2a387e13cf381fa97f3e8cf7
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7ed3b3e7cc5d46c24c6e02c7bd33100fbdd09822b0fb230956369b4881da6953
85b25b4e040d04dcdb0e0c812262bf5234afc11256745c8415d2a90fc3ca13ae
8b5da51cc7922a21ec9681c479cb6709d39d388235a4570c7f626ddd6174485d
8f52ae059ebd18fcb45ca5d2f81ab410ade2b54e096aa1284fd4b2b97bf3ddc9
90be087e1440e94261387983cca7fea9c94c7d95610e9868f1d5453e43329953
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e
9f726a0127ce218459cccfbec762795e5897b91c4c3ed3aa653b982c2f35fbfc
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a8aed46dba06a6b68d94a3204205fc78f1e9fc5c90e69ca49fad346e3b7e47b2
afe8e7e78f9ae01691ff40173e5e45ec2a1c6a9d06b21ef4f7d8a54814d49bf8
b3d7664a9bc1602bae1581a2bb4181109516fb2ae83e439e272954399a8adb12
bb4e5956f130d6375ce85ca1225536f8852c4ca5b16ee74cb882ee40a4cbedd2
c0ca1ee8e7221cbaa76f12f6f33a78cbf395b69bca401c3e651ae5794bde7be3
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
cdab2781c87c8f8251b7c4be4f31e137913a7dcd6d872095f5ae9c1f2e4ab04e
d9a7cc93d6aa2b34188f81db2c97e928cd646e9f2623bfae09318b70d9de013c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4660fbf1bae29c1a7e6b675aaef2c1eeb560cddfd20eba3f6303fdc1d26700c
ef5b292885352242dd60f2ca37d7ffd63142e4b7b0c9265b7aeb071ce420bbb6
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e