gpnotebook.com Open in urlscan Pro
2606:4700:10::6814:b70a Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.gpnotebook.co.uk/simplepage.cfm?ID=x20090214074356749131
Effective URL:
https://gpnotebook.com/simplepage.cfm?ID=x20090214074356749131
Submission Tags: falconsandbox
Submission: On November 13 via api (November 13th 2020, 6:22:45 am UTC) from US

Summary HTTP 63 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 21 IPs in 6 countries across 20 domains to perform 63 HTTP transactions. The main IP is 2606:4700:10::6814:b70a, located in United States and belongs to CLOUDFLARENET, US. The main domain is gpnotebook.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 30th 2020. Valid for: a year.

This is the only time gpnotebook.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	82.145.41.200 82.145.41.200	20860 (IOMART-AS) (IOMART-AS)
10	2606:4700:10:... 2606:4700:10::6814:b70a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:a823	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	212.124.124.59 212.124.124.59	47328 (TRI-AS Tr...) (TRI-AS True Records Inc.)
7	2600:9000:214... 2600:9000:214f:1e00:1:aeb5:c440:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:820::2008	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4	2600:9000:20a... 2600:9000:20ae:c000:11:f92e:9440:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:81a::200e	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:eb:... 2a02:26f0:eb:3b3::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	151.101.112.157 151.101.112.157	54113 (FASTLY) (FASTLY)
1	216.58.205.226 216.58.205.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:820::2002	15169 (GOOGLE) (GOOGLE)
1	151.101.14.109 151.101.14.109	54113 (FASTLY) (FASTLY)
1 2	2a05:f500:11:... 2a05:f500:11:101::b93f:9005	14413 (LINKEDIN) (LINKEDIN)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:809::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
1	104.244.42.3 104.244.42.3	13414 (TWITTER) (TWITTER)
1	104.244.42.133 104.244.42.133	13414 (TWITTER) (TWITTER)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
63	21

1 82.145.41.200 (United Kingdom) 1 redirects

ASN20860 (IOMART-AS, GB)

www.gpnotebook.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700:10::6814:b70a (United States)

ASN13335 (CLOUDFLARENET, US)

gpnotebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:a823 (United States)

ASN13335 (CLOUDFLARENET, US)

ajax.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 212.124.124.59 (Reston, United States)

ASN47328 (TRI-AS True Records Inc., ES)

servonlin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2600:9000:214f:1e00:1:aeb5:c440:93a1 (United States)

ASN16509 (AMAZON-02, US)

consent.cookiefirst.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:820::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:20ae:c000:11:f92e:9440:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.cookiefirst.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:eb:3b3::25ea (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.112.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.205.226 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra15s24-in-f226.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.14.109 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

extend.vimeocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:f500:11:101::b93f:9005 (Ireland) 1 redirects

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.3 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.133 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	cookiefirst.com consent.cookiefirst.com static.cookiefirst.com	85 KB
11	servonlin.com servonlin.com	20 KB
10	gpnotebook.com gpnotebook.com	146 KB
4	google-analytics.com www.google-analytics.com	78 KB
4	facebook.net connect.facebook.net	152 KB
3	google.de www.google.de	732 B
3	google.com www.google.com	732 B
3	doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net	2 KB
3	linkedin.com 2 redirects px.ads.linkedin.com www.linkedin.com	3 KB
2	facebook.com www.facebook.com	523 B
2	licdn.com snap.licdn.com	3 KB
2	googletagmanager.com www.googletagmanager.com	91 KB
1	t.co t.co	448 B
1	twitter.com analytics.twitter.com	651 B
1	vimeocdn.com extend.vimeocdn.com	6 KB
1	googlesyndication.com pagead2.googlesyndication.com	45 KB
1	googleadservices.com www.googleadservices.com	12 KB
1	ads-twitter.com static.ads-twitter.com	2 KB
1	cloudflare.com ajax.cloudflare.com	5 KB
1	gpnotebook.co.uk 1 redirects www.gpnotebook.co.uk	331 B
63	20

	Domain	Requested by
11	servonlin.com	ajax.cloudflare.com servonlin.com
10	gpnotebook.com	gpnotebook.com ajax.cloudflare.com
7	consent.cookiefirst.com	ajax.cloudflare.com consent.cookiefirst.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
4	static.cookiefirst.com	consent.cookiefirst.com
4	connect.facebook.net	gpnotebook.com connect.facebook.net
3	www.google.de
3	www.google.com
2	www.facebook.com
2	googleads.g.doubleclick.net	www.googleadservices.com
2	px.ads.linkedin.com	1 redirects
2	snap.licdn.com	www.googletagmanager.com snap.licdn.com
2	www.googletagmanager.com	gpnotebook.com www.googletagmanager.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	t.co
1	analytics.twitter.com	static.ads-twitter.com
1	www.linkedin.com	1 redirects
1	extend.vimeocdn.com	www.googletagmanager.com
1	pagead2.googlesyndication.com	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	static.ads-twitter.com	www.googletagmanager.com
1	ajax.cloudflare.com	gpnotebook.com
1	www.gpnotebook.co.uk	1 redirects
63	23

This site contains links to these domains. Also see Links.

Domain
gpnotebooktv.com
gpnotebookpodcast.com
events.gpnotebookeducation.com
www.gpnotebookeducation.com
signup.gpnotebook.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-30` - `2021-07-30`	a year	crt.sh
ajax.cloudflare.com DigiCert ECC Secure Server CA	`2020-08-11` - `2022-08-16`	2 years	crt.sh
servonlin.com Let's Encrypt Authority X3	`2020-10-07` - `2021-01-05`	3 months	crt.sh
*.cookiefirst.com Sectigo RSA Domain Validation Secure Server CA	`2019-12-16` - `2021-12-15`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-11-02` - `2021-01-30`	3 months	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2019-04-01` - `2021-05-07`	2 years	crt.sh
ads-twitter.com DigiCert SHA2 High Assurance Server CA	`2020-08-14` - `2021-08-19`	a year	crt.sh
www.googleadservices.com GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-10-26` - `2021-04-17`	6 months	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2020-08-05` - `2021-02-05`	6 months	crt.sh
www.google.com GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh
*.twitter.com DigiCert SHA2 High Assurance Server CA	`2020-03-05` - `2021-03-02`	a year	crt.sh
t.co DigiCert SHA2 High Assurance Server CA	`2020-03-05` - `2021-03-02`	a year	crt.sh
*.google.com GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh
*.google.de GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://gpnotebook.com/simplepage.cfm?ID=x20090214074356749131
Frame ID: 2D21AEAF1809A1FFA08B7DDB186DDB72
Requests: 63 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://www.gpnotebook.co.uk/simplepage.cfm?ID=x20090214074356749131 HTTP 301
https://gpnotebook.com/simplepage.cfm?ID=x20090214074356749131 Page URL

Detected technologies

CFML (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.cfm(?:$|\?)/i

Adobe ColdFusion (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

url /\.cfm(?:$|\?)/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

63
Requests

100 %
HTTPS

70 %
IPv6

20
Domains

23
Subdomains

21
IPs

6
Countries

650 kB
Transfer

2037 kB
Size

10
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://gpnotebooktv.com/
Title: TV

Search URL Search Domain Scan URL

URL: https://gpnotebookpodcast.com/
Title: Podcast

Search URL Search Domain Scan URL

URL: https://events.gpnotebookeducation.com/
Title: Study Groups

Search URL Search Domain Scan URL

URL: https://www.gpnotebookeducation.com/GPnotebook-Shortcuts
Title: Shortcuts

Search URL Search Domain Scan URL

URL: https://signup.gpnotebook.com/contact-us/
Title: Contact us

Search URL Search Domain Scan URL

URL: https://signup.gpnotebook.com/reviews/
Title: Testimonials

Search URL Search Domain Scan URL

URL: https://signup.gpnotebook.com/advertise-with-us/
Title: Advertise with us

Search URL Search Domain Scan URL

URL: https://signup.gpnotebook.com/faq/
Title: FAQ

Search URL Search Domain Scan URL

URL: https://signup.gpnotebook.com/privacy-policy/
Title: Privacy policy

Search URL Search Domain Scan URL

URL: https://signup.gpnotebook.com/terms-conditions/
Title: Terms and conditions

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.gpnotebook.co.uk/simplepage.cfm?ID=x20090214074356749131 HTTP 301
https://gpnotebook.com/simplepage.cfm?ID=x20090214074356749131 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1472857&time=1605248549916&url=https%3A%2F%2Fgpnotebook.com%2Fsimplepage.cfm%3FID%3Dx20090214074356749131 HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1472857%26time%3D1605248549916%26url%3Dhttps%253A%252F%252Fgpnotebook.com%252Fsimplepage.cfm%253FID%253Dx20090214074356749131%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1472857&time=1605248549916&url=https%3A%2F%2Fgpnotebook.com%2Fsimplepage.cfm%3FID%3Dx20090214074356749131&liSync=true

63 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request simplepage.cfm Show response
gpnotebook.com/
Redirect Chain

http://www.gpnotebook.co.uk/simplepage.cfm?ID=x20090214074356749131
https://gpnotebook.com/simplepage.cfm?ID=x20090214074356749131

46 KB
7 KB

294ms
250ms

Document
text/html

2606:4700:10::6814:b70a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gpnotebook.com/simplepage.cfm?ID=x20090214074356749131
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:b70a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 32a19d5800324e8cd78b1a7ed5e80aaa4efe659d3f258939688d4204bb7d5013

Request headers

:method: GET
:authority: gpnotebook.com
:scheme: https
:path: /simplepage.cfm?ID=x20090214074356749131
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Fri, 13 Nov 2020 06:22:29 GMT
content-type: text/html;charset=UTF-8
set-cookie: __cfduid=dc782cf53dbfbc761b7952b5243db74b01605248549; expires=Sun, 13-Dec-20 06:22:29 GMT; path=/; domain=.gpnotebook.com; HttpOnly; SameSite=Lax ACCESS_COOKIE=;Path=/;Expires=Fri, 20-Nov-2020 06:02:56 UTC ACCESS_COUNTRY=;Path=/;Expires=Fri, 20-Nov-2020 06:02:56 UTC PAGE_COUNT=1;Path=/;Expires=Sat, 14-Nov-2020 06:02:56 UTC USERID=x13-Nov-2006%3A22%20AM568700190;Path=/;Expires=Fri, 20-Nov-2020 06:02:56 UTC PAGE_COUNT=1;Path=/;Expires=Sat, 14-Nov-2020 06:02:56 UTC HISTORY=dolls%20eye%20reflex;Path=/;Expires=Fri, 20-Nov-2020 06:02:56 UTC LAST_PAGE=x20090214074356749131;Path=/ CLINICAL_CHAPTER=99;Path=/ PAGECOUNTTOP=0;Path=/ KEYWORDCOUNTTOP=0;Path=/
cf-cache-status: DYNAMIC
cf-request-id: 0661de1978000038beb1062000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5f166608cad438be-VIE
content-encoding: br

Redirect headers

Date: Fri, 13 Nov 2020 06:02:56 GMT
Server: Apache/2.4.34 (Red Hat) OpenSSL/1.0.1e-fips PHP/5.6.25
Location: https://gpnotebook.com/simplepage.cfm?ID=x20090214074356749131
Content-Length: 270
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 style.css
gpnotebook.com/css/ 174 KB
32 KB 21ms
20ms Stylesheet
text/css 2606:4700:10::6814:b70a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gpnotebook.com/css/style.css
Requested by: Host: gpnotebook.com
URL: https://gpnotebook.com/simplepage.cfm?ID=x20090214074356749131
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:b70a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e16e9c53d3e3dbc88230a96636e8a5848abf1e5d0c7189325dc74fa8612abfb2

Request headers

Referer: https://gpnotebook.com/simplepage.cfm?ID=x20090214074356749131
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 13 Nov 2020 06:22:29 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 12 Nov 2020 13:29:31 GMT
server: cloudflare
age: 50
etag: W/"2b686-5b3e8e6e600b8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=14400
cf-ray: 5f16660a5d5338be-VIE
cf-request-id: 0661de1a7b000038bed52ce000000001

GET
H2 200 gpn-logo.svg
gpnotebook.com/images/2020/ 8 KB
3 KB 18ms
17ms Image
image/svg+xml 2606:4700:10::6814:b70a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gpnotebook.com/images/2020/gpn-logo.svg
Requested by: Host: gpnotebook.com
URL: https://gpnotebook.com/simplepage.cfm?ID=x20090214074356749131
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:b70a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 14e745033f30e6c6f63574a7a96829fccc0920117075ea3f47cf8d7257b3fc8b

Request headers

Referer: https://gpnotebook.com/simplepage.cfm?ID=x20090214074356749131
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 13 Nov 2020 06:22:29 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 25 Oct 2020 11:17:02 GMT
server: cloudflare
age: 50
etag: W/"21ca-5b27cf3f84827"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
status: 200
cache-control: max-age=14400
cf-ray: 5f16660a5d5438be-VIE
cf-request-id: 0661de1a7b000038bec22a6000000001

GET
H2 200 new-ico.png
gpnotebook.com/images/2020/ 22 KB
23 KB 17ms
16ms Image
image/png 2606:4700:10::6814:b70a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gpnotebook.com/images/2020/new-ico.png
Requested by: Host: gpnotebook.com
URL: https://gpnotebook.com/simplepage.cfm?ID=x20090214074356749131
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:b70a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c52afcd515e921d5ab6a45dcfb4a277961206a328fc393c4de8bd498f903c809

Request headers

Referer: https://gpnotebook.com/simplepage.cfm?ID=x20090214074356749131
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 13 Nov 2020 06:22:29 GMT
cf-cache-status: HIT
age: 50
cf-polished: origSize=31794
status: 200
content-length: 22999
cf-request-id: 0661de1a7b000038beb5120000000001
last-modified: Sun, 25 Oct 2020 11:17:02 GMT
server: cloudflare
etag: "7c32-5b27cf3f8b96f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5f16660a5d5638be-VIE
cf-bgj: imgq:100,h2pri

GET
H2 200 GPnotebook.svg
gpnotebook.com/images/2020/ 4 KB
2 KB 19ms
19ms Image
image/svg+xml 2606:4700:10::6814:b70a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gpnotebook.com/images/2020/GPnotebook.svg
Requested by: Host: gpnotebook.com
URL: https://gpnotebook.com/simplepage.cfm?ID=x20090214074356749131
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:b70a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 561ec464d8b8a40f3c5b80f2f3593e2e5fae56d02b510e22f5d50075c6debdf0

Request headers

Referer: https://gpnotebook.com/simplepage.cfm?ID=x20090214074356749131
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 13 Nov 2020 06:22:29 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 25 Oct 2020 11:17:02 GMT
server: cloudflare
age: 50
etag: W/"e65-5b27cf3f8349f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
status: 200
cache-control: max-age=14400
cf-ray: 5f16660a5d5738be-VIE
cf-request-id: 0661de1a7c000038bed431e000000001

GET
H2 200 rocket-loader.min.js Show response
ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/ 12 KB
5 KB 43ms
16ms Script
application/javascript 2606:4700::6810:a823
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Requested by

Host: gpnotebook.com
URL: https://gpnotebook.com/simplepage.cfm?ID=x20090214074356749131

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:a823 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://gpnotebook.com/simplepage.cfm?ID=x20090214074356749131
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 13 Nov 2020 06:22:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
vary: Accept-Encoding
cf-request-id: 0661de1a9600000f8a4c1ec000000001
last-modified: Mon, 09 Nov 2020 16:26:32 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"5fa96db8-3016"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8M2FBKjePJHr%2Bl%2BgvEGWS8RZJb1QS0D4HKKVQ7fEpcyDhkdQJLlS93lvmNvaZhADNarx299jjGhOlc8ivmlmR7%2FxLEaWlxEV3mA6yI7OcXOh5TnXdAZl673dqHTUMayI"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 5f16660a8a980f8a-VIE
expires: Sun, 15 Nov 2020 06:22:29 GMT

GET
H2 200 GPnPro.svg
gpnotebook.com/images/2020/ 5 KB
2 KB 17ms
16ms Image
image/svg+xml 2606:4700:10::6814:b70a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gpnotebook.com/images/2020/GPnPro.svg
Requested by: Host: gpnotebook.com
URL: https://gpnotebook.com/simplepage.cfm?ID=x20090214074356749131
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:b70a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ebe4b78423a8ecd4ef47b633ceabd09bd8cff564a343657f691512ab651c7e34

Request headers

Referer: https://gpnotebook.com/simplepage.cfm?ID=x20090214074356749131
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 13 Nov 2020 06:22:29 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 25 Oct 2020 11:17:02 GMT
server: cloudflare
age: 50
etag: W/"122b-5b27cf3f824ff"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
status: 200
cache-control: max-age=14400
cf-ray: 5f16660a6d5c38be-VIE
cf-request-id: 0661de1a7e000038beb1072000000001

GET
H2 200 simplepage.js Show response
gpnotebook.com/js/ 2 KB
846 B 17ms
16ms Script
text/javascript 2606:4700:10::6814:b70a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gpnotebook.com/js/simplepage.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:b70a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb56283f42d6749eecc16a56bf14d1cbefd0239927dec29e413c1fe473107e76

Request headers

Referer: https://gpnotebook.com/simplepage.cfm?ID=x20090214074356749131
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 13 Nov 2020 06:22:29 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 12 Nov 2020 13:29:31 GMT
server: cloudflare
age: 50
etag: W/"689-5b3e8e6e5f500"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: max-age=14400
cf-ray: 5f16660bbf7638be-VIE
cf-request-id: 0661de1b50000038bec693e000000001

GET
H2 200 bundle.js Show response
gpnotebook.com/js/ 279 KB
76 KB 27ms
25ms Script
text/javascript 2606:4700:10::6814:b70a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gpnotebook.com/js/bundle.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:b70a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 228e1e5bfa6a6389b27ba06820b1e72f32ca3c6cb7d7d3a5e54a2a0ac56b58a8

Request headers

Referer: https://gpnotebook.com/simplepage.cfm?ID=x20090214074356749131
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 13 Nov 2020 06:22:29 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 12 Nov 2020 13:29:31 GMT
server: cloudflare
age: 50
etag: W/"45be6-5b3e8e6e5d9a8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: max-age=14400
cf-ray: 5f16660bbf7938be-VIE
cf-request-id: 0661de1b51000038bead2ea000000001

GET
H/1.1 200 20681189.js Show response
servonlin.com/ 35 KB
13 KB 565ms
127ms Script
application/javascript 212.124.124.59
TRI-AS True Recor...

General

Check archive.org

Show headers Download Go to

Full URL: https://servonlin.com/20681189.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.124.124.59 Reston, United States, ASN47328 (TRI-AS True Records Inc., ES),
Reverse DNS
Software: /
Resource Hash: 5a05925cdc557f2553f0d1e0205016a177b768da26620d7c7f28fbc02dc31c52

Request headers

Referer: https://gpnotebook.com/simplepage.cfm?ID=x20090214074356749131
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 13 Nov 2020 06:22:30 GMT
content-encoding: gzip
transfer-encoding: chunked
accept-ranges: bytes
etag: "05362daa3e5494ce41b20da04e24f3b77"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 banner.js Show response
consent.cookiefirst.com/ 530 B
950 B 30ms
6ms Script
application/javascript 2600:9000:214f:1e00:1:aeb5:c440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.cookiefirst.com/banner.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:1e00:1:aeb5:c440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c413d96f1228261053fce0b8e38e177109de47dbabc4a12ba98da5e5fa18a22e

Request headers

Referer: https://gpnotebook.com/simplepage.cfm?ID=x20090214074356749131
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 30 Oct 2020 15:58:03 GMT
via: 1.1 511c8b6c7e903efca023a504d527516b.cloudfront.net (CloudFront)
age: 1175067
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 200
content-length: 530
last-modified: Fri, 30 Oct 2020 15:57:56 GMT
server: AmazonS3
etag: "095d0fb6f02a96b09fa618c379a30249"
x-amz-version-id: Sf2xUESgjmoa2tWMVlXLEy.CCNqQ.mFE
cache-control: max-age=300, public
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: lzxJUuE5MEulLeNqG5azI-NPkCiF704H5u6614wmbet3TSIExPgWkQ==

GET
H2 200 AC_ActiveX.js Show response
gpnotebook.com/ 2 KB
654 B 19ms
18ms Script
text/javascript 2606:4700:10::6814:b70a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gpnotebook.com/AC_ActiveX.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:b70a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d4c01e25a6217059ac1a800b628e94e71969c9901a71b160cda98a1ccdbb6701

Request headers

Referer: https://gpnotebook.com/simplepage.cfm?ID=x20090214074356749131
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 13 Nov 2020 06:22:29 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 05 Mar 2018 17:34:00 GMT
server: cloudflare
age: 50
etag: W/"809-566adbb38f200"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: max-age=14400
cf-ray: 5f16660bbf7e38be-VIE
cf-request-id: 0661de1b52000038beaea39000000001

GET
H2 200 AC_RunActiveContent.js Show response
gpnotebook.com/ 3 KB
1 KB 16ms
16ms Script
text/javascript 2606:4700:10::6814:b70a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gpnotebook.com/AC_RunActiveContent.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:b70a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3f39e8dfdb159f1ebebd11c9932abc649b7fb261384a943f675f9b70da2e5d6d

Request headers

Referer: https://gpnotebook.com/simplepage.cfm?ID=x20090214074356749131
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 13 Nov 2020 06:22:29 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 05 Mar 2018 17:34:00 GMT
server: cloudflare
age: 50
etag: W/"ca1-566adbb38f200"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: max-age=14400
cf-ray: 5f16660bbf7f38be-VIE
cf-request-id: 0661de1b52000038beb0a48000000001

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 171 KB
53 KB 15ms
15ms Script
application/javascript 2a00:1450:4001:820::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KTRJ4BH

Requested by

Host: gpnotebook.com
URL: https://gpnotebook.com/simplepage.cfm?ID=x20090214074356749131

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ca8ae591958a50c1ca10d4fbe8a0a94639fdea684b9596756bd113d2ea54c298

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://gpnotebook.com/simplepage.cfm?ID=x20090214074356749131
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 13 Nov 2020 06:22:29 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54188
x-xss-protection: 0
last-modified: Fri, 13 Nov 2020 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 13 Nov 2020 06:22:29 GMT

GET
H2 200 all.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 20ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js

Requested by

Host: gpnotebook.com
URL: https://gpnotebook.com/simplepage.cfm?ID=x20090214074356749131

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9f139aa55048f20434bef5b631e870301eda2f8981f6cc522ab92adf4918a10f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://gpnotebook.com/simplepage.cfm?ID=x20090214074356749131
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: NtbxwAHuLYn6TCWEoeBV1g==
status: 200
cross-origin-resource-policy: cross-origin
expires: Fri, 13 Nov 2020 06:39:06 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1780
etag: "5886d239366e84561b8ab806c8d71998"
x-fb-debug: FKinLUC6IkE8aR+5m72+aspbZZBxV7yhsgyGjtUWNyktbZyugv8UauqaP0rjx8y8FpoV4GZS5Yr6/WzPmunqmg==
x-fb-trip-id: 664085054
x-fb-content-md5: aab2d3245766fc9d3c6ba759dd6c1a31
date: Fri, 13 Nov 2020 06:22:29 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 1.9881.js Show response
consent.cookiefirst.com/static/js/ 3 KB
2 KB 8ms
7ms Script
application/javascript 2600:9000:214f:1e00:1:aeb5:c440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.cookiefirst.com/static/js/1.9881.js
Requested by: Host: consent.cookiefirst.com
URL: https://consent.cookiefirst.com/banner.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:1e00:1:aeb5:c440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 08546bfe151a71325a04d61953faa72ea99e2b3c70b39409abb37717569fed66

Request headers

Referer: https://gpnotebook.com/simplepage.cfm?ID=x20090214074356749131
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 30 Oct 2020 15:58:04 GMT
content-encoding: gzip
age: 1175066
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 200
last-modified: Fri, 30 Oct 2020 15:57:57 GMT
server: AmazonS3
etag: W/"0e6deb694ae60abf7ba5185bc7cc257e"
vary: Accept-Encoding
x-amz-version-id: zSqk99k4rHZCYcdCDAzzkqFqYG._I.G9
via: 1.1 511c8b6c7e903efca023a504d527516b.cloudfront.net (CloudFront)
cache-control: max-age=315360000, public
x-amz-cf-pop: FRA53-C1
content-type: application/javascript
x-amz-cf-id: ge5kWl84I3qIuroMTkoWTYcewmQ9plkWjeTKITwrch8WjVxWys7r_Q==

GET
H2 200 2.28f1.chunk.js Show response
consent.cookiefirst.com/static/js/ 106 KB
35 KB 9ms
8ms Script
application/javascript 2600:9000:214f:1e00:1:aeb5:c440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.cookiefirst.com/static/js/2.28f1.chunk.js
Requested by: Host: consent.cookiefirst.com
URL: https://consent.cookiefirst.com/banner.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:1e00:1:aeb5:c440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9b92a4ad14ed9bfd476c982f9e66925ba582b8115ac8e92bfd4a2ef966ffca20

Request headers

Referer: https://gpnotebook.com/simplepage.cfm?ID=x20090214074356749131
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 30 Oct 2020 15:58:04 GMT
content-encoding: gzip
age: 1175066
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 200
last-modified: Fri, 30 Oct 2020 15:57:57 GMT
server: AmazonS3
etag: W/"9229f5541986e37807b20832f2c03f5f"
vary: Accept-Encoding
x-amz-version-id: vGYsbdR82RXNZ95S4cVz.YnqVORyG0zF
via: 1.1 511c8b6c7e903efca023a504d527516b.cloudfront.net (CloudFront)
cache-control: max-age=315360000, public
x-amz-cf-pop: FRA53-C1
content-type: application/javascript
x-amz-cf-id: a8Ac1LINNsb62st5tMltjtNAc-VA86eh0ETPbwW4gGuk9XPntGIqjw==

GET
H2 200 0.2995.chunk.css
consent.cookiefirst.com/static/css/ 42 KB
10 KB 7ms
7ms Stylesheet
text/css 2600:9000:214f:1e00:1:aeb5:c440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.cookiefirst.com/static/css/0.2995.chunk.css
Requested by: Host: consent.cookiefirst.com
URL: https://consent.cookiefirst.com/banner.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:1e00:1:aeb5:c440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: eda59bb658f98165b9dbe71df1487c6d173fca39d0e566b77f6c53b34c51c894

Request headers

Referer: https://gpnotebook.com/simplepage.cfm?ID=x20090214074356749131
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 30 Oct 2020 21:09:24 GMT
content-encoding: gzip
age: 1156386
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 200
last-modified: Fri, 30 Oct 2020 15:57:57 GMT
server: AmazonS3
etag: W/"f45b5a9c12cfa4f92c7bfbc7905bcb04"
vary: Accept-Encoding
x-amz-version-id: di2hqWfF2oxXnxZRG7F8azKDmGtcvM_1
via: 1.1 511c8b6c7e903efca023a504d527516b.cloudfront.net (CloudFront)
cache-control: max-age=315360000, public
x-amz-cf-pop: FRA53-C1
content-type: text/css
x-amz-cf-id: UGuB-rFBLM3IhtfLKi0-uCxS_2EutPtJiJdv0RQNTt1yocvP87S5jA==

GET
H2 200 0.e58d.chunk.js Show response
consent.cookiefirst.com/static/js/ 69 KB
21 KB 9ms
8ms Script
application/javascript 2600:9000:214f:1e00:1:aeb5:c440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.cookiefirst.com/static/js/0.e58d.chunk.js
Requested by: Host: consent.cookiefirst.com
URL: https://consent.cookiefirst.com/banner.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:1e00:1:aeb5:c440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 91055f9218b4d3933b4b323258cd599ead82d5aa948a342faa8a3d17ff9436dc

Request headers

Referer: https://gpnotebook.com/simplepage.cfm?ID=x20090214074356749131
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 30 Oct 2020 15:58:05 GMT
content-encoding: gzip
age: 1175064
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 200
last-modified: Fri, 30 Oct 2020 15:57:57 GMT
server: AmazonS3
etag: W/"13ab69179c8c4d35b986483fdbec2101"
vary: Accept-Encoding
x-amz-version-id: jXnt7VRsixjS121p5oEOomgNodSJ10lM
via: 1.1 511c8b6c7e903efca023a504d527516b.cloudfront.net (CloudFront)
cache-control: max-age=315360000, public
x-amz-cf-pop: FRA53-C1
content-type: application/javascript
x-amz-cf-id: 34-OdjiP1MYie7EucIY8msraWSpfZNmooH-DEmZlbDVnEqKzONFoXQ==

GET
H2 200 all.js Show response
connect.facebook.net/en_US/ 188 KB
57 KB 17ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js?hash=5d56d3c6580d7932b506fa2bc89b1ed1&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

33d0b449d42863b8eb7dd7531a109d4378070d097b898d174762ec6ca6bc82ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://gpnotebook.com
Referer: https://gpnotebook.com/simplepage.cfm?ID=x20090214074356749131
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: wHLJwQW6jstvHP62Lz4jdg==
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 57665
etag: "73b4fdf1fc06c111d6d493c5a8fdd4c5"
x-fb-debug: aMjFzkFosAocAJf8NEmjJKtPHi9SVSsnLcBettX2at5wpEPHVhcLMvSD2DAP6PuFzigHdLL7GAS6NwjdX1aHNw==
x-fb-trip-id: 664085054
x-fb-content-md5: fe1825c2bd4717aa4cd72dfb1450f9a5
x-frame-options: DENY
date: Fri, 13 Nov 2020 06:22:29 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
expires: Sat, 13 Nov 2021 01:14:37 GMT

GET
H2 200 version.json Show response
static.cookiefirst.com/sites/gpnotebook.com-63fc70b5-10dd-4566-aa29-0f410391f922/ 16 B
486 B 187ms
119ms XHR
application/json 2600:9000:20ae:c000:11:f92e:9440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cookiefirst.com/sites/gpnotebook.com-63fc70b5-10dd-4566-aa29-0f410391f922/version.json?v=80262428
Requested by: Host: consent.cookiefirst.com
URL: https://consent.cookiefirst.com/static/js/2.28f1.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ae:c000:11:f92e:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 47523d4f8ef534643b986e29ec1b1cf9eb98cc3ed003105132fb1d4f1cf255c4

Request headers

Accept: application/json
Referer: https://gpnotebook.com/simplepage.cfm?ID=x20090214074356749131
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 13 Nov 2020 06:22:30 GMT
via: 1.1 13182ff42379bbc1098730eb0992dbae.cloudfront.net (CloudFront)
x-amz-cf-pop: WAW50-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
status: 200
content-length: 16
last-modified: Thu, 05 Nov 2020 10:10:11 GMT
server: AmazonS3
etag: "9bd58cf6b91ad373e06f6e0890363c88"
access-control-allow-methods: GET
x-amz-version-id: hlCNpZZx3iq3HCMebhrKm0LJyV5Y3rL_
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-type: application/json
x-amz-cf-id: Hp1pqPPX0pbnRRyBquIyva6sqdUHZtZ8gtn-XO-tkZv-1PxIPgwWVQ==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:81a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KTRJ4BH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://gpnotebook.com/simplepage.cfm?ID=x20090214074356749131
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 4001
date: Fri, 13 Nov 2020 05:15:48 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Fri, 13 Nov 2020 07:15:48 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 89 KB
23 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: gpnotebook.com
URL: https://gpnotebook.com/simplepage.cfm?ID=x20090214074356749131

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4620c7cc7faa4ded84a43c1c0a8623d2fa293fe1b821790911229aa02601f7c0

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://gpnotebook.com/simplepage.cfm?ID=x20090214074356749131
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23272
x-xss-protection: 0
pragma: public
x-fb-debug: 10kBlqd4qDq15jcJZgaW3xXNRQRYcLfCQcFLkvNkV2KLYs/86EEO06VfigIQechgXOIOrrCRPwmBF4St0h2QsQ==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Fri, 13 Nov 2020 06:22:29 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 965 B
761 B 29ms
8ms Script
application/x-javascript 2a02:26f0:eb:3b3::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KTRJ4BH
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:eb:3b3::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: /
Resource Hash: f10b9b0c4107ca5a40a5c69b1ac91a8948d84f39893dee6b429cdbdb05887093

Request headers

Referer: https://gpnotebook.com/simplepage.cfm?ID=x20090214074356749131
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 13 Nov 2020 06:22:29 GMT
Content-Encoding: gzip
Last-Modified: Tue, 22 Sep 2020 22:01:48 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=52150
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 448

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 5 KB
2 KB 96ms
31ms Script
application/javascript 151.101.112.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KTRJ4BH
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.112.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 8247f4332667950989fe6bf790f87723343db2ec83d975503e9c5dc13a6eb5dc

Request headers

Referer: https://gpnotebook.com/simplepage.cfm?ID=x20090214074356749131
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 13 Nov 2020 06:22:29 GMT
content-encoding: gzip
age: 31789
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200
content-length: 1958
x-served-by: cache-hhn4074-HHN
last-modified: Wed, 21 Oct 2020 21:46:56 GMT
x-timer: S1605248550.922123,VS0,VE0
etag: "a4cc3f907681b24a3efd540acd5d2996+gzip"
vary: Accept-Encoding,Host
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: no-cache
accept-ranges: bytes

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 30 KB
12 KB 56ms
56ms Script
text/javascript 216.58.205.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KTRJ4BH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.205.226 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s24-in-f226.1e100.net

Software

cafe /

Resource Hash

30b509528a09195b7a7080345419048fd35269803cdfeab438a98c2176a1d9d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gpnotebook.com/simplepage.cfm?ID=x20090214074356749131
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 13 Nov 2020 06:22:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 11761
x-xss-protection: 0
server: cafe
etag: 8854462785499610041
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 13 Nov 2020 06:22:29 GMT

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
38 KB 44ms
29ms Script
application/javascript 2a00:1450:4001:820::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-710824397

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KTRJ4BH

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d12287f6fa5f91a417d3506b9eb8a87a231b40aa4283790b53ccd10ed320ac55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://gpnotebook.com/simplepage.cfm?ID=x20090214074356749131
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 13 Nov 2020 06:22:29 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38706
x-xss-protection: 0
last-modified: Fri, 13 Nov 2020 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 13 Nov 2020 06:22:29 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 130 KB
45 KB 45ms
23ms Script
text/javascript 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KTRJ4BH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

af37fe3ad7a203af217db65b76b7c0931626f71e1c3a7b7163b447fdc5e4dc4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gpnotebook.com/simplepage.cfm?ID=x20090214074356749131
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 13 Nov 2020 06:22:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 45475
x-xss-protection: 0
server: cafe
etag: 12302490219791743052
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 13 Nov 2020 06:22:29 GMT

GET
H2 200 96660759.js Show response
extend.vimeocdn.com/ga/ 17 KB
6 KB 94ms
30ms Script
text/javascript 151.101.14.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://extend.vimeocdn.com/ga/96660759.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KTRJ4BH
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache /
Resource Hash: b2b2ad1d953b1341442dca10555ebf44343c74fa9755492be52bf521f61dab11

Request headers

Referer: https://gpnotebook.com/simplepage.cfm?ID=x20090214074356749131
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 13 Nov 2020 06:22:29 GMT
content-encoding: gzip
age: 11594799
x-cache: HIT
status: 200
x-cache-hits: 286815
content-length: 5672
x-served-by: cache-fra19139-FRA
x-vimeo-dc: ge
last-modified: Mon, 29 Jun 2020 23:08:13 GMT
server: Apache
x-timer: S1605248550.926685,VS0,VE0
etag: "43cc-5a94122101140"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 30 Jun 2030 01:35:50 GMT

GET
H3-Q050 200 js Show response
www.google-analytics.com/gtm/ 118 KB
41 KB 49ms
36ms Script
application/javascript 2a00:1450:4001:81a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-T3JWKWR&t=gtm2&cid=865893982.1605248550

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bbd10275c5a83846d881e81ed5e458111d071951d7fa56605d727666f3c15973

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://gpnotebook.com/simplepage.cfm?ID=x20090214074356749131
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 13 Nov 2020 06:22:29 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41241
x-xss-protection: 0
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 13 Nov 2020 06:22:29 GMT

GET
H2 200 392070311484175 Show response
connect.facebook.net/signals/config/ 235 KB
69 KB 59ms
58ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/392070311484175?v=2.9.28&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7292e84e3eb98627375093aa0dec3e4296578ba77b55ad6755d68960c3cc0df5

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://gpnotebook.com/simplepage.cfm?ID=x20090214074356749131
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: 4AEgZAvc5UBKahmY2hOoiOlV6brReuxVdF2nZFwIZ0HCZ5bLF1dnvN+081rjgapkLi5LdcMRaHvcuufB+5zOIw==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Fri, 13 Nov 2020 06:22:29 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK insight.beta.min.js Show response
snap.licdn.com/li.lms-analytics/ 4 KB
2 KB 13ms
13ms Script
application/x-javascript 2a02:26f0:eb:3b3::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.beta.min.js
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:eb:3b3::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: /
Resource Hash: a8431bfe4316cdc20de936e824f735c9478bbc9ce3d3a51c774eca45faff637f

Request headers

Referer: https://gpnotebook.com/simplepage.cfm?ID=x20090214074356749131
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 13 Nov 2020 06:22:29 GMT
Content-Encoding: gzip
Last-Modified: Tue, 22 Sep 2020 22:01:48 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=21782
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1799

GET
H2

200

collect
px.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1472857&time=1605248549916&url=https%3A%2F%2Fgpnotebook.com%2Fsimplepage.cfm%3FID%3Dx20090214074356749131
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1472857%26time%3D1605248549916%26url%3Dhttps%253A%252F%252Fgpnotebook.com%252Fsim...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1472857&time=1605248549916&url=https%3A%2F%2Fgpnotebook.com%2Fsimplepage.cfm%3FID%3Dx20090214074356749131&liSync=true

0
57 B

174ms
173ms

Image
application/javascript

2a05:f500:11:101::b93f:9005
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1472857&time=1605248549916&url=https%3A%2F%2Fgpnotebook.com%2Fsimplepage.cfm%3FID%3Dx20090214074356749131&liSync=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:f500:11:101::b93f:9005 , Ireland, ASN14413 (LINKEDIN, US),
Reverse DNS
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gpnotebook.com/simplepage.cfm?ID=x20090214074356749131
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 13 Nov 2020 06:22:30 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lor1
status: 200
x-li-proto: http/2
x-li-pop: prod-tln1
content-type: application/javascript
content-length: 0
x-li-uuid: oo9VMw39RhYAzQ189CoAAA==

Redirect headers

content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; report-uri https://www.linkedin.com/platform-telemetry/csp?f=l
x-content-type-options: nosniff
linkedin-action: 1
status: 302
content-length: 0
x-li-uuid: +DP6LA39RhYwf6hVMysAAA==
pragma: no-cache
x-li-pop: afd-prod-lor1
x-msedge-ref: Ref A: CDC519D9F3A34B93B2FA4B7BEDF4DC12 Ref B: FRAEDGE1107 Ref C: 2020-11-13T06:22:30Z
x-frame-options: sameorigin
date: Fri, 13 Nov 2020 06:22:29 GMT
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
strict-transport-security: max-age=2592000
x-li-fabric: prod-lor1
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1472857&time=1605248549916&url=https%3A%2F%2Fgpnotebook.com%2Fsimplepage.cfm%3FID%3Dx20090214074356749131&liSync=true
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store
x-li-proto: http/2
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/710824397/ 2 KB
1 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/710824397/?random=1605248549918&cv=9&fst=1605248549918&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oab41&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fgpnotebook.com%2Fsimplepage.cfm%3FID%3Dx20090214074356749131&tiba=dolls%20eye%20reflex%20-%20General%20Practice%20Notebook&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7589f7af7451fe73825effa9f5bb4a5a609426f98e4ad097a961731df5b22b3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gpnotebook.com/simplepage.cfm?ID=x20090214074356749131
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 13 Nov 2020 06:22:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1079
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/710840800/ 2 KB
1 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/710840800/?random=1605248549921&cv=9&fst=1605248549921&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgb41&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fgpnotebook.com%2Fsimplepage.cfm%3FID%3Dx20090214074356749131&tiba=dolls%20eye%20reflex%20-%20General%20Practice%20Notebook&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ec4fe2c51fb685a7a7175c5b7ee64439299b12f51e1322cd76373dcc72fa2d7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gpnotebook.com/simplepage.cfm?ID=x20090214074356749131
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 13 Nov 2020 06:22:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1051
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
137 B 14ms
14ms XHR
text/plain 2a00:1450:4001:81a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=80818728&t=pageview&_s=1&dl=https%3A%2F%2Fgpnotebook.com%2Fsimplepage.cfm%3FID%3Dx20090214074356749131&ul=en-us&de=UTF-8&dt=dolls%20eye%20reflex%20-%20General%20Practice%20Notebook&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAEADQAAAAC~&jid=1182272853&gjid=1523530908&cid=865893982.1605248550&uid=not%20logged&tid=UA-129730316-2&_gid=591585451.1605248550&_r=1&gtm=2wgb41KTRJ4BH&cd1=Not%20Logged%20In&cd2=not%20logged&cd3=&z=252697201

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://gpnotebook.com/simplepage.cfm?ID=x20090214074356749131
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 13 Nov 2020 06:22:29 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: text/plain
access-control-allow-origin: https://gpnotebook.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:81a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KTRJ4BH

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://gpnotebook.com/simplepage.cfm?ID=x20090214074356749131
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 4001
date: Fri, 13 Nov 2020 05:15:48 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Fri, 13 Nov 2020 07:15:48 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/710824397/ 42 B
153 B 26ms
22ms Image
image/gif 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/710824397/?random=1605248549918&cv=9&fst=1605247200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oab41&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fgpnotebook.com%2Fsimplepage.cfm%3FID%3Dx20090214074356749131&tiba=dolls%20eye%20reflex%20-%20General%20Practice%20Notebook&async=1&fmt=3&is_vtc=1&random=4269388097&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gpnotebook.com/simplepage.cfm?ID=x20090214074356749131
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Nov 2020 06:22:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/710824397/ 42 B
107 B 25ms
21ms Image
image/gif 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/710824397/?random=1605248549918&cv=9&fst=1605247200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oab41&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fgpnotebook.com%2Fsimplepage.cfm%3FID%3Dx20090214074356749131&tiba=dolls%20eye%20reflex%20-%20General%20Practice%20Notebook&async=1&fmt=3&is_vtc=1&random=4269388097&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gpnotebook.com/simplepage.cfm?ID=x20090214074356749131
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Nov 2020 06:22:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/710840800/ 42 B
107 B 27ms
24ms Image
image/gif 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/710840800/?random=1605248549921&cv=9&fst=1605247200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgb41&sendb=1&frm=0&url=https%3A%2F%2Fgpnotebook.com%2Fsimplepage.cfm%3FID%3Dx20090214074356749131&tiba=dolls%20eye%20reflex%20-%20General%20Practice%20Notebook&async=1&fmt=3&is_vtc=1&random=2685407111&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gpnotebook.com/simplepage.cfm?ID=x20090214074356749131
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Nov 2020 06:22:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/710840800/ 42 B
153 B 23ms
21ms Image
image/gif 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/710840800/?random=1605248549921&cv=9&fst=1605247200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgb41&sendb=1&frm=0&url=https%3A%2F%2Fgpnotebook.com%2Fsimplepage.cfm%3FID%3Dx20090214074356749131&tiba=dolls%20eye%20reflex%20-%20General%20Practice%20Notebook&async=1&fmt=3&is_vtc=1&random=2685407111&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gpnotebook.com/simplepage.cfm?ID=x20090214074356749131
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Nov 2020 06:22:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
651 B 244ms
161ms Script
application/javascript 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=1.1.0&p_id=Twitter&p_user_id=0&txn_id=o2gbd&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fgpnotebook.com%2Fsimplepage.cfm%3FID%3Dx20090214074356749131

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://gpnotebook.com/simplepage.cfm?ID=x20090214074356749131
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 13 Nov 2020 06:22:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
strict-transport-security: max-age=631138519
content-length: 57
x-xss-protection: 0
x-response-time: 123
pragma: no-cache
last-modified: Fri, 13 Nov 2020 06:22:30 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: ee65c49712898fcc184e27882b768c09
x-transaction: 002733b800e8daae
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
448 B 237ms
153ms Image
image/gif 104.244.42.133
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=1.1.0&p_id=Twitter&p_user_id=0&txn_id=o2gbd&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tw_document_href=https%3A%2F%2Fgpnotebook.com%2Fsimplepage.cfm%3FID%3Dx20090214074356749131

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.133 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://gpnotebook.com/simplepage.cfm?ID=x20090214074356749131
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 13 Nov 2020 06:22:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 113
pragma: no-cache
last-modified: Fri, 13 Nov 2020 06:22:30 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: a26e1d0b360b2c030959b5cca50238f3
x-transaction: 0014a7fb006d3041
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
377 B 18ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=392070311484175&ev=PageView&dl=https%3A%2F%2Fgpnotebook.com%2Fsimplepage.cfm%3FID%3Dx20090214074356749131&rl=&if=false&ts=1605248549975&sw=1600&sh=1200&v=2.9.28&r=stable&ec=0&o=30&fbp=fb.1.1605248549973.1895723643&it=1605248549881&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://gpnotebook.com/simplepage.cfm?ID=x20090214074356749131
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 13 Nov 2020 06:22:29 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 13 Nov 2020 06:22:29 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
87 B 16ms
16ms XHR
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-129730316-2&cid=865893982.1605248550&jid=1182272853&uid=not%20logged&gjid=1523530908&_gid=591585451.1605248550&_u=aGDAAEACQAAAAC~&z=1179689141

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://gpnotebook.com/simplepage.cfm?ID=x20090214074356749131
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 13 Nov 2020 06:22:29 GMT
status: 200
content-type: text/plain
access-control-allow-origin: https://gpnotebook.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ga-audiences
www.google.com/ads/ 42 B
472 B 56ms
42ms Image
image/gif 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-129730316-2&cid=865893982.1605248550&jid=1182272853&_u=aGDAAEACQAAAAC~&z=392685336

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gpnotebook.com/simplepage.cfm?ID=x20090214074356749131
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Nov 2020 06:22:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ga-audiences
www.google.de/ads/ 42 B
472 B 48ms
35ms Image
image/gif 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-129730316-2&cid=865893982.1605248550&jid=1182272853&_u=aGDAAEACQAAAAC~&z=392685336

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gpnotebook.com/simplepage.cfm?ID=x20090214074356749131
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Nov 2020 06:22:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 config.json Show response
static.cookiefirst.com/sites/gpnotebook.com-63fc70b5-10dd-4566-aa29-0f410391f922/ 832 B
1 KB 30ms
29ms XHR
application/json 2600:9000:20ae:c000:11:f92e:9440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cookiefirst.com/sites/gpnotebook.com-63fc70b5-10dd-4566-aa29-0f410391f922/config.json?v=1604571010
Requested by: Host: consent.cookiefirst.com
URL: https://consent.cookiefirst.com/static/js/2.28f1.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ae:c000:11:f92e:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2e974c43c98af1cede08e11ac8c162179a87c385c73d9069b7786c19820216c9

Request headers

Accept: application/json
Referer: https://gpnotebook.com/simplepage.cfm?ID=x20090214074356749131
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 08:40:07 GMT
via: 1.1 13182ff42379bbc1098730eb0992dbae.cloudfront.net (CloudFront)
age: 164544
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 200
content-length: 832
last-modified: Thu, 05 Nov 2020 10:10:11 GMT
server: AmazonS3
etag: "b2fba02baf9fc5f6c62530ec63b8f6f3"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
x-amz-version-id: lAlr4bHkZxdc6xW.jvfaL4_F0yuqjJRd
access-control-allow-origin: *
cache-control: max-age=315360000, public
x-amz-cf-pop: WAW50-C1
accept-ranges: bytes
content-type: application/json
x-amz-cf-id: faZjgVmUJAKPhCbC5UhjZkwiAFZ1apj563zWvD83bUU9xTDiKwuIlA==

GET
H2 200 styles.css Show response
static.cookiefirst.com/sites/gpnotebook.com-63fc70b5-10dd-4566-aa29-0f410391f922/ 1 KB
2 KB 30ms
29ms XHR
text/css 2600:9000:20ae:c000:11:f92e:9440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cookiefirst.com/sites/gpnotebook.com-63fc70b5-10dd-4566-aa29-0f410391f922/styles.css?v=1604571010
Requested by: Host: consent.cookiefirst.com
URL: https://consent.cookiefirst.com/static/js/2.28f1.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ae:c000:11:f92e:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 14dfd9908337e9d209d43e8c75c9cbeb0c1c657e7b507c122a1f16611f5dd8fe

Request headers

Referer: https://gpnotebook.com/simplepage.cfm?ID=x20090214074356749131
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 08:40:07 GMT
via: 1.1 13182ff42379bbc1098730eb0992dbae.cloudfront.net (CloudFront)
age: 164544
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 200
content-length: 1280
last-modified: Thu, 05 Nov 2020 10:10:11 GMT
server: AmazonS3
etag: "335d3422141b202c375ba42e71333c74"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
x-amz-version-id: pW_txO.CYsZJRtqm0e3qGpBWafaoXKMi
access-control-allow-origin: *
cache-control: max-age=315360000, public
x-amz-cf-pop: WAW50-C1
accept-ranges: bytes
content-type: text/css
x-amz-cf-id: y1K37c7SWNtnhkyCsb2YC65H3JnLCzg6tTUL9_yohfkv7pK7Yw8lFA==

GET
H2 200 lang-widget-en.json Show response
static.cookiefirst.com/sites/gpnotebook.com-63fc70b5-10dd-4566-aa29-0f410391f922/ 7 KB
3 KB 30ms
30ms XHR
application/json 2600:9000:20ae:c000:11:f92e:9440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cookiefirst.com/sites/gpnotebook.com-63fc70b5-10dd-4566-aa29-0f410391f922/lang-widget-en.json?v=1604571010
Requested by: Host: consent.cookiefirst.com
URL: https://consent.cookiefirst.com/static/js/2.28f1.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ae:c000:11:f92e:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e8c4e5747ab946af308826a52ec8f328095b7537d7118853ee8807b2551bbafc

Request headers

Accept: application/json
Referer: https://gpnotebook.com/simplepage.cfm?ID=x20090214074356749131
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 08:40:07 GMT
content-encoding: gzip
age: 164544
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 200
access-control-allow-origin: *
last-modified: Thu, 05 Nov 2020 10:10:12 GMT
server: AmazonS3
etag: W/"d49696ace740a3a7ba901dc5a14f698d"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
x-amz-version-id: fvIrb_Uj2JkLs30bsKbRwxLulGHQgzpK
via: 1.1 13182ff42379bbc1098730eb0992dbae.cloudfront.net (CloudFront)
cache-control: max-age=315360000, public
x-amz-cf-pop: WAW50-C1
content-type: application/json
x-amz-cf-id: yyCz-B688zXX4gVoZmn0SXFElslSKWsBxmxq7h7vT_7nxmaeK1VH1A==

GET
H2 200 3.36ca.chunk.css
consent.cookiefirst.com/static/css/ 7 KB
2 KB 7ms
6ms Stylesheet
text/css 2600:9000:214f:1e00:1:aeb5:c440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.cookiefirst.com/static/css/3.36ca.chunk.css
Requested by: Host: consent.cookiefirst.com
URL: https://consent.cookiefirst.com/static/js/1.9881.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:1e00:1:aeb5:c440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 10d1ed214776cb604ca7f5e0d82f725d6c20b3485c74e50b2edd2b401cfa6d5a

Request headers

Referer: https://gpnotebook.com/simplepage.cfm?ID=x20090214074356749131
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 30 Oct 2020 21:05:41 GMT
content-encoding: gzip
age: 1156610
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 200
last-modified: Fri, 30 Oct 2020 15:57:57 GMT
server: AmazonS3
etag: W/"af2d5fd60712bda98141f762dd91f639"
vary: Accept-Encoding
x-amz-version-id: Nkum47bSsG2IkN.vRiZs0vuSW5ha.Ezw
via: 1.1 511c8b6c7e903efca023a504d527516b.cloudfront.net (CloudFront)
cache-control: max-age=315360000, public
x-amz-cf-pop: FRA53-C1
content-type: text/css
x-amz-cf-id: OJw7GiSVxkaJjOVA58eBsRkI101d3DwZb1R1U6CptteqJvqoYIHyNg==

GET
H2 200 3.fa02.chunk.js Show response
consent.cookiefirst.com/static/js/ 21 KB
7 KB 7ms
7ms Script
application/javascript 2600:9000:214f:1e00:1:aeb5:c440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.cookiefirst.com/static/js/3.fa02.chunk.js
Requested by: Host: consent.cookiefirst.com
URL: https://consent.cookiefirst.com/static/js/1.9881.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:1e00:1:aeb5:c440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7d4d002348b56a26b1753ae10c84b94c9dec3f6ff8dd3c22042aa1d96cac6fa1

Request headers

Referer: https://gpnotebook.com/simplepage.cfm?ID=x20090214074356749131
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 30 Oct 2020 15:58:08 GMT
content-encoding: gzip
age: 1175062
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 200
last-modified: Fri, 30 Oct 2020 15:57:57 GMT
server: AmazonS3
etag: W/"024ac9da5ec3b71a83edd7750e63be13"
vary: Accept-Encoding
x-amz-version-id: ICkfHo2kbFYEE2tsDjo3KcaFTk9ieyxE
via: 1.1 511c8b6c7e903efca023a504d527516b.cloudfront.net (CloudFront)
cache-control: max-age=315360000, public
x-amz-cf-pop: FRA53-C1
content-type: application/javascript
x-amz-cf-id: Jkm_RBPznTbh-6Ci01bRWeQTxCcc1sbTNeJH2oZmQmfV-IUMS3kvDw==

POST
H/1.1 200 zd6vkMq4g0YMGHZwRi_dU9Mj2Hkiu7-2sqaZ4DN5vs-DiL68XOOtBEcnZznru9WiUQlO0q8O0BpSi-bn5kumeyR6ekkWoYoG6s1nKci07YEnJaJ0A1QLX9DWIhBrek9Lttp6D006O2VTwCfp94v5IaOam4_oeZstXS1kcEQJiUIbuDSiFMN8lDrGO1UIaSvnZj3c8... Show response
servonlin.com/ 722 B
1 KB 201ms
200ms XHR
application/json 212.124.124.59
TRI-AS True Recor...

General

Check archive.org

Show headers Download Go to

Full URL: https://servonlin.com/zd6vkMq4g0YMGHZwRi_dU9Mj2Hkiu7-2sqaZ4DN5vs-DiL68XOOtBEcnZznru9WiUQlO0q8O0BpSi-bn5kumeyR6ekkWoYoG6s1nKci07YEnJaJ0A1QLX9DWIhBrek9Lttp6D006O2VTwCfp94v5IaOam4_oeZstXS1kcEQJiUIbuDSiFMN8lDrGO1UIaSvnZj3c8WF-7G_TLzGNCeq4ttV99tITh9HKd_cSG5ZV0_tU5CsjaqhNtaM9SzKUmt4AhM6OayKuSPCmsZS96mzsr0mzmL3VeeCXqilCy_zbGRMdq8E85a7M-e1I1IrmUannvXooiH4Hd9gbdE2suRBk-FyBfqpgsIOHILORTszOS_KTGn2SugGZtFFrencKPaRpkVY-6pWyTjrVtgWMK8tns-XC8XA-9sOQS1FMgCK10bVBZ5ZAtz8uAKfZlYaDIKAkVETBE9QoA54Ltfx-O--Cr0OO5pDB45OEb7MRYzM1h2_wfl17wCzFVmCLJ6hdsCA7u0IIHeW0CE5vlsPwfWAmcVVPWuE8oAUgdME2qC9x2EPLcAuGNaCAcUQxh_M_c2LMVAAfvQ_JdJJVP7wCKraI_xL0-eSqPKlkzOVPWL94c_fP5mPubnIBcDGBZcwFowfGWCdQA7zq7xcLkuucuSL45mevCimIDEJSLXg?
Requested by: Host: servonlin.com
URL: https://servonlin.com/20681189.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.124.124.59 Reston, United States, ASN47328 (TRI-AS True Records Inc., ES),
Reverse DNS
Software: /
Resource Hash: b9bf0875b3eba5749525ceea4e485c63574f611a73f9c4d3baa30e8cdc9675ec

Request headers

Referer: https://gpnotebook.com/simplepage.cfm?ID=x20090214074356749131
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Nov 2020 06:22:30 GMT
p3p: CP="CAO PSA OUR"
access-control-allow-origin: https://gpnotebook.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
content-length: 722
expires: 0

POST
H/1.1 403 zfDVT0VHUzZUJFpzR8bZ_05_26VN70APebwCcP3y49pP70Ilz_xwCDwalip9dPHGcCj_iivK_twLHYkrEJNWIfwzaIgFExcKnfanEjrd7klrF3tW48tZ4UhS-VkIprt2jWdxpM6hCI6Sbn8otr-hTSMOJzW_5dl9vXJhTfi_tAhAXc-pV6Jk6I0vHBWARnNZ243u7... Show response
servonlin.com/ 0
329 B 315ms
117ms XHR
application/json 212.124.124.59
TRI-AS True Recor...

General

Check archive.org

Show headers Download Go to

Full URL: https://servonlin.com/zfDVT0VHUzZUJFpzR8bZ_05_26VN70APebwCcP3y49pP70Ilz_xwCDwalip9dPHGcCj_iivK_twLHYkrEJNWIfwzaIgFExcKnfanEjrd7klrF3tW48tZ4UhS-VkIprt2jWdxpM6hCI6Sbn8otr-hTSMOJzW_5dl9vXJhTfi_tAhAXc-pV6Jk6I0vHBWARnNZ243u7bFD7iwE41Ue4udjL-IFBbi7mRm07kBKVhUK-CrUyQYkh-2CMnrnEytAW8D7_8hNDpE4h3CWKKOyP3ma3RWRmac6I3NP1MoknYCt-8HgvKyMJanRm4zGOS5cOEAMVGkGicwBjIdTKO1mCeKfr1voXyuUKTMqlUu4aHEQ7eObgC5H7epUAhUUSSCvqWwI1Zh0cSjokxKkUwnLmqWttUpbU_YPnB4hDvVgzVCzB_67ptH3wgWo15eQzgK9sIFfdlwF_7I7tw0Gs-vYRn8R3LixB4Pa2chIuaD_NvSxQAxoMnlWMFumkHfTmXt7msNRw7RlEI9HuK7xlDuA1TBqg_NEcNHOWg7u1YlHBMs7LhVmSadHVBltDhvoJb4c78jvt19A7DtDFqaUqvLAyvFHSKnJHwwNr53FhvMI1Idf9spnasuMr-K5ORtgWU4Yf8TYI5aAfG-nRXuvxEbSpSNk-PYWVjTUFEpDQWg?
Requested by: Host: servonlin.com
URL: https://servonlin.com/20681189.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.124.124.59 Reston, United States, ASN47328 (TRI-AS True Records Inc., ES),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gpnotebook.com/simplepage.cfm?ID=x20090214074356749131
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Nov 2020 06:22:30 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://gpnotebook.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
content-length: 0
expires: 0

POST
H/1.1 403 zAaVZUSlEHFeqXTOXzVHjcV_3IhtjQ0O247qvThG4zmvt4v9SYfHP_bJZAOgkVApsrJeWMqqpsXkvpkeWHSrW32QTJznL1O11Rl91Wq4am-PT2F38J63Gb31jgH5NX98jv0RL-AB9RpXM_JyG8lBR7wxt7oFtImfQpn0FHYbR8D_TL6e8BEfw8AAk8xCrON27TeCo... Show response
servonlin.com/ 0
329 B 325ms
110ms XHR
application/json 212.124.124.59
TRI-AS True Recor...

General

Check archive.org

Show headers Download Go to

Full URL: https://servonlin.com/zAaVZUSlEHFeqXTOXzVHjcV_3IhtjQ0O247qvThG4zmvt4v9SYfHP_bJZAOgkVApsrJeWMqqpsXkvpkeWHSrW32QTJznL1O11Rl91Wq4am-PT2F38J63Gb31jgH5NX98jv0RL-AB9RpXM_JyG8lBR7wxt7oFtImfQpn0FHYbR8D_TL6e8BEfw8AAk8xCrON27TeCoIcfp2fn3x10gx51lpH6PXOM1lgrKkPdvB5TjMbJGYXbjialvpLuwwXbtu5re26mSm5C36Z2kc3BWSMnWmmJwe2H-EhIiOQRAZ2_4EI-DWGi9tGQZ22pb4y_hEDBH7DOq8p97vp_Gay-8E2IAHzkfg8mTZMPZt1uD0Oa3me8bpHa5PnL2I0htWN4RjuOupj_tHNqHTk0mv0MRaWlABL3WtdNyhDLdXzKsUl-qtz5k45XMujkCRvD7rBUveUWoHOhV99RLqiNolmYhQBdJHM8rMh5W97iF11acCO_j19fRvIXoEsNSAvVP0z_icxq-eNOUruZNRfEYoW9bnflCNtP06pq4CL8KzU2kfGyJjv5m4pT_d1Ii95DHRkuqlhlF2rEuxii50jUrNpdPk2Bwt05uNgdgbyJ9mG7QaUwpRx5BHhkA10VjLHrihcyozdHcL8LYalVFl4le?
Requested by: Host: servonlin.com
URL: https://servonlin.com/20681189.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.124.124.59 Reston, United States, ASN47328 (TRI-AS True Records Inc., ES),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gpnotebook.com/simplepage.cfm?ID=x20090214074356749131
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Nov 2020 06:22:30 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://gpnotebook.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
content-length: 0
expires: 0

POST
H/1.1 200 zQ5p-6y0v9lhKsN4iTlxkYhXl3HInsgARYFhAdHL9MDRl7QZ0Kulg1AYjOT48wtBhBmebZUesVAdHG6EiPOgCgX05ZQnHfJj-HKrgYOKVWHu6fpl9sTLegr0rLo-NEpNr-UPHfJaInGVf8xVBHFKqnsEWG0a4DoYo2aVY6yAzFddp35XpHvS9b0Cb9XIhWP_7j523... Show response
servonlin.com/ 721 B
1 KB 392ms
174ms XHR
application/json 212.124.124.59
TRI-AS True Recor...

General

Check archive.org

Show headers Download Go to

Full URL: https://servonlin.com/zQ5p-6y0v9lhKsN4iTlxkYhXl3HInsgARYFhAdHL9MDRl7QZ0Kulg1AYjOT48wtBhBmebZUesVAdHG6EiPOgCgX05ZQnHfJj-HKrgYOKVWHu6fpl9sTLegr0rLo-NEpNr-UPHfJaInGVf8xVBHFKqnsEWG0a4DoYo2aVY6yAzFddp35XpHvS9b0Cb9XIhWP_7j523ehVPxSoZpLq3oVLMCXgnf5OTWkAXhCDa6jiQL5TdyINzCME_RQR4WmaE0odOojLZSWodm0VTjeF_czQAbdqggV9cfHqdvXnkWPXNqL3kKqn5mnCPZM5_9Xnf-49zyF9F99ZSuLZDqhlfEZ4S-D4MAaBRkB8Nzi4KhVS1cgq7x3E0fdIwrmACPeybvTWFswBHrZSWYXMUjPGGFJyDSC_lt8hhMEYFW6HcERg5k5W8SJK-nz089TrCx_sliVnTmP1KY-fU5Cn54SCnTfDJmH1kHooaj_VJe-rL8NZyDCkGE-IcCwzFPs96v4agpt1vxo5dBRGsy1anE1EibmSAt1zs-1kCC54JmJO2cJy3evhmdtzj3e8BvkHWoiMti5nPZk-SM5ErL3KrGw8_Jyphoc9ySvucFplrou80wUjKmNKx236HwrAwy5lULcVtI6xJ-Xpj1B8bcByVBh6uGfXKi8bRZgdOld9c?
Requested by: Host: servonlin.com
URL: https://servonlin.com/20681189.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.124.124.59 Reston, United States, ASN47328 (TRI-AS True Records Inc., ES),
Reverse DNS
Software: /
Resource Hash: 9fc9c4896e41390363f8671bb5e06c4cb4a85aa9c6911e068c0b1510e765beea

Request headers

Referer: https://gpnotebook.com/simplepage.cfm?ID=x20090214074356749131
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Nov 2020 06:22:30 GMT
p3p: CP="CAO PSA OUR"
access-control-allow-origin: https://gpnotebook.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
content-length: 721
expires: 0

POST
H/1.1 200 zFqC9zt8C0K1owc7C11LgP2RF4sIhK9LTvua2N2CDqGTOPbLpT1xrckkc_PNgNiOO3KSQLt9jODZ5Mt6j2i7rPkNV29WiVmfGAy_X1hY1QBUyAFzhjplTq3eWkaYYBnX5ca3FXD1CWHyRVmQ__AHzeAtsLcWljzhQ2VNq46h525usj19GRDcEFT--P2NbkwINZfQc... Show response
servonlin.com/ 722 B
1 KB 390ms
173ms XHR
application/json 212.124.124.59
TRI-AS True Recor...

General

Check archive.org

Show headers Download Go to

Full URL: https://servonlin.com/zFqC9zt8C0K1owc7C11LgP2RF4sIhK9LTvua2N2CDqGTOPbLpT1xrckkc_PNgNiOO3KSQLt9jODZ5Mt6j2i7rPkNV29WiVmfGAy_X1hY1QBUyAFzhjplTq3eWkaYYBnX5ca3FXD1CWHyRVmQ__AHzeAtsLcWljzhQ2VNq46h525usj19GRDcEFT--P2NbkwINZfQcKQXaa8OiUnXtaKRT_LlOGt1AyILrBnQvZUHEXDJvCcE3sM5lDjoyvx8uVQUhmFbr-nQ98v1ZGL2oGd_l6PDbTVmaHJH6NEd09yEUGprZ0dbuxwambSHZ5d1IrNCqTEy2U3UspWTFNT5leKmnlYy7koiZlw5UCfSxJFIvuwroaOpOOy1gD8fB5-QrMfjGqGm1l4t4RiKkKQdkhY9DGUOatgUj8XGEDl7eR3ufh8DWAGtnNnf8RfeGkHHGJIpTAmCR0QYWxwwF1mlQ2cJVOHTVUGTCxSugYB_50bVH3oVQAKEniz9RHzwWHS45mdpJKHtFnwAz5sf7CCxXAnqoQww5X607wIBZhZnqkohY5TdG4ZgnKKqkEaYrNT1pRGVts8_L8XxIleImCIchBjyS30hEaDYRVMJqeIrp-x9hhuRa6QL34X5xvF1jpTL6mHlc5UuHRvuFBUtZ8iRknNT-7XKR3GcNRpaNDg?
Requested by: Host: servonlin.com
URL: https://servonlin.com/20681189.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.124.124.59 Reston, United States, ASN47328 (TRI-AS True Records Inc., ES),
Reverse DNS
Software: /
Resource Hash: 97bc13ba0c68f3e06fa7cc30b5ec4014b411334e953351239f44bc5cb8af9f41

Request headers

Referer: https://gpnotebook.com/simplepage.cfm?ID=x20090214074356749131
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Nov 2020 06:22:30 GMT
p3p: CP="CAO PSA OUR"
access-control-allow-origin: https://gpnotebook.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
content-length: 722
expires: 0

POST
H/1.1 200 zT7chw52l44DtQ1_k5-_XT1K5SzEwvwMgDRt5ZMUBytrE9kHlA0UtrmjaUzJM66qRlIUMcmcLrBD-3vnteqOteScf3_baixBH-W902Qo9YAa9gaV4rSvqR6XJ3Zp_Uxv3JIgSy2ybCOgoh9CPs9JfBpsZiuNYiYOVRMxpd3qSvNYcUfa2hlQNRhQ2l05_4QX9SXgY... Show response
servonlin.com/ 722 B
1 KB 383ms
166ms XHR
application/json 212.124.124.59
TRI-AS True Recor...

General

Check archive.org

Show headers Download Go to

Full URL: https://servonlin.com/zT7chw52l44DtQ1_k5-_XT1K5SzEwvwMgDRt5ZMUBytrE9kHlA0UtrmjaUzJM66qRlIUMcmcLrBD-3vnteqOteScf3_baixBH-W902Qo9YAa9gaV4rSvqR6XJ3Zp_Uxv3JIgSy2ybCOgoh9CPs9JfBpsZiuNYiYOVRMxpd3qSvNYcUfa2hlQNRhQ2l05_4QX9SXgYVrYncq0M1ezgjxdsT-GUqqJ7uB4E350ds9_JjLtQ6pEnuhp362Ay_OhEd5YUTPdlZ-W6aAqhZWwcMzXFEV5GxDoB_B5g9lncN2ZWS7eziy7bHsfMwEan4EnUPbraeEy7dlwBEoIal_yCnYaKP26GzMLKn3U2I1BitDSpayxWO8avNZrupJQ2Z6uAgnCkvinLXMQzh-GKmW6uUnmmIKhM9-7X39p4bEMn3r_WA1ZuYui661TdrkepuXtiHtAWN3RHCwerX65JFi1JRAMGn6ULbH08OEWhB5DELRszxKJwp4DfOqD4n3KvmNeH7xfj9qTypA5s8CjbkgZubr7RYGqRno5PK-z7c4XzsbO0EnIZ-N-DDeTm8ABLdZPpOSnPIIYMKYrnnGyxD_1Bkzq8KtXcT6911SvmGcA_-ojGhX9_6pIXSGGl5HIgFdiYkryckcjc9hcRJoz163vfyvcae5vG3WZWR8LaUA?
Requested by: Host: servonlin.com
URL: https://servonlin.com/20681189.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.124.124.59 Reston, United States, ASN47328 (TRI-AS True Records Inc., ES),
Reverse DNS
Software: /
Resource Hash: e9e36bb50165a2f3dcb40d5abf66444c024d76cb6d127dd0efdec2f9c057eb96

Request headers

Referer: https://gpnotebook.com/simplepage.cfm?ID=x20090214074356749131
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Nov 2020 06:22:30 GMT
p3p: CP="CAO PSA OUR"
access-control-allow-origin: https://gpnotebook.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
content-length: 722
expires: 0

GET
H/1.1 200 zpdnF_vKAzRHiWK1wgL2DwriDsi09xed6nDto1XdhsgRNwi07GvDrxv8eOz_iqD4HjO7nDqd2UrIw9vp6nuwpZRwX7uaPAGmvM0bsmOQnqfGsz0Ma4LJjMcX_4JKos7dxMxTw5V0Zi1ETY3lT43y6VExrx9KLGvsbavOEXxEF0Yn7npUZSsoV7L_iEZnBmGyIUzgP...
servonlin.com/ 49 B
350 B 163ms
140ms Image
image/gif 212.124.124.59
TRI-AS True Recor...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://servonlin.com/zpdnF_vKAzRHiWK1wgL2DwriDsi09xed6nDto1XdhsgRNwi07GvDrxv8eOz_iqD4HjO7nDqd2UrIw9vp6nuwpZRwX7uaPAGmvM0bsmOQnqfGsz0Ma4LJjMcX_4JKos7dxMxTw5V0Zi1ETY3lT43y6VExrx9KLGvsbavOEXxEF0Yn7npUZSsoV7L_iEZnBmGyIUzgP5JRkXgRdbXo7OGJn_Q09Pmb3Z1u56u9MT4fGJC4JypFjWOHZtbcizUjtXpqmEDNWq6Eerkz5r8iu1oLkWLIQQodMPBNdI7glVEaXybOReid54CYY5S1ZxXckz-MNZmF7wlvOR-xD9duYDuHnAOjZnJJLTDTqLSzU9MRptdP62usFDKIoIzCmbMjBr5e63KDlluuXd1PAzitNcp8W78ZEygUuoxTFfLYRtshQJFgEJnseHcec_oaas5HPKSHTBCBSwFV2YhfPj_k6jW7YHGncStmDS_L_u68Y2CAzxI6BhtmrRUQDzZ90L80?DC=DO
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.124.124.59 Reston, United States, ASN47328 (TRI-AS True Records Inc., ES),
Reverse DNS
Software: /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer: https://gpnotebook.com/simplepage.cfm?ID=x20090214074356749131
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Nov 2020 06:22:30 GMT
last-modified: Wed, 27 May 2020 08:58:54 GMT
etag: W/"49-1590569934000"
p3p: CP="CAO PSA OUR"
cache-control: no-cache
accept-ranges: bytes
content-type: image/gif
content-length: 49
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200 zZt2dn85qSX72nPMg4LKzr1PQOR-W1CcoGLMU_nUyyuqtIcy154RE7nDYpyUtrHy2Tx-gbMLbqH-c2oh3xSTqSvS9O5vVC_PajIfbJtUe4YOqANp67raB_LQN18-F9t51iCz-iDWqCUhSgfO9gf3l3ejIzTci9Ikk3wld-3D4Xg3e0OK_CdhNqX7CPtj8r68xtA6m...
servonlin.com/ 49 B
350 B 120ms
119ms Image
image/gif 212.124.124.59
TRI-AS True Recor...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://servonlin.com/zZt2dn85qSX72nPMg4LKzr1PQOR-W1CcoGLMU_nUyyuqtIcy154RE7nDYpyUtrHy2Tx-gbMLbqH-c2oh3xSTqSvS9O5vVC_PajIfbJtUe4YOqANp67raB_LQN18-F9t51iCz-iDWqCUhSgfO9gf3l3ejIzTci9Ikk3wld-3D4Xg3e0OK_CdhNqX7CPtj8r68xtA6mmhw9yRNiUBkM868Z4v0oKfVCm9nqOp-J2bRiuR5fTxOACePKZGy_eUdimeEtYvChagBbqGcFGxeNv7zrhJRRcMnjxKsSFDvqX4k-Nz0hCwi_jnkRyYqz_eG3rtyoNSG5GFQlw0ufyWFCg6aF97gzMUvnQQHoHl-JNttAaFLOlZUXTbpkAqPxG8QSz970ZJz0mxvTyaDTPsevoj0XoxF245_lX4G3bWz37IiI6uq0Z6XP6yHjPpXgMu_SnVaUblgNcHmE2wwhHbkLa_sa3WfaprJVlP-YpEqPq4aJNPWabsY3mDqumhJscjM?DC=DO
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.124.124.59 Reston, United States, ASN47328 (TRI-AS True Records Inc., ES),
Reverse DNS
Software: /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer: https://gpnotebook.com/simplepage.cfm?ID=x20090214074356749131
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Nov 2020 06:22:30 GMT
last-modified: Wed, 27 May 2020 08:58:54 GMT
etag: W/"49-1590569934000"
p3p: CP="CAO PSA OUR"
cache-control: no-cache
accept-ranges: bytes
content-type: image/gif
content-length: 49
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200 zFesYHccdpqGfWJde5xsTW89-kEntVcSKj7KRNBiJsy8yrGFr7oM-6NN3v7-fP2ymvBbpJnn1LA39BLZS4VxZTkjbVFrSryI9Ue59fbRD2U5dM2k03QrVAISg_Vu5Vyw0QILqHZ_yfVdYRv9zqV2JhJBktn21I-VgXqm9dg5jLBdHhs9ttAKkBYfT-ASrpoChMsyK...
servonlin.com/ 49 B
350 B 115ms
115ms Image
image/gif 212.124.124.59
TRI-AS True Recor...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://servonlin.com/zFesYHccdpqGfWJde5xsTW89-kEntVcSKj7KRNBiJsy8yrGFr7oM-6NN3v7-fP2ymvBbpJnn1LA39BLZS4VxZTkjbVFrSryI9Ue59fbRD2U5dM2k03QrVAISg_Vu5Vyw0QILqHZ_yfVdYRv9zqV2JhJBktn21I-VgXqm9dg5jLBdHhs9ttAKkBYfT-ASrpoChMsyKBV8buZp4wzuFe44WX0qhJ1PCAOZtHXkOTt9QmEgKuOGpTa-ztqBNDLTnwOQEzfrQsdWlseRUcNqrf1cxyzyGmA53V8HCz2Rp6nC8cS9EJQmps6KYm6vYqAHYwU4EoBLm3RrxIyGU4ei4oD4NgdMQ8gpRsNNSq-fVerN0yBpm-lDnl2ByifV27Wo3MWTc7Vmh6gX5s10aUiUmrDhUA5abyPJVQJvn4yos6ua-gxi6t4PEKvm-mt0jzHwCiYijxBQ-q-aGUQW42oZ2lrhXc9CTxjWsz6Eg5WQoxRCGHSBvLlPdRM_J3OE6rJs?DC=DO
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.124.124.59 Reston, United States, ASN47328 (TRI-AS True Records Inc., ES),
Reverse DNS
Software: /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer: https://gpnotebook.com/simplepage.cfm?ID=x20090214074356749131
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Nov 2020 06:22:30 GMT
last-modified: Wed, 27 May 2020 08:58:54 GMT
etag: W/"49-1590569934000"
p3p: CP="CAO PSA OUR"
cache-control: no-cache
accept-ranges: bytes
content-type: image/gif
content-length: 49
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200 zLJnSj4MeaVKaOSAHEj7wgXKeGSMIKryepIEuBMGQswFZG3C48y7JcTqZNmBjMqPmy6c2t3TIEstlCXNWK9hV0580QAuSiNrduZvfdmqqQ1kM69WaY7O9I7dAZkxemmXzBxRq8x79J2UDoTjznZjwsWVKGcYEbdXUhuAR2fnjT58MsN1khSyCZWAHg8kotDgO1bIC...
servonlin.com/ 49 B
350 B 114ms
114ms Image
image/gif 212.124.124.59
TRI-AS True Recor...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://servonlin.com/zLJnSj4MeaVKaOSAHEj7wgXKeGSMIKryepIEuBMGQswFZG3C48y7JcTqZNmBjMqPmy6c2t3TIEstlCXNWK9hV0580QAuSiNrduZvfdmqqQ1kM69WaY7O9I7dAZkxemmXzBxRq8x79J2UDoTjznZjwsWVKGcYEbdXUhuAR2fnjT58MsN1khSyCZWAHg8kotDgO1bIC2KW76EGK2NOA8Ip_186U_G8HyeCVdtrbaXAvipbFsuFrTcJqWqAxlvyBLpKJJKuzB1W3P07BAvvr3bMH2jFZssvm_r2WCUar8eX5O3VfeG9fLQlCPS7upG_lhp4KjBwHbSMXS8qElnyGVJxggXZ8V4bLXMyTnLFxCALp26ElKzBIxBtkFJ_CYyrn6OLPomtpsdrk2zLttlM6oIp-Rzr3wi76Bki8km-glsC0Q7zH4QrEXGk9rJ66p93h00mqhuxQ6xuEQVLbSh9VOMTCSU34sKP953ciIfXEWdTW2VAK2VsE2pN2PVKnCF4?DC=DO
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.124.124.59 Reston, United States, ASN47328 (TRI-AS True Records Inc., ES),
Reverse DNS
Software: /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer: https://gpnotebook.com/simplepage.cfm?ID=x20090214074356749131
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Nov 2020 06:22:30 GMT
last-modified: Wed, 27 May 2020 08:58:54 GMT
etag: W/"49-1590569934000"
p3p: CP="CAO PSA OUR"
cache-control: no-cache
accept-ranges: bytes
content-type: image/gif
content-length: 49
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
146 B 6ms
5ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=392070311484175&ev=Microdata&if=false&ts=1605248551478&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22dolls%20eye%20reflex%20-%20General%20Practice%20Notebook%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.28&r=stable&ec=1&o=30&fbp=fb.1.1605248549973.1895723643&it=1605248549881&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://gpnotebook.com/simplepage.cfm?ID=x20090214074356749131
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 13 Nov 2020 06:22:31 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 13 Nov 2020 06:22:31 GMT

Verdicts & Comments Add Verdict or Comment

62 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
gpnotebook.com/	1969-12-31 23:59:59	Name: KEYWORDCOUNTTOP Value: 0
gpnotebook.com/	1969-12-31 23:59:59	Name: PAGECOUNTTOP Value: 0
gpnotebook.com/	1969-12-31 23:59:59	Name: CLINICAL_CHAPTER Value: 99
gpnotebook.com/	1969-12-31 23:59:59	Name: LAST_PAGE Value: x20090214074356749131
gpnotebook.com/	1970-01-19 14:04:12	Name: HISTORY Value: dolls%20eye%20reflex
gpnotebook.com/	1970-01-19 14:04:12	Name: ACCESS_COUNTRY Value:
gpnotebook.com/	1970-01-19 14:04:12	Name: USERID Value: x13-Nov-2006%3A22%20AM568700190
gpnotebook.com/	1970-01-19 13:55:33	Name: PAGE_COUNT Value: 1
gpnotebook.com/	1970-01-19 14:04:12	Name: ACCESS_COOKIE Value:
.gpnotebook.com/	1970-01-19 14:37:20	Name: __cfduid Value: dc782cf53dbfbc761b7952b5243db74b01605248549

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://consent.cookiefirst.com/static/js/0.e58d.chunk.js(Line 1) Message: CF:: load config file from https://static.cookiefirst.com/sites/gpnotebook.com-63fc70b5-10dd-4566-aa29-0f410391f922/config.json?v=1604571010 +203ms
console-api	log	URL: https://consent.cookiefirst.com/static/js/0.e58d.chunk.js(Line 1) Message: CF:: No local website consent +33ms
console-api	log	URL: https://consent.cookiefirst.com/static/js/0.e58d.chunk.js(Line 1) Message: CF:: load translation file for en from https://static.cookiefirst.com/sites/gpnotebook.com-63fc70b5-10dd-4566-aa29-0f410391f922/lang-widget-en.json?v=1604571010 +36ms
console-api	log	URL: https://consent.cookiefirst.com/static/js/0.e58d.chunk.js(Line 1) Message: CF:: initialize with language: en +32ms

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.cloudflare.com
analytics.twitter.com
connect.facebook.net
consent.cookiefirst.com
extend.vimeocdn.com
googleads.g.doubleclick.net
gpnotebook.com
pagead2.googlesyndication.com
px.ads.linkedin.com
servonlin.com
snap.licdn.com
static.ads-twitter.com
static.cookiefirst.com
stats.g.doubleclick.net
t.co
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gpnotebook.co.uk
www.linkedin.com
104.244.42.133
104.244.42.3
151.101.112.157
151.101.14.109
212.124.124.59
216.58.205.226
2600:9000:20ae:c000:11:f92e:9440:93a1
2600:9000:214f:1e00:1:aeb5:c440:93a1
2606:4700:10::6814:b70a
2606:4700::6810:a823
2620:1ec:21::14
2a00:1450:4001:809::2003
2a00:1450:4001:809::2004
2a00:1450:4001:80b::2002
2a00:1450:4001:81a::200e
2a00:1450:4001:820::2002
2a00:1450:4001:820::2008
2a00:1450:400c:c00::9a
2a02:26f0:eb:3b3::25ea
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a05:f500:11:101::b93f:9005
82.145.41.200
08546bfe151a71325a04d61953faa72ea99e2b3c70b39409abb37717569fed66
10d1ed214776cb604ca7f5e0d82f725d6c20b3485c74e50b2edd2b401cfa6d5a
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
14dfd9908337e9d209d43e8c75c9cbeb0c1c657e7b507c122a1f16611f5dd8fe
14e745033f30e6c6f63574a7a96829fccc0920117075ea3f47cf8d7257b3fc8b
228e1e5bfa6a6389b27ba06820b1e72f32ca3c6cb7d7d3a5e54a2a0ac56b58a8
2e974c43c98af1cede08e11ac8c162179a87c385c73d9069b7786c19820216c9
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
30b509528a09195b7a7080345419048fd35269803cdfeab438a98c2176a1d9d0
32a19d5800324e8cd78b1a7ed5e80aaa4efe659d3f258939688d4204bb7d5013
33d0b449d42863b8eb7dd7531a109d4378070d097b898d174762ec6ca6bc82ab
3f39e8dfdb159f1ebebd11c9932abc649b7fb261384a943f675f9b70da2e5d6d
4620c7cc7faa4ded84a43c1c0a8623d2fa293fe1b821790911229aa02601f7c0
47523d4f8ef534643b986e29ec1b1cf9eb98cc3ed003105132fb1d4f1cf255c4
561ec464d8b8a40f3c5b80f2f3593e2e5fae56d02b510e22f5d50075c6debdf0
5a05925cdc557f2553f0d1e0205016a177b768da26620d7c7f28fbc02dc31c52
7292e84e3eb98627375093aa0dec3e4296578ba77b55ad6755d68960c3cc0df5
7589f7af7451fe73825effa9f5bb4a5a609426f98e4ad097a961731df5b22b3b
7d4d002348b56a26b1753ae10c84b94c9dec3f6ff8dd3c22042aa1d96cac6fa1
8247f4332667950989fe6bf790f87723343db2ec83d975503e9c5dc13a6eb5dc
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
91055f9218b4d3933b4b323258cd599ead82d5aa948a342faa8a3d17ff9436dc
97bc13ba0c68f3e06fa7cc30b5ec4014b411334e953351239f44bc5cb8af9f41
9b92a4ad14ed9bfd476c982f9e66925ba582b8115ac8e92bfd4a2ef966ffca20
9f139aa55048f20434bef5b631e870301eda2f8981f6cc522ab92adf4918a10f
9fc9c4896e41390363f8671bb5e06c4cb4a85aa9c6911e068c0b1510e765beea
a8431bfe4316cdc20de936e824f735c9478bbc9ce3d3a51c774eca45faff637f
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
af37fe3ad7a203af217db65b76b7c0931626f71e1c3a7b7163b447fdc5e4dc4f
b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e
b2b2ad1d953b1341442dca10555ebf44343c74fa9755492be52bf521f61dab11
b9bf0875b3eba5749525ceea4e485c63574f611a73f9c4d3baa30e8cdc9675ec
bb56283f42d6749eecc16a56bf14d1cbefd0239927dec29e413c1fe473107e76
bbd10275c5a83846d881e81ed5e458111d071951d7fa56605d727666f3c15973
c413d96f1228261053fce0b8e38e177109de47dbabc4a12ba98da5e5fa18a22e
c52afcd515e921d5ab6a45dcfb4a277961206a328fc393c4de8bd498f903c809
ca8ae591958a50c1ca10d4fbe8a0a94639fdea684b9596756bd113d2ea54c298
d12287f6fa5f91a417d3506b9eb8a87a231b40aa4283790b53ccd10ed320ac55
d4c01e25a6217059ac1a800b628e94e71969c9901a71b160cda98a1ccdbb6701
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e16e9c53d3e3dbc88230a96636e8a5848abf1e5d0c7189325dc74fa8612abfb2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e8c4e5747ab946af308826a52ec8f328095b7537d7118853ee8807b2551bbafc
e9e36bb50165a2f3dcb40d5abf66444c024d76cb6d127dd0efdec2f9c057eb96
ebe4b78423a8ecd4ef47b633ceabd09bd8cff564a343657f691512ab651c7e34
ec4fe2c51fb685a7a7175c5b7ee64439299b12f51e1322cd76373dcc72fa2d7c
eda59bb658f98165b9dbe71df1487c6d173fca39d0e566b77f6c53b34c51c894
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f10b9b0c4107ca5a40a5c69b1ac91a8948d84f39893dee6b429cdbdb05887093

gpnotebook.com Open in urlscan Pro 2606:4700:10::6814:b70a Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

63 Requests

100 %HTTPS

70 %IPv6

20 Domains

23 Subdomains

21 IPs

6 Countries

650 kBTransfer

2037 kBSize

10 Cookies

10 Outgoing links

Page URL History

Redirected requests

63 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

gpnotebook.com Open in urlscan Pro
2606:4700:10::6814:b70a Public Scan

Screenshot
Live screenshot

Full Image

63
Requests

100 %
HTTPS

70 %
IPv6

20
Domains

23
Subdomains

21
IPs

6
Countries

650 kB
Transfer

2037 kB
Size

10
Cookies

63 HTTP transactions
0 data transactions