www.gp.com Open in urlscan Pro
206.220.177.254 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.gapac.com/
Effective URL:
https://www.gp.com/
Submission: On July 16 via manual (July 16th 2019, 12:29:16 pm UTC) from IN

Summary HTTP 79 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 35 IPs in 8 countries across 35 domains to perform 79 HTTP transactions. The main IP is 206.220.177.254, located in United States and belongs to -Reserved AS-, ZZ. The main domain is www.gp.com.
TLS certificate: Issued by COMODO RSA Domain Validation Secure S... on July 7th 2017. Valid for: 3 years.

This is the only time www.gp.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	212.95.239.234 212.95.239.234	8419 (HOTCHILLI) (HOTCHILLI)
1 32	206.220.177.254 206.220.177.254	19254 (-Reserved...) (-Reserved AS-)
1	2a00:1450:400... 2a00:1450:4001:815::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:824::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:81c::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
1 3	2a00:1450:400... 2a00:1450:4001:81f::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1 2	172.217.16.162 172.217.16.162	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
1	151.101.112.157 151.101.112.157	54113 (FASTLY) (FASTLY - Fastly)
1	2a02:26f0:6c0... 2a02:26f0:6c00:29b::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 2	185.33.223.200 185.33.223.200	29990 (ASN-APPNEXUS) (ASN-APPNEXUS - AppNexus)
2	169.50.137.176 169.50.137.176	36351 (SOFTLAYER) (SOFTLAYER - SoftLayer Technologies Inc.)
2 2	2a00:1450:400... 2a00:1450:400c:c0b::9b	15169 (GOOGLE) (GOOGLE - Google LLC)
3 4	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
4	2a00:1450:400... 2a00:1450:4001:81c::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
1	104.244.42.69 104.244.42.69	13414 (TWITTER) (TWITTER - Twitter Inc.)
2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK - Facebook)
1 2	2a00:1450:400... 2a00:1450:4001:81e::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
2	35.156.60.27 35.156.60.27	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2a00:1450:400... 2a00:1450:4001:814::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:400... 2a00:1450:4001:820::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
2 3	2a05:f500:10:... 2a05:f500:10:101::b93f:9105	14413 (LINKEDIN) (LINKEDIN - LinkedIn Corporation)
1 1	2a05:f500:10:... 2a05:f500:10:101::b93f:9101	14413 (LINKEDIN) (LINKEDIN - LinkedIn Corporation)
1	104.244.42.195 104.244.42.195	13414 (TWITTER) (TWITTER - Twitter Inc.)
15 21	159.253.128.188 159.253.128.188	36351 (SOFTLAYER) (SOFTLAYER - SoftLayer Technologies Inc.)
1	34.202.244.152 34.202.244.152	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
2 3	2600:1901:0:8... 2600:1901:0:8eee::	15169 (GOOGLE) (GOOGLE - Google LLC)
4 4	172.217.21.226 172.217.21.226	15169 (GOOGLE) (GOOGLE - Google LLC)
2 2	147.75.102.200 147.75.102.200	54825 (PACKET) (PACKET - Packet Host)
1	195.181.175.9 195.181.175.9	60068 (CDN77) (CDN77)
1	34.205.245.130 34.205.245.130	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1	104.111.241.32 104.111.241.32	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
1 2	99.81.69.137 99.81.69.137	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	72.251.249.14 72.251.249.14	29791 (VOXEL-DOT...) (VOXEL-DOT-NET - Internap Corporation)
1	34.95.92.78 34.95.92.78	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	35.177.239.109 35.177.239.109	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 1	18.194.129.92 18.194.129.92	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 2	185.94.180.126 185.94.180.126	35220 (SPOTX-AMS) (SPOTX-AMS)
1	185.33.223.218 185.33.223.218	29990 (ASN-APPNEXUS) (ASN-APPNEXUS - AppNexus)
1	151.101.112.166 151.101.112.166	54113 (FASTLY) (FASTLY - Fastly)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT - The Rubicon Project)
1 2	173.241.240.143 173.241.240.143	36089 (OPENX-AS1) (OPENX-AS1 - OPENX TECHNOLOGIES)
79	35

1 212.95.239.234 (United Kingdom) 1 redirects

ASN8419 (HOTCHILLI, GB)
PTR: redirect.comlaude.com

www.gapac.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 206.220.177.254 (United States) 1 redirects

ASN19254 (-Reserved AS-, ZZ)

www.gp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:815::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:824::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81f::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.162 (United States) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s11-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.112.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:29b::25ea (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.223.200 (Netherlands) 1 redirects

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
PTR: 308.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 169.50.137.176 (United States)

ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US)
PTR: b0.89.32a9.ip4.static.sl-reverse.com

i.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0b::9b (Brussels, Belgium) 2 redirects

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.69 (United States)

ASN13414 (TWITTER - Twitter Inc., US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81e::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.156.60.27 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-35-156-60-27.eu-central-1.compute.amazonaws.com

api.cludo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:814::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

s.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:820::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a05:f500:10:101::b93f:9105 (Ireland) 2 redirects

ASN14413 (LINKEDIN - LinkedIn Corporation, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:f500:10:101::b93f:9101 (Ireland) 1 redirects

ASN14413 (LINKEDIN - LinkedIn Corporation, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.195 (United States)

ASN13414 (TWITTER - Twitter Inc., US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 159.253.128.188 (Amsterdam, Netherlands) 15 redirects

ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US)
PTR: bc.80.fd9f.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.202.244.152 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-202-244-152.compute-1.amazonaws.com

sync.intentiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:1901:0:8eee:: (United States) 2 redirects

ASN15169 (GOOGLE - Google LLC, US)

fei.pro-market.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pbid.pro-market.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.21.226 (United States) 4 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s13-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 147.75.102.200 (Central, Hong Kong) 2 redirects

ASN54825 (PACKET - Packet Host, Inc., US)

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.181.175.9 (Frankfurt am Main, Germany)

ASN60068 (CDN77, GB)
PTR: frankfurt-2.cdn77.com

load77.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.205.245.130 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-205-245-130.compute-1.amazonaws.com

sync.bfmio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.241.32 (Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-111-241-32.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.81.69.137 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-99-81-69-137.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.251.249.14 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET - Internap Corporation, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.95.92.78 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 78.92.95.34.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.177.239.109 (London, United Kingdom) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-35-177-239-109.eu-west-2.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.194.129.92 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-194-129-92.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.126 (Netherlands) 1 redirects

ASN35220 (SPOTX-AMS, NL)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.223.218 (Netherlands)

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
PTR: 313.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.112.166 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 173.241.240.143 (Amsterdam, Netherlands) 1 redirects

ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US)
PTR: ox-173-241-240-143.xa.dc.openx.org

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	gp.com 1 redirects www.gp.com	1 MB
23	simpli.fi 15 redirects i.simpli.fi um.simpli.fi	11 KB
8	doubleclick.net 7 redirects stats.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net	3 KB
4	linkedin.com 3 redirects px.ads.linkedin.com www.linkedin.com	1 KB
4	google.de www.google.de	438 B
4	google.com 3 redirects www.google.com	778 B
3	exelator.com 2 redirects loadm.exelator.com load77.exelator.com	2 KB
3	pro-market.net 2 redirects fei.pro-market.net pbid.pro-market.net	1 KB
3	adnxs.com 1 redirects secure.adnxs.com ib.adnxs.com	3 KB
3	google-analytics.com 1 redirects www.google-analytics.com	18 KB
2	openx.net 1 redirects us-u.openx.net	599 B
2	spotxchange.com 1 redirects sync.search.spotxchange.com	1 KB
2	agkn.com 2 redirects aa.agkn.com d.agkn.com	956 B
2	crwdcntrl.net 1 redirects bcp.crwdcntrl.net	1 KB
2	gstatic.com fonts.gstatic.com	28 KB
2	cludo.com api.cludo.com	2 KB
2	facebook.com www.facebook.com	444 B
2	facebook.net connect.facebook.net	24 KB
2	googleadservices.com 1 redirects www.googleadservices.com	9 KB
1	rubiconproject.com pixel.rubiconproject.com	371 B
1	contextweb.com bh.contextweb.com	628 B
1	rlcdn.com idsync.rlcdn.com	62 B
1	lijit.com ce.lijit.com	532 B
1	bluekai.com stags.bluekai.com	329 B
1	bfmio.com sync.bfmio.com	421 B
1	intentiq.com sync.intentiq.com	517 B
1	twitter.com analytics.twitter.com	268 B
1	ytimg.com s.ytimg.com	8 KB
1	t.co t.co	200 B
1	licdn.com snap.licdn.com	5 KB
1	ads-twitter.com static.ads-twitter.com	2 KB
1	googletagmanager.com www.googletagmanager.com	40 KB
1	googleapis.com fonts.googleapis.com	496 B
1	youtube.com www.youtube.com	923 B
1	gapac.com 1 redirects www.gapac.com	194 B
79	35

	Domain	Requested by
32	www.gp.com	1 redirects www.gp.com
21	um.simpli.fi	15 redirects www.gp.com
4	cm.g.doubleclick.net	4 redirects
4	www.google.de	www.gp.com
4	www.google.com	3 redirects www.gp.com
3	px.ads.linkedin.com	2 redirects www.gp.com
3	www.google-analytics.com	1 redirects www.googletagmanager.com www.gp.com
2	us-u.openx.net	1 redirects www.gp.com
2	sync.search.spotxchange.com	1 redirects www.gp.com
2	bcp.crwdcntrl.net	1 redirects www.gp.com
2	loadm.exelator.com	2 redirects
2	fei.pro-market.net	2 redirects
2	fonts.gstatic.com	www.googletagmanager.com
2	api.cludo.com	www.gp.com
2	googleads.g.doubleclick.net	1 redirects www.googleadservices.com
2	www.facebook.com	www.gp.com
2	stats.g.doubleclick.net	2 redirects
2	i.simpli.fi	www.googletagmanager.com i.simpli.fi
2	secure.adnxs.com	1 redirects www.gp.com
2	connect.facebook.net	www.gp.com connect.facebook.net
2	www.googleadservices.com	1 redirects www.googletagmanager.com
1	pixel.rubiconproject.com	www.gp.com
1	bh.contextweb.com	www.gp.com
1	ib.adnxs.com	www.gp.com
1	d.agkn.com	1 redirects
1	aa.agkn.com	1 redirects
1	idsync.rlcdn.com	www.gp.com
1	ce.lijit.com	www.gp.com
1	stags.bluekai.com	www.gp.com
1	sync.bfmio.com	www.gp.com
1	load77.exelator.com	www.gp.com
1	pbid.pro-market.net	www.gp.com
1	sync.intentiq.com	www.gp.com
1	analytics.twitter.com	static.ads-twitter.com
1	www.linkedin.com	1 redirects
1	s.ytimg.com	www.youtube.com
1	t.co	www.gp.com
1	snap.licdn.com	www.gp.com
1	static.ads-twitter.com	www.gp.com
1	www.googletagmanager.com	www.gp.com
1	fonts.googleapis.com	www.gp.com
1	www.youtube.com	www.gp.com
1	www.gapac.com	1 redirects
79	43

This site contains links to these domains. Also see Links.

Domain
mygp.gp.com
login.gp.com
codeofconduct.kochind.com
www.facebook.com
www.instagram.com
www.linkedin.com
twitter.com
www.youtube.com

Subject Issuer	Validity	Valid
*.gp.com COMODO RSA Domain Validation Secure Server CA	`2017-07-07` - `2020-08-25`	3 years	crt.sh
*.google.com Google Internet Authority G3	`2019-06-18` - `2019-09-10`	3 months	crt.sh
*.googleapis.com Google Internet Authority G3	`2019-06-18` - `2019-09-10`	3 months	crt.sh
*.google-analytics.com Google Internet Authority G3	`2019-06-18` - `2019-09-10`	3 months	crt.sh
www.googleadservices.com Google Internet Authority G3	`2019-06-18` - `2019-09-10`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2019-06-06` - `2019-09-04`	3 months	crt.sh
ads-twitter.com DigiCert SHA2 High Assurance Server CA	`2018-08-16` - `2019-08-21`	a year	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2019-04-01` - `2021-05-07`	2 years	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.simpli.fi DigiCert SHA2 Secure Server CA	`2017-05-11` - `2020-05-10`	3 years	crt.sh
www.google.de Google Internet Authority G3	`2019-06-18` - `2019-09-10`	3 months	crt.sh
t.co DigiCert SHA2 High Assurance Server CA	`2019-04-09` - `2020-04-01`	a year	crt.sh
*.g.doubleclick.net Google Internet Authority G3	`2019-06-18` - `2019-09-10`	3 months	crt.sh
www.google.com Google Internet Authority G3	`2019-06-18` - `2019-09-10`	3 months	crt.sh
*.cludo.com RapidSSL TLS RSA CA G1	`2019-04-11` - `2021-05-10`	2 years	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2019-05-29` - `2021-06-29`	2 years	crt.sh
*.twitter.com DigiCert SHA2 High Assurance Server CA	`2019-04-09` - `2020-04-01`	a year	crt.sh
*.intentiq.com Amazon	`2019-04-25` - `2020-05-25`	a year	crt.sh
*.pro-market.net Gandi Standard SSL CA 2	`2018-08-20` - `2020-08-20`	2 years	crt.sh
1605158521.rsc.cdn77.org Let's Encrypt Authority X3	`2019-06-29` - `2019-09-27`	3 months	crt.sh
*.bfmio.com Go Daddy Secure Certificate Authority - G2	`2016-09-05` - `2019-09-05`	3 years	crt.sh
odc-prod-01.oracle.com DigiCert ECC Secure Server CA	`2018-12-10` - `2020-03-10`	a year	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2019-06-13` - `2021-06-28`	2 years	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2019-03-11` - `2020-05-10`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2019-04-24` - `2020-04-23`	a year	crt.sh
*.search.spotxchange.com GeoTrust RSA CA 2018	`2019-03-20` - `2021-04-21`	2 years	crt.sh
*.contextweb.com DigiCert SHA2 Secure Server CA	`2018-07-07` - `2020-06-03`	2 years	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2019-01-10` - `2021-01-14`	2 years	crt.sh
*.openx.net DigiCert ECC Secure Server CA	`2019-02-08` - `2020-05-12`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.gp.com/
Frame ID: 16131EB010F9038CC0B5E7DBA26735EA
Requests: 79 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://www.gapac.com/ HTTP 301
http://www.gp.com/ HTTP 301
https://www.gp.com/ Page URL

Detected technologies

Windows Server (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

IIS (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html //i

Page Statistics

79
Requests

100 %
HTTPS

38 %
IPv6

35
Domains

43
Subdomains

35
IPs

8
Countries

1201 kB
Transfer

2240 kB
Size

0
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: http://mygp.gp.com/
Title: Employee Login

Search URL Search Domain Scan URL

URL: https://login.gp.com/
Title: Partner Login

Search URL Search Domain Scan URL

URL: https://codeofconduct.kochind.com/
Title: Code of Conduct

Search URL Search Domain Scan URL

URL: https://www.facebook.com/GeorgiaPacific

Search URL Search Domain Scan URL

URL: https://www.instagram.com/georgiapacific/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/georgia-pacific-llc

Search URL Search Domain Scan URL

URL: https://twitter.com/georgiapacific

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/georgiapacifictv

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.gapac.com/ HTTP 301
http://www.gp.com/ HTTP 301
https://www.gp.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 37

https://secure.adnxs.com/seg?add=12447961&t=1 HTTP 302
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D12447961%26t%3D1

Request Chain 40

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j77&tid=UA-72388053-2&cid=1834167279.1563280127&jid=573894973&gjid=1097470376&_gid=97626408.1563280127&_u=YGBAgEAB~&z=11953096 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-72388053-2&cid=1834167279.1563280127&jid=573894973&_v=j77&z=11953096 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-72388053-2&cid=1834167279.1563280127&jid=573894973&_v=j77&z=11953096&slf_rd=1&random=103987876

Request Chain 52

https://px.ads.linkedin.com/collect/?time=1563280128571&pid=48743&url=https%3A%2F%2Fwww.gp.com%2F&fmt=js&s=1 HTTP 302
https://px.ads.linkedin.com/collect/?time=1563280128571&pid=48743&url=https%3A%2F%2Fwww.gp.com%2F&fmt=js&s=1&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%2F%3Ftime%3D1563280128571%26pid%3D48743%26url%3Dhttps%253A%252F%252Fwww.gp.com%252F%26fmt%3Djs%26s%3D1%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect/?time=1563280128571&pid=48743&url=https%3A%2F%2Fwww.gp.com%2F&fmt=js&s=1&cookiesTest=true&liSync=true

Request Chain 56

https://www.google-analytics.com/r/collect?v=1&_v=j77&a=930798016&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.gp.com%2F&ul=en-us&de=UTF-8&dt=Welcome%20to%20Georgia-Pacific&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=NewsAndUpdates__Visibility__Module&ea=%2F&_u=aGDAAEAB~&jid=2032593797&gjid=1559129180&cid=1834167279.1563280127&tid=UA-72388053-2&_gid=97626408.1563280127&_r=1&gtm=2wg6q15GDL9V2&cd1=null&cd2=null&z=1455148647 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-72388053-2&cid=1834167279.1563280127&jid=2032593797&_gid=97626408.1563280127&gjid=1559129180&_v=j77&z=1455148647 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-72388053-2&cid=1834167279.1563280127&jid=2032593797&_v=j77&z=1455148647 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-72388053-2&cid=1834167279.1563280127&jid=2032593797&_v=j77&z=1455148647&slf_rd=1&random=3357795331

Request Chain 59

https://um.simpli.fi/intentiq HTTP 302
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=B08932A906C32D5D4469067E02F91D37

Request Chain 62

https://um.simpli.fi/dtnx HTTP 302
https://fei.pro-market.net/engine?du=24;csync=BC80FD9F07C32D5D7DA18F5002A604CC;mimetype=img; HTTP 302
https://fei.pro-market.net/engine?du=24;csync=BC80FD9F07C32D5D7DA18F5002A604CC;mimetype=img;sr HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datonics&google_cm&google_sc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datonics&google_cm=&google_sc=&google_tc= HTTP 302
https://pbid.pro-market.net/engine?du=53&mimetype=img&google_gid=CAESEIKXZQKkD0kdIIaa_NTlbHc&google_cver=1

Request Chain 63

https://um.simpli.fi/exelatem HTTP 302
https://loadm.exelator.com/load/?p=204&g=2191&simid=BC80FD9F07C32D5D7DA18F5002A604CC&j=0 HTTP 302
https://loadm.exelator.com/load/?p=204&g=2191&simid=BC80FD9F07C32D5D7DA18F5002A604CC&j=0&xl8blockcheck=1 HTTP 302
https://load77.exelator.com/pixel.gif

Request Chain 65

https://um.simpli.fi/beachfront HTTP 302
https://sync.bfmio.com/sync?pid=141&uid=BC80FD9F07C32D5D7DA18F5002A604CC

Request Chain 66

https://um.simpli.fi/bluekai HTTP 302
https://stags.bluekai.com/site/29931?id=BC80FD9F07C32D5D7DA18F5002A604CC

Request Chain 67

https://um.simpli.fi/crwdcntrl HTTP 302
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=BC80FD9F07C32D5D7DA18F5002A604CC HTTP 302
https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=BC80FD9F07C32D5D7DA18F5002A604CC

Request Chain 68

https://um.simpli.fi/lj_match HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=BC80FD9F07C32D5D7DA18F5002A604CC

Request Chain 69

https://um.simpli.fi/liveramp_match HTTP 302
https://idsync.rlcdn.com/419566.gif?partner_uid=BC80FD9F07C32D5D7DA18F5002A604CC

Request Chain 70

https://aa.agkn.com/adscores/g.pixel?sid=9201915418 HTTP 302
https://d.agkn.com/pixel/5502/?sk=164860503118000342802&pd=&l0=https://um.simpli.fi/aa_px?sk=164860503118000342802 HTTP 302
https://um.simpli.fi/aa_px?sk=164860503118000342802

Request Chain 71

https://www.googleadservices.com/pagead/conversion/1026675585/?random=1563280134790&cv=7&fst=1563280134790&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=1561544261&cv=7&fst=*&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=CMMtXeayNMTm3wP3_Y64Bw&sscte=1&crd=&gtd= HTTP 302
https://www.google.com/pagead/1p-conversion/1026675585/?random=1561544261&cv=7&fst=*&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&gtd=&cdct=2&is_vtc=1&ocp_id=CMMtXeayNMTm3wP3_Y64Bw&random=2189339049 HTTP 302
https://www.google.de/pagead/1p-conversion/1026675585/?random=1561544261&cv=7&fst=*&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&gtd=&cdct=2&is_vtc=1&ocp_id=CMMtXeayNMTm3wP3_Y64Bw&random=2189339049&ipr=y

Request Chain 72

https://um.simpli.fi/spotx_match HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=BC80FD9F07C32D5D7DA18F5002A604CC HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=BC80FD9F07C32D5D7DA18F5002A604CC&__user_check__=1&sync_id=48cd110d-a7c5-11e9-8086-1f057aaa0e06

Request Chain 73

https://um.simpli.fi/an HTTP 302
https://ib.adnxs.com/setuid?entity=66&code=BC80FD9F07C32D5D7DA18F5002A604CC

Request Chain 74

https://um.simpli.fi/cw_match HTTP 302
https://bh.contextweb.com/bh/rtset?do=add&pid=537085&ev=BC80FD9F07C32D5D7DA18F5002A604CC

Request Chain 75

https://um.simpli.fi/rb_match HTTP 302
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=BC80FD9F07C32D5D7DA18F5002A604CC&expires=365

Request Chain 76

https://um.simpli.fi/ox_match HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072966&val=BC80FD9F07C32D5D7DA18F5002A604CC HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=BC80FD9F07C32D5D7DA18F5002A604CC

Request Chain 77

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc HTTP 302
https://um.simpli.fi/g_match?id=&google_gid=CAESEL1r_62qOzGXDBqmvaaY1ZY&google_cver=1 HTTP 302
https://um.simpli.fi/match_redirect?sifi_redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsimplifi%26google_hm%3D%24UID HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=BC80FD9F07C32D5D7DA18F5002A604CC HTTP 302
https://um.simpli.fi/g_match?id=

79 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request

Cookie set / Show response
www.gp.com/
Redirect Chain

http://www.gapac.com/
http://www.gp.com/
https://www.gp.com/

38 KB
11 KB

3957ms
513ms

Document
text/html

206.220.177.254
-Reserved AS-

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gp.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 206.220.177.254 , United States, ASN19254 (-Reserved AS-, ZZ),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 9dae157a87bc1472539e661b05534283e6e0276c5cdfa9f7d27a36c0c09d2fdf

Request headers

Host: www.gp.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
Set-Cookie: ASP.NET_SessionId=rcsbqopj2kcnys5vfgoyqhlu; path=/; HttpOnly SC_ANALYTICS_GLOBAL_COOKIE=90f99c4c0f394f6f9eeddaf30ab8a432|False; expires=Mon, 16-Jul-2029 12:28:15 GMT; path=/; HttpOnly
X-AspNetMvc-Version: 5.2
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Tue, 16 Jul 2019 12:28:15 GMT
Content-Length: 10846

Redirect headers

Content-Type: text/html; charset=UTF-8
Location: https://www.gp.com/
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Tue, 16 Jul 2019 12:28:12 GMT
Content-Length: 142

GET
H/1.1 200
OK cludo-search-default.min.css
www.gp.com/_css/cludo/ 25 KB
4 KB 136ms
133ms Stylesheet
text/css 206.220.177.254
-Reserved AS-

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gp.com/_css/cludo/cludo-search-default.min.css
Requested by: Host: www.gp.com
URL: https://www.gp.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 206.220.177.254 , United States, ASN19254 (-Reserved AS-, ZZ),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 601eacb67ee3ff944b4c98e43e49a70aff435fca669fb2cdef14dbf2ba8abff0

Request headers

Referer: https://www.gp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 16 Jul 2019 12:28:15 GMT
Content-Encoding: gzip
Last-Modified: Fri, 28 Jun 2019 17:07:02 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "0bf58e7d32dd51:0"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 3857

GET
H/1.1 200
OK styles.css
www.gp.com/_css/ 111 KB
20 KB 265ms
262ms Stylesheet
text/css 206.220.177.254
-Reserved AS-

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gp.com/_css/styles.css
Requested by: Host: www.gp.com
URL: https://www.gp.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 206.220.177.254 , United States, ASN19254 (-Reserved AS-, ZZ),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: fa312ba27249f5aaffb43f1997558c30d2768f6823200ed7deb325b80aec78c9

Request headers

Referer: https://www.gp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 16 Jul 2019 12:28:16 GMT
Content-Encoding: gzip
Last-Modified: Fri, 28 Jun 2019 17:07:02 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "0bf58e7d32dd51:0"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 20044

GET
H/1.1 200
OK VisitorIdentification.js Show response
www.gp.com/layouts/system/ 2 KB
1 KB 269ms
132ms Script
application/javascript 206.220.177.254
-Reserved AS-

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gp.com/layouts/system/VisitorIdentification.js
Requested by: Host: www.gp.com
URL: https://www.gp.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 206.220.177.254 , United States, ASN19254 (-Reserved AS-, ZZ),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: cfc4291a1bd912621561e76e59e94cf4a3fd76520b18dae728dd4d6956a11c65

Request headers

Referer: https://www.gp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 16 Jul 2019 12:28:15 GMT
Content-Encoding: gzip
Last-Modified: Mon, 08 Jan 2018 19:06:04 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "b42723bbb388d31:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 795

GET
H/1.1 200
OK georgia-pacific-color.png
www.gp.com/-/media/gp/images/logos/ 2 KB
3 KB 400ms
134ms Image
image/webp 206.220.177.254
-Reserved AS-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gp.com/-/media/gp/images/logos/georgia-pacific-color.png?h=38&w=209&la=en&hash=373BCEE9FBD96E012921AA1E6EE417E4CD427073
Requested by: Host: www.gp.com
URL: https://www.gp.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 206.220.177.254 , United States, ASN19254 (-Reserved AS-, ZZ),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 51a4fe3b6048bf2baf5895a3b66f5e798d7f881649466d13bd8e8ad1601759c0

Request headers

Referer: https://www.gp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 16 Jul 2019 12:28:16 GMT
Last-Modified: Thu, 15 Nov 2018 13:17:40 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept
Content-Type: image/webp
Cache-Control: private, max-age=604800
Content-Disposition: inline; filename="georgia-pacific-color.webp"
Accept-Ranges: bytes
Content-Length: 2236
Expires: Tue, 23 Jul 2019 12:28:16 GMT

GET
H/1.1 200
OK children-of-gp-awarded-college-scholarships-650x435.jpg
www.gp.com/-/media/gp/images/article-listing/2019-articles/06/ 4 KB
4 KB 406ms
136ms Image
image/webp 206.220.177.254
-Reserved AS-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gp.com/-/media/gp/images/article-listing/2019-articles/06/children-of-gp-awarded-college-scholarships-650x435.jpg?h=134&w=206&la=en&hash=FCCB1EA37734D2EA1B6912223735A2A689A4F351
Requested by: Host: www.gp.com
URL: https://www.gp.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 206.220.177.254 , United States, ASN19254 (-Reserved AS-, ZZ),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: d1d6cc97c58877b134b36847c20ea6e3cdeb61bd326c7604ba839b4da83fa52d

Request headers

Referer: https://www.gp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 16 Jul 2019 12:28:15 GMT
Last-Modified: Mon, 24 Jun 2019 19:35:19 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept
Content-Type: image/webp
Cache-Control: private, max-age=604800
Content-Disposition: inline; filename="children-of-gp-awarded-college-scholarships-650x435.webp"
Accept-Ranges: bytes
Content-Length: 3704
Expires: Tue, 23 Jul 2019 12:28:16 GMT

GET
H/1.1 200
OK convoy-of-hope-and-gp-help-natural-disaster-650x435.jpg
www.gp.com/-/media/gp/images/article-listing/2019-articles/06/ 4 KB
4 KB 805ms
136ms Image
image/webp 206.220.177.254
-Reserved AS-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gp.com/-/media/gp/images/article-listing/2019-articles/06/convoy-of-hope-and-gp-help-natural-disaster-650x435.jpg?h=134&w=206&la=en&hash=E79B155C6E2F6A296DAB4EDEE9B52A059740B453
Requested by: Host: www.gp.com
URL: https://www.gp.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 206.220.177.254 , United States, ASN19254 (-Reserved AS-, ZZ),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 96a59619e07e1f0b41603e0fa7088c0b4f1c45a191b4be1c7246a53cb05abd16

Request headers

Referer: https://www.gp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 16 Jul 2019 12:28:16 GMT
Last-Modified: Tue, 18 Jun 2019 20:05:52 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept
Content-Type: image/webp
Cache-Control: private, max-age=604800
Content-Disposition: inline; filename="convoy-of-hope-and-gp-help-natural-disaster-650x435.webp"
Accept-Ranges: bytes
Content-Length: 4110
Expires: Tue, 23 Jul 2019 12:28:17 GMT

GET
H/1.1 200
OK father-day-650x435.jpg
www.gp.com/-/media/gp/images/article-listing/2019-articles/06/ 4 KB
4 KB 480ms
137ms Image
image/webp 206.220.177.254
-Reserved AS-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gp.com/-/media/gp/images/article-listing/2019-articles/06/father-day-650x435.jpg?h=138&w=206&la=en&hash=F4E2F2DFE0DDE2FB56010A78349188E745CC6CC8
Requested by: Host: www.gp.com
URL: https://www.gp.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 206.220.177.254 , United States, ASN19254 (-Reserved AS-, ZZ),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: d985926060846ba345b5289640a8dc108a5756ec64aa37e5b00a05a2d1843239

Request headers

Referer: https://www.gp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 16 Jul 2019 12:28:16 GMT
Last-Modified: Mon, 10 Jun 2019 13:51:02 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept
Content-Type: image/webp
Cache-Control: private, max-age=604800
Content-Disposition: inline; filename="father-day-650x435.webp"
Accept-Ranges: bytes
Content-Length: 4160
Expires: Tue, 23 Jul 2019 12:28:16 GMT

GET
H/1.1 200
OK fb.png
www.gp.com/-/media/gp/images/icons/ 440 B
833 B 365ms
131ms Image
image/webp 206.220.177.254
-Reserved AS-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gp.com/-/media/gp/images/icons/fb.png?h=58&w=58&la=en&hash=69D064747ED6DD488BB733F2D0400DDE575DABB2
Requested by: Host: www.gp.com
URL: https://www.gp.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 206.220.177.254 , United States, ASN19254 (-Reserved AS-, ZZ),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 610985b5e6bc9bdd628d399a34768004b9ca0a7e1db76ecdd9171936ace82132

Request headers

Referer: https://www.gp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 16 Jul 2019 12:28:16 GMT
Last-Modified: Mon, 20 Aug 2018 14:25:15 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept
Content-Type: image/webp
Cache-Control: private, max-age=604800
Content-Disposition: inline; filename="fb.webp"
Accept-Ranges: bytes
Content-Length: 440
Expires: Tue, 23 Jul 2019 12:28:17 GMT

GET
H/1.1 200
OK instagram.png
www.gp.com/-/media/gp/images/icons/ 808 B
1 KB 290ms
134ms Image
image/webp 206.220.177.254
-Reserved AS-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gp.com/-/media/gp/images/icons/instagram.png?h=58&w=58&la=en&hash=9428B2CC071E85AC3942FD122BC15BBDD67283DA
Requested by: Host: www.gp.com
URL: https://www.gp.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 206.220.177.254 , United States, ASN19254 (-Reserved AS-, ZZ),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 77991101b09a5d8b4438cadbc4466ac4b954f82bc6841128507db95074054139

Request headers

Referer: https://www.gp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 16 Jul 2019 12:28:16 GMT
Last-Modified: Mon, 20 Aug 2018 14:38:43 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept
Content-Type: image/webp
Cache-Control: private, max-age=604800
Content-Disposition: inline; filename="instagram.webp"
Accept-Ranges: bytes
Content-Length: 808
Expires: Tue, 23 Jul 2019 12:28:17 GMT

GET
H/1.1 200
OK linkedin.png
www.gp.com/-/media/gp/images/icons/ 700 B
1 KB 365ms
131ms Image
image/webp 206.220.177.254
-Reserved AS-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gp.com/-/media/gp/images/icons/linkedin.png?h=58&w=58&la=en&hash=758323BAA325CBE8422EF342C604AA76CCB9536C
Requested by: Host: www.gp.com
URL: https://www.gp.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 206.220.177.254 , United States, ASN19254 (-Reserved AS-, ZZ),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 41f068b41c5f1bcb425cbeb45c7084284104886175a1bc1d6a362e5e2290e30c

Request headers

Referer: https://www.gp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 16 Jul 2019 12:28:16 GMT
Last-Modified: Mon, 20 Aug 2018 14:47:09 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept
Content-Type: image/webp
Cache-Control: private, max-age=604800
Content-Disposition: inline; filename="linkedin.webp"
Accept-Ranges: bytes
Content-Length: 700
Expires: Tue, 23 Jul 2019 12:28:17 GMT

GET
H/1.1 200
OK twitter.png
www.gp.com/-/media/gp/images/icons/ 342 B
740 B 310ms
135ms Image
image/webp 206.220.177.254
-Reserved AS-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gp.com/-/media/gp/images/icons/twitter.png?h=58&w=58&la=en&hash=6F231FC60BB948AEA3964A9A5C1E028612C7CB21
Requested by: Host: www.gp.com
URL: https://www.gp.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 206.220.177.254 , United States, ASN19254 (-Reserved AS-, ZZ),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: a66a6b675af35607bfd0d4c43104c4fcbe33e795e1d9123d4f447438a7bcf90f

Request headers

Referer: https://www.gp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 16 Jul 2019 12:28:16 GMT
Last-Modified: Mon, 20 Aug 2018 14:52:46 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept
Content-Type: image/webp
Cache-Control: private, max-age=604800
Content-Disposition: inline; filename="twitter.webp"
Accept-Ranges: bytes
Content-Length: 342
Expires: Tue, 23 Jul 2019 12:28:17 GMT

GET
H/1.1 200
OK youtube.jpg
www.gp.com/-/media/gp/images/icons/ 466 B
864 B 359ms
131ms Image
image/webp 206.220.177.254
-Reserved AS-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gp.com/-/media/gp/images/icons/youtube.jpg?h=58&w=58&la=en&hash=1F10157F32F65B9F3204B3FFDAF1A07E2E0F34C1
Requested by: Host: www.gp.com
URL: https://www.gp.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 206.220.177.254 , United States, ASN19254 (-Reserved AS-, ZZ),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: ced26106dd286b53848d95abebd29a5af8927e5c20efa27a2e5ed58714ce2f33

Request headers

Referer: https://www.gp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 16 Jul 2019 12:28:16 GMT
Last-Modified: Thu, 23 Aug 2018 14:32:35 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept
Content-Type: image/webp
Cache-Control: private, max-age=604800
Content-Disposition: inline; filename="youtube.webp"
Accept-Ranges: bytes
Content-Length: 466
Expires: Tue, 23 Jul 2019 12:28:17 GMT

GET
H/1.1 200
OK search-script.min.js Show response
www.gp.com/_js/cludo/ 103 KB
23 KB 651ms
129ms Script
application/javascript 206.220.177.254
-Reserved AS-

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gp.com/_js/cludo/search-script.min.js
Requested by: Host: www.gp.com
URL: https://www.gp.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 206.220.177.254 , United States, ASN19254 (-Reserved AS-, ZZ),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 9624d14733a85fd37bc3b4cfaaa78dc76c2a81a5ecf32d3342fd46595535d09d

Request headers

Referer: https://www.gp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 16 Jul 2019 12:28:16 GMT
Content-Encoding: gzip
Last-Modified: Fri, 28 Jun 2019 17:07:02 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "0bf58e7d32dd51:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 23430

GET
H2 200 iframe_api Show response
www.youtube.com/ 859 B
923 B 24ms
19ms Script
application/javascript 2a00:1450:4001:815::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: www.gp.com
URL: https://www.gp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

YouTube Frontend Proxy /

Resource Hash

1719f6580a787e2868d91118ce6ba052eb179160a5e9cec05d846079a8d29b94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 16 Jul 2019 12:28:47 GMT
x-content-type-options: nosniff
server: YouTube Frontend Proxy
content-type: application/javascript
status: 200
cache-control: no-cache
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 859
x-xss-protection: 0
expires: Tue, 27 Apr 1971 19:44:06 EST

GET
H2 200 css
fonts.googleapis.com/ 2 KB
496 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:824::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Dosis:400,600

Requested by

Host: www.gp.com
URL: https://www.gp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

7635e8a9360ec657e938bf986a9517eb4f8f06d899c8b8f4f62af5cb2f6c6189

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.gp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Tue, 16 Jul 2019 12:28:47 GMT
server: ESF
access-control-allow-origin: *
date: Tue, 16 Jul 2019 12:28:47 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 0
expires: Tue, 16 Jul 2019 12:28:47 GMT

GET
H/1.1 200
OK common-bundle.js Show response
www.gp.com/_js/ 8 KB
3 KB 667ms
132ms Script
application/javascript 206.220.177.254
-Reserved AS-

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gp.com/_js/common-bundle.js
Requested by: Host: www.gp.com
URL: https://www.gp.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 206.220.177.254 , United States, ASN19254 (-Reserved AS-, ZZ),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: c6154bfdbc57a90fac6563e85120934d271ca98ec709147c99896b3e500b79cc

Request headers

Referer: https://www.gp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 16 Jul 2019 12:28:16 GMT
Content-Encoding: gzip
Last-Modified: Fri, 28 Jun 2019 17:07:02 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "0bf58e7d32dd51:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 3170

GET
H/1.1 200
OK Main-bundle.js Show response
www.gp.com/_js/ 804 KB
237 KB 783ms
130ms Script
application/javascript 206.220.177.254
-Reserved AS-

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gp.com/_js/Main-bundle.js
Requested by: Host: www.gp.com
URL: https://www.gp.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 206.220.177.254 , United States, ASN19254 (-Reserved AS-, ZZ),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 27e965672c944b3035b0a6904aa4bbba67eb93f934eff9f633ee243f7a07bfd9

Request headers

Referer: https://www.gp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 16 Jul 2019 12:28:16 GMT
Content-Encoding: gzip
Last-Modified: Fri, 28 Jun 2019 17:07:02 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "0bf58e7d32dd51:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 242273

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 191 KB
40 KB 18ms
16ms Script
application/javascript 2a00:1450:4001:81c::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5GDL9V2

Requested by

Host: www.gp.com
URL: https://www.gp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

499c1fdff3199794372fdce5bdd0f0d56140104457f01f87d5dcc143b3ac2b6a

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.gp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 16 Jul 2019 12:28:47 GMT
content-encoding: br
last-modified: Tue, 16 Jul 2019 12:00:00 GMT
server: Google Tag Manager
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-length: 41143
x-xss-protection: 0
expires: Tue, 16 Jul 2019 12:28:47 GMT

GET
H/1.1 200
OK icon-search.svg
www.gp.com/_Images/svg/ 300 B
581 B 186ms
128ms Image
image/svg+xml 206.220.177.254
-Reserved AS-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gp.com/_Images/svg/icon-search.svg
Requested by: Host: www.gp.com
URL: https://www.gp.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 206.220.177.254 , United States, ASN19254 (-Reserved AS-, ZZ),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 130d7d156b574f280fc9526311c8a0ea847e6ed075217419364ec6aaa8385c4d

Request headers

Referer: https://www.gp.com/_css/styles.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 16 Jul 2019 12:28:16 GMT
ETag: "0bf58e7d32dd51:0"
Last-Modified: Fri, 28 Jun 2019 17:07:02 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Content-Type: image/svg+xml
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 300

GET
H/1.1 200
OK gp-hamburger.svg
www.gp.com/_Images/svg/ 305 B
586 B 311ms
131ms Image
image/svg+xml 206.220.177.254
-Reserved AS-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gp.com/_Images/svg/gp-hamburger.svg
Requested by: Host: www.gp.com
URL: https://www.gp.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 206.220.177.254 , United States, ASN19254 (-Reserved AS-, ZZ),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: acfc3f95806ad86712c283eafa368d3d23393e687cf2a25dc9102ec8cef7a016

Request headers

Referer: https://www.gp.com/_css/styles.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 16 Jul 2019 12:28:16 GMT
ETag: "0bf58e7d32dd51:0"
Last-Modified: Fri, 28 Jun 2019 17:07:02 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Content-Type: image/svg+xml
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 305

GET
H/1.1 200
OK georgia-pacific-careers-3-550x750.jpg
www.gp.com/-/media/gp/images/hero-images/homepage/ 27 KB
28 KB 466ms
134ms Image
image/webp 206.220.177.254
-Reserved AS-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gp.com/-/media/gp/images/hero-images/homepage/georgia-pacific-careers-3-550x750.jpg
Requested by: Host: www.gp.com
URL: https://www.gp.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 206.220.177.254 , United States, ASN19254 (-Reserved AS-, ZZ),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 48ad43b336f908b247d3162b98ed6362c292f44c781b5068d1bb04bf84e109de

Request headers

Referer: https://www.gp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 16 Jul 2019 12:28:16 GMT
Last-Modified: Fri, 18 May 2018 13:28:39 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept
Content-Type: image/webp
Cache-Control: private, max-age=604800
Content-Disposition: inline; filename="georgia-pacific-careers-3-550x750.webp"
Accept-Ranges: bytes
Content-Length: 28034
Expires: Tue, 23 Jul 2019 12:28:16 GMT

GET
H/1.1 200
OK georgia-pacific-news-and-stories-550x750.jpg
www.gp.com/-/media/gp/images/hero-images/homepage/ 60 KB
61 KB 202ms
134ms Image
image/webp 206.220.177.254
-Reserved AS-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gp.com/-/media/gp/images/hero-images/homepage/georgia-pacific-news-and-stories-550x750.jpg
Requested by: Host: www.gp.com
URL: https://www.gp.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 206.220.177.254 , United States, ASN19254 (-Reserved AS-, ZZ),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 3e7fc132cff12312f6a0cb1bd4a46c1b66e134b046e2e10aede9ce75fbb403e3

Request headers

Referer: https://www.gp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 16 Jul 2019 12:28:16 GMT
Last-Modified: Fri, 18 May 2018 13:29:08 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept
Content-Type: image/webp
Cache-Control: private, max-age=604800
Content-Disposition: inline; filename="georgia-pacific-news-and-stories-550x750.webp"
Accept-Ranges: bytes
Content-Length: 61678
Expires: Tue, 23 Jul 2019 12:28:16 GMT

GET
H/1.1 200
OK georgia-pacific-environmental-performance-550x750.jpg
www.gp.com/-/media/gp/images/hero-images/homepage/ 61 KB
62 KB 210ms
138ms Image
image/webp 206.220.177.254
-Reserved AS-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gp.com/-/media/gp/images/hero-images/homepage/georgia-pacific-environmental-performance-550x750.jpg
Requested by: Host: www.gp.com
URL: https://www.gp.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 206.220.177.254 , United States, ASN19254 (-Reserved AS-, ZZ),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 67dc02bf4b4d4f4d1c7f4b02a1a30685ab66440dad5ad2d199d4dcc4072565e3

Request headers

Referer: https://www.gp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 16 Jul 2019 12:28:16 GMT
Last-Modified: Fri, 18 May 2018 13:28:56 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept
Content-Type: image/webp
Cache-Control: private, max-age=604800
Content-Disposition: inline; filename="georgia-pacific-environmental-performance-550x750.webp"
Accept-Ranges: bytes
Content-Length: 62712
Expires: Tue, 23 Jul 2019 12:28:16 GMT

GET
H/1.1 200
OK georgia-pacific-community-550x750.jpg
www.gp.com/-/media/gp/images/hero-images/homepage/ 68 KB
69 KB 588ms
134ms Image
image/webp 206.220.177.254
-Reserved AS-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gp.com/-/media/gp/images/hero-images/homepage/georgia-pacific-community-550x750.jpg
Requested by: Host: www.gp.com
URL: https://www.gp.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 206.220.177.254 , United States, ASN19254 (-Reserved AS-, ZZ),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 8069dd321eae1e5ea747c2c75d713d1864612667330c5715a786ee69e38db491

Request headers

Referer: https://www.gp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 16 Jul 2019 12:28:16 GMT
Last-Modified: Mon, 08 Jan 2018 19:31:08 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept
Content-Type: image/webp
Cache-Control: private, max-age=604800
Content-Disposition: inline; filename="georgia-pacific-community-550x750.webp"
Accept-Ranges: bytes
Content-Length: 70130
Expires: Tue, 23 Jul 2019 12:28:16 GMT

GET
H/1.1 200
OK georgia-pacific-about-us-1920x600.jpg
www.gp.com/-/media/gp/images/hero-images/homepage/ 15 KB
16 KB 451ms
264ms Image
image/webp 206.220.177.254
-Reserved AS-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gp.com/-/media/gp/images/hero-images/homepage/georgia-pacific-about-us-1920x600.jpg
Requested by: Host: www.gp.com
URL: https://www.gp.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 206.220.177.254 , United States, ASN19254 (-Reserved AS-, ZZ),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 9087926d250206f8028fbaed397502380165726ee12acb92c952ee47e6f0bc3b

Request headers

Referer: https://www.gp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 16 Jul 2019 12:28:16 GMT
Last-Modified: Mon, 08 Jan 2018 19:29:52 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept
Content-Type: image/webp
Cache-Control: private, max-age=604800
Content-Disposition: inline; filename="georgia-pacific-about-us-1920x600.webp"
Accept-Ranges: bytes
Content-Length: 15696
Expires: Tue, 23 Jul 2019 12:28:16 GMT

GET
H/1.1 200
OK veterans-day-celebrating-freedom-1920x1080.jpg
www.gp.com/-/media/gp/images/hero-images/careers/veterans/ 54 KB
55 KB 359ms
134ms Image
image/webp 206.220.177.254
-Reserved AS-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gp.com/-/media/gp/images/hero-images/careers/veterans/veterans-day-celebrating-freedom-1920x1080.jpg
Requested by: Host: www.gp.com
URL: https://www.gp.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 206.220.177.254 , United States, ASN19254 (-Reserved AS-, ZZ),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 1570dded06259ba4b575ae7472e109bf9c59352d7d31435c485fa000f7cb6526

Request headers

Referer: https://www.gp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 16 Jul 2019 12:28:17 GMT
Last-Modified: Fri, 18 May 2018 14:51:43 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept
Content-Type: image/webp
Cache-Control: private, max-age=604800
Content-Disposition: inline; filename="veterans-day-celebrating-freedom-1920x1080.webp"
Accept-Ranges: bytes
Content-Length: 55378
Expires: Tue, 23 Jul 2019 12:28:17 GMT

GET
H/1.1 200
OK working-at-georgia-pacific-2-952x500.jpg
www.gp.com/-/media/gp/images/alternating-images/homepage/ 84 KB
84 KB 274ms
133ms Image
image/webp 206.220.177.254
-Reserved AS-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gp.com/-/media/gp/images/alternating-images/homepage/working-at-georgia-pacific-2-952x500.jpg
Requested by: Host: www.gp.com
URL: https://www.gp.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 206.220.177.254 , United States, ASN19254 (-Reserved AS-, ZZ),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: f19116e35e066d19b2699c85e6d70c249ddb49146974c37fb868d285f072bca5

Request headers

Referer: https://www.gp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 16 Jul 2019 12:28:17 GMT
Last-Modified: Mon, 08 Jan 2018 19:17:42 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept
Content-Type: image/webp
Cache-Control: private, max-age=604800
Content-Disposition: inline; filename="working-at-georgia-pacific-2-952x500.webp"
Accept-Ranges: bytes
Content-Length: 85536
Expires: Tue, 23 Jul 2019 12:28:17 GMT

GET
H/1.1 200
OK working-at-georgia-pacific-3-952x500.jpg
www.gp.com/-/media/gp/images/alternating-images/homepage/ 54 KB
55 KB 270ms
136ms Image
image/webp 206.220.177.254
-Reserved AS-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gp.com/-/media/gp/images/alternating-images/homepage/working-at-georgia-pacific-3-952x500.jpg
Requested by: Host: www.gp.com
URL: https://www.gp.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 206.220.177.254 , United States, ASN19254 (-Reserved AS-, ZZ),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 481864cd3df440bc8fe18ea1ac88c686f6bbb1b7c5a6efebc4e19a3dcfb48a4d

Request headers

Referer: https://www.gp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 16 Jul 2019 12:28:17 GMT
Last-Modified: Fri, 18 May 2018 13:30:11 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept
Content-Type: image/webp
Cache-Control: private, max-age=604800
Content-Disposition: inline; filename="working-at-georgia-pacific-3-952x500.webp"
Accept-Ranges: bytes
Content-Length: 55406
Expires: Tue, 23 Jul 2019 12:28:17 GMT

GET
H/1.1 200
OK sustainability-3-952x500.jpg
www.gp.com/-/media/gp/images/alternating-images/homepage/ 112 KB
113 KB 270ms
134ms Image
image/webp 206.220.177.254
-Reserved AS-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gp.com/-/media/gp/images/alternating-images/homepage/sustainability-3-952x500.jpg
Requested by: Host: www.gp.com
URL: https://www.gp.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 206.220.177.254 , United States, ASN19254 (-Reserved AS-, ZZ),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 3a59a7ed34c74d30db647be7613dfae4cf34aa5e0239f8fcb8efe15b1f0638e0

Request headers

Referer: https://www.gp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 16 Jul 2019 12:28:17 GMT
Last-Modified: Mon, 08 Jan 2018 19:17:11 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept
Content-Type: image/webp
Cache-Control: private, max-age=604800
Content-Disposition: inline; filename="sustainability-3-952x500.webp"
Accept-Ranges: bytes
Content-Length: 115174
Expires: Tue, 23 Jul 2019 12:28:17 GMT

GET
H/1.1 200
OK sustainability-1-952x500.jpg
www.gp.com/-/media/gp/images/alternating-images/homepage/ 61 KB
61 KB 401ms
133ms Image
image/webp 206.220.177.254
-Reserved AS-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gp.com/-/media/gp/images/alternating-images/homepage/sustainability-1-952x500.jpg
Requested by: Host: www.gp.com
URL: https://www.gp.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 206.220.177.254 , United States, ASN19254 (-Reserved AS-, ZZ),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: d5ff60a380c9b39742e6a7263ea799db5050e06d4794f1770603b618f976164c

Request headers

Referer: https://www.gp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 16 Jul 2019 12:28:17 GMT
Last-Modified: Mon, 08 Jan 2018 19:17:04 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept
Content-Type: image/webp
Cache-Control: private, max-age=604800
Content-Disposition: inline; filename="sustainability-1-952x500.webp"
Accept-Ranges: bytes
Content-Length: 62542
Expires: Tue, 23 Jul 2019 12:28:17 GMT

GET
H/1.1 200
OK georgia-pacific-community-engagement-2-952x500.jpg
www.gp.com/-/media/gp/images/alternating-images/homepage/ 66 KB
66 KB 406ms
137ms Image
image/webp 206.220.177.254
-Reserved AS-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gp.com/-/media/gp/images/alternating-images/homepage/georgia-pacific-community-engagement-2-952x500.jpg
Requested by: Host: www.gp.com
URL: https://www.gp.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 206.220.177.254 , United States, ASN19254 (-Reserved AS-, ZZ),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 713841f8c61718a1b858310c94b79643bd9104501f31c7ba92b473228ac39342

Request headers

Referer: https://www.gp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 16 Jul 2019 12:28:17 GMT
Last-Modified: Wed, 18 Apr 2018 14:13:15 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept
Content-Type: image/webp
Cache-Control: private, max-age=604800
Content-Disposition: inline; filename="georgia-pacific-community-engagement-2-952x500.webp"
Accept-Ranges: bytes
Content-Length: 67378
Expires: Tue, 23 Jul 2019 12:28:17 GMT

GET
H/1.1 200
OK georgia-pacific-community-engagement-3-952x500.jpg
www.gp.com/-/media/gp/images/alternating-images/homepage/ 59 KB
59 KB 398ms
133ms Image
image/webp 206.220.177.254
-Reserved AS-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gp.com/-/media/gp/images/alternating-images/homepage/georgia-pacific-community-engagement-3-952x500.jpg
Requested by: Host: www.gp.com
URL: https://www.gp.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 206.220.177.254 , United States, ASN19254 (-Reserved AS-, ZZ),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 3c4c103e39af6e6a4e06539be16c56e1208e19bb9148a4df438345ac627107e7

Request headers

Referer: https://www.gp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 16 Jul 2019 12:28:17 GMT
Last-Modified: Fri, 18 May 2018 13:29:54 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept
Content-Type: image/webp
Cache-Control: private, max-age=604800
Content-Disposition: inline; filename="georgia-pacific-community-engagement-3-952x500.webp"
Accept-Ranges: bytes
Content-Length: 60456
Expires: Tue, 23 Jul 2019 12:28:18 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:81f::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5GDL9V2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a4883cce814b6793c5bd6dd3639d6048ecab39a93a90b560d39a9fd0aff6e263

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 20 Jun 2019 21:35:04 GMT
server: Golfe2
age: 3668
date: Tue, 16 Jul 2019 11:27:39 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 17707
expires: Tue, 16 Jul 2019 13:27:39 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 23 KB
9 KB 34ms
34ms Script
text/javascript 172.217.16.162
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5GDL9V2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.162 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s11-in-f2.1e100.net

Software

cafe /

Resource Hash

8bcb1d5b7dc86d041b4f6e58de89ecadd65481559b688d52bcc64719aeaaf06b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 16 Jul 2019 12:28:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 8916
x-xss-protection: 0
server: cafe
etag: 409039483495873268
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 16 Jul 2019 12:28:47 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 53 KB
16 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.gp.com
URL: https://www.gp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

657f79c4d5a6ea502202651151811d195b49cf9cf22fd7f8edaeefe2f8cc8fc4

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.gp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Accept-Encoding
content-length: 16120
x-xss-protection: 0
pragma: public
x-fb-debug: 0Yk3U4WCzMhaO01+zyDlLDmlRftrZZwZYqn9B1ZHLZgv1f3hhXyc0xyzjMhTEagjWjdWzDXjA8NuJhl7PryNJQ==
x-fb-trip-id: 420120009
date: Tue, 16 Jul 2019 12:28:47 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 5 KB
2 KB 25ms
24ms Script
application/javascript 151.101.112.157
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.gp.com
URL: https://www.gp.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.112.157 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: /
Resource Hash: 319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5

Request headers

Referer: https://www.gp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 16 Jul 2019 12:28:47 GMT
content-encoding: gzip
age: 46880
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200
content-length: 1954
x-served-by: cache-hhn4067-HHN
last-modified: Tue, 23 Jan 2018 19:05:33 GMT
x-timer: S1563280127.369722,VS0,VE0
etag: "b7b33882a4f3ffd5cbf07434f3137166+gzip"
vary: Accept-Encoding,Host
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: no-cache
accept-ranges: bytes

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 15 KB
5 KB 8ms
7ms Script
application/x-javascript 2a02:26f0:6c00:29b::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.gp.com
URL: https://www.gp.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00:29b::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: bc9cef10d07e8da3ce80181de07a056414731f86e0dc12e2c81d652b28ac770b

Request headers

Referer: https://www.gp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 16 Jul 2019 12:28:47 GMT
Content-Encoding: gzip
Last-Modified: Mon, 03 Dec 2018 23:03:30 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=18717
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4571

GET
H/1.1

200
OK

bounce Show response
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/seg?add=12447961&t=1
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D12447961%26t%3D1

0
1002 B

25ms
24ms

Script
application/javascript

185.33.223.200
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D12447961%26t%3D1

Requested by

Host: www.gp.com
URL: https://www.gp.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.200 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

308.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.gp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 16 Jul 2019 12:28:52 GMT
AN-X-Request-Uuid: 3d7e9ea7-e9b6-48e1-ab78-cf129b37f8e9
Content-Type: application/javascript; charset=utf-8
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 89.39.105.174; 89.39.105.174; 308.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.75:80
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 16 Jul 2019 12:28:52 GMT
AN-X-Request-Uuid: 6803ed8b-dc52-4ffc-b4a9-4b2e3b9f8a33
Content-Type: text/html; charset=utf-8
Server: nginx/1.13.4
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D12447961%26t%3D1
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 89.39.105.174; 89.39.105.174; 308.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.72:80
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 dpx.js Show response
i.simpli.fi/ 2 KB
3 KB 7412ms
42ms Script
application/javascript 169.50.137.176
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to

Full URL

https://i.simpli.fi/dpx.js?cid=150932&action=100&segment=338-000089-001_GP_Day_Location_RT&m=1&sifi_tuid=71807

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5GDL9V2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.176 , United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),

Reverse DNS

b0.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

0843900120977b5d77b87ae738a718eba1f4b3b51cbc096c492435825668d8e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache, no-cache
date: Tue, 16 Jul 2019 12:28:54 GMT
x-content-type-options: nosniff
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
status: 200
cache-control: max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 1998
x-request-id: 2mou5vvsogovb8j2kk0dv812
expires: Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
111 B 6ms
6ms Image
image/gif 2a00:1450:4001:81f::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j77&a=930798016&t=pageview&_s=1&dl=https%3A%2F%2Fwww.gp.com%2F&ul=en-us&de=UTF-8&dt=Welcome%20to%20Georgia-Pacific&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YGBAgEAB~&jid=573894973&gjid=1097470376&cid=1834167279.1563280127&tid=UA-72388053-2&_gid=97626408.1563280127&gtm=2wg6q15GDL9V2&cd1=null&cd2=null&z=598701119

Requested by

Host: www.gp.com
URL: https://www.gp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jun 2019 19:54:53 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 3688434
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j77&tid=UA-72388053-2&cid=1834167279.1563280127&jid=573894973&gjid=1097470376&_gid=97626408.1563280127&_u=YGBAgEAB~&z=11953096
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-72388053-2&cid=1834167279.1563280127&jid=573894973&_v=j77&z=11953096
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-72388053-2&cid=1834167279.1563280127&jid=573894973&_v=j77&z=11953096&slf_rd=1&random=103987876

42 B
109 B

32ms
31ms

Image
image/gif

2a00:1450:4001:81c::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-72388053-2&cid=1834167279.1563280127&jid=573894973&_v=j77&z=11953096&slf_rd=1&random=103987876

Requested by

Host: www.gp.com
URL: https://www.gp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jul 2019 12:28:47 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 16 Jul 2019 12:28:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-72388053-2&cid=1834167279.1563280127&jid=573894973&_v=j77&z=11953096&slf_rd=1&random=103987876
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 996626470451497 Show response
connect.facebook.net/signals/config/ 21 KB
8 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/996626470451497?v=2.8.51&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

54b6cea4b68829685a05d7973fae7e24b9a35fcc1f00b332b66c8a1bfe2b9d61

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.gp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Origin, Accept-Encoding
content-length: 7674
x-xss-protection: 0
pragma: public
x-fb-debug: fJOd1mxGnScfTJTcGZXXDJ6TwcXcX7aMYoIZr3ua3vGXgTtJTCG7yJNrepDZaDZXRZ2Zlm50r2VUZlDcRx6gSg==
x-fb-trip-id: 420120009
date: Tue, 16 Jul 2019 12:28:47 GMT
x-frame-options: DENY
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
200 B 147ms
147ms Image
image/gif 104.244.42.69
Twitter Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?p_id=Twitter&p_user_id=0&txn_id=nvqg4&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0

Requested by

Host: www.gp.com
URL: https://www.gp.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.69 , United States, ASN13414 (TWITTER - Twitter Inc., US),

Reverse DNS

Software

tsa_f /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://twitter.com/i/xss_report

Request headers

Referer: https://www.gp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 16 Jul 2019 12:28:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
strict-transport-security: max-age=0
content-length: 65
x-xss-protection: 1; mode=block; report=https://twitter.com/i/xss_report
x-response-time: 116
pragma: no-cache
last-modified: Tue, 16 Jul 2019 12:28:47 GMT
server: tsa_f
x-frame-options: SAMEORIGIN
content-type: image/gif;charset=utf-8
x-transaction-id: 0050084500a684fb
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
perf: 6
x-connection-hash: 2cb9e219f7ec815ce884ec5c551e8a88
x-transaction: 0050084500a684fb
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
245 B 7ms
7ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=996626470451497&ev=PageView&dl=https%3A%2F%2Fwww.gp.com%2F&rl=&if=false&ts=1563280127395&sw=1600&sh=1200&v=2.8.51&r=stable&ec=0&o=28&fbp=fb.1.1563280127394.931705371&it=1563280127382&coo=false&rqm=GET

Requested by

Host: www.gp.com
URL: https://www.gp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.gp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 16 Jul 2019 12:28:47 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Tue, 16 Jul 2019 12:28:47 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
199 B 7ms
7ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=996626470451497&ev=ViewContent&dl=https%3A%2F%2Fwww.gp.com%2F&rl=&if=false&ts=1563280127396&sw=1600&sh=1200&v=2.8.51&r=stable&ec=1&o=28&fbp=fb.1.1563280127394.931705371&it=1563280127382&coo=false&rqm=GET

Requested by

Host: www.gp.com
URL: https://www.gp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.gp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 16 Jul 2019 12:28:47 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Tue, 16 Jul 2019 12:28:47 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/892803552/ 2 KB
1 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:81e::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/892803552/?random=1563280127399&cv=9&fst=1563280127399&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6q1&sendb=1&frm=0&url=https%3A%2F%2Fwww.gp.com%2F&tiba=Welcome%20to%20Georgia-Pacific&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

8670872a09ddde8a28fa1fcce6e80f71e78ceb8d3b8c09922bb0d7d8abfad073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jul 2019 12:28:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: text/javascript; charset=UTF-8
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 938
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/892803552/ 42 B
122 B 39ms
37ms Image
image/gif 2a00:1450:4001:808::2004
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/892803552/?random=1563280127399&cv=9&fst=1563278400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6q1&sendb=1&frm=0&url=https%3A%2F%2Fwww.gp.com%2F&tiba=Welcome%20to%20Georgia-Pacific&async=1&fmt=3&cdct=2&is_vtc=1&random=936665532&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.gp.com
URL: https://www.gp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jul 2019 12:28:47 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/892803552/ 42 B
110 B 29ms
28ms Image
image/gif 2a00:1450:4001:81c::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/892803552/?random=1563280127399&cv=9&fst=1563278400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6q1&sendb=1&frm=0&url=https%3A%2F%2Fwww.gp.com%2F&tiba=Welcome%20to%20Georgia-Pacific&async=1&fmt=3&cdct=2&is_vtc=1&random=936665532&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.gp.com
URL: https://www.gp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jul 2019 12:28:47 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H/1.1 200
OK publicsettings Show response
api.cludo.com/api/v3/553/9286/websites/ 0
446 B 1111ms
31ms XHR
text/plain 35.156.60.27
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://api.cludo.com/api/v3/553/9286/websites/publicsettings

Requested by

Host: www.gp.com
URL: https://www.gp.com/_js/cludo/search-script.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.156.60.27 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-35-156-60-27.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Access-Control-Request-Method: GET
Origin: https://www.gp.com
Referer: https://www.gp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers: authorization,content-type

Response headers

Date: Tue, 16 Jul 2019 12:28:49 GMT
Referrer-Policy: no-referrer-when-downgrade
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Allow-Origin: https://www.gp.com
X-Permitted-Cross-Domain-Policies: none
X-Content-Type-Options: nosniff
Connection: keep-alive
Access-Control-Allow-Headers: authorization,content-type
Content-Length: 0
X-XSS-Protection: 1; mode=block
X-LB: 2

GET
H2 200 www-widgetapi.js Show response
s.ytimg.com/yts/jsbin/www-widgetapi-vflPBjLfx/ 21 KB
8 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:814::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://s.ytimg.com/yts/jsbin/www-widgetapi-vflPBjLfx/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

1f0a166a9d871f1e11e7f24c885812e39ece64afa502c72bfbb766568bc8013d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 11 Jul 2019 16:51:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 416247
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 8141
x-xss-protection: 0
last-modified: Wed, 10 Jul 2019 23:54:29 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=691200
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Fri, 19 Jul 2019 16:51:20 GMT

GET
H2 200 HhyXU5sn9vOmLzG3L-CFMItgT7kJ.woff2
fonts.gstatic.com/s/dosis/v8/ 14 KB
14 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:820::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/dosis/v8/HhyXU5sn9vOmLzG3L-CFMItgT7kJ.woff2

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5GDL9V2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

73eea4b6484c2f0de916f77e5fe3270ee472d56294ae870824c0ebe337bc7572

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Dosis:400,600
Origin: https://www.gp.com

Response headers

date: Mon, 03 Jun 2019 02:23:56 GMT
x-content-type-options: nosniff
last-modified: Tue, 19 Feb 2019 22:45:28 GMT
server: sffe
age: 3751491
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 13952
x-xss-protection: 0
expires: Tue, 02 Jun 2020 02:23:56 GMT

GET
H2 200 HhyaU5sn9vOmLzloC_WoEoZK.woff2
fonts.gstatic.com/s/dosis/v8/ 14 KB
14 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:820::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/dosis/v8/HhyaU5sn9vOmLzloC_WoEoZK.woff2

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5GDL9V2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

d568385e79e3cc5c068f85d94ff786f2eee12432cd2110145ca58ba173bbb31a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Dosis:400,600
Origin: https://www.gp.com

Response headers

date: Tue, 18 Jun 2019 12:43:51 GMT
x-content-type-options: nosniff
last-modified: Tue, 19 Feb 2019 22:41:10 GMT
server: sffe
age: 2418296
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 14012
x-xss-protection: 0
expires: Wed, 17 Jun 2020 12:43:51 GMT

GET
H2

200

/ Show response
px.ads.linkedin.com/collect/
Redirect Chain

https://px.ads.linkedin.com/collect/?time=1563280128571&pid=48743&url=https%3A%2F%2Fwww.gp.com%2F&fmt=js&s=1
https://px.ads.linkedin.com/collect/?time=1563280128571&pid=48743&url=https%3A%2F%2Fwww.gp.com%2F&fmt=js&s=1&cookiesTest=true
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%2F%3Ftime%3D1563280128571%26pid%3D48743%26url%3Dhttps%253A%252F%252Fwww.gp.com%252F%26fmt%3Djs%26s%3D1%26coo...
https://px.ads.linkedin.com/collect/?time=1563280128571&pid=48743&url=https%3A%2F%2Fwww.gp.com%2F&fmt=js&s=1&cookiesTest=true&liSync=true

0
87 B

110ms
109ms

Script
application/javascript

2a05:f500:10:101::b93f:9105
LinkedIn Corporation

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/collect/?time=1563280128571&pid=48743&url=https%3A%2F%2Fwww.gp.com%2F&fmt=js&s=1&cookiesTest=true&liSync=true
Requested by: Host: www.gp.com
URL: https://www.gp.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:f500:10:101::b93f:9105 , Ireland, ASN14413 (LINKEDIN - LinkedIn Corporation, US),
Reverse DNS
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 16 Jul 2019 12:28:48 GMT
content-encoding: gzip
server: Play
vary: Accept-Encoding
x-li-fabric: prod-lva1
status: 200
x-li-proto: http/2
x-li-pop: prod-efr5
content-type: application/javascript
content-length: 20
x-li-uuid: imUqoP7isRVgedFsqysAAA==

Redirect headers

date: Tue, 16 Jul 2019 12:28:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 302
x-li-pop: prod-efr5
content-length: 20
x-li-uuid: 5iGMmf7isRUgGE2fjSsAAA==
pragma: no-cache
server: Play
x-frame-options: sameorigin
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
vary: Accept-Encoding
strict-transport-security: max-age=2592000
x-li-fabric: prod-lva1
location: https://px.ads.linkedin.com/collect/?time=1563280128571&pid=48743&url=https%3A%2F%2Fwww.gp.com%2F&fmt=js&s=1&cookiesTest=true&liSync=true
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store
content-security-policy: default-src *; connect-src 'self' static.licdn.com media.licdn.com static-exp1.licdn.com static-exp2.licdn.com media-exp1.licdn.com media-exp2.licdn.com https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id https://lnkd.demdex.net/event blob:; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' platform.linkedin.com spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; report-uri https://www.linkedin.com/platform-telemetry/csp?f=l
x-li-proto: http/2
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
268 B 153ms
153ms Script
application/javascript 104.244.42.195
Twitter Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?p_id=Twitter&p_user_id=0&txn_id=nvqg4&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fwww.gp.com%2F

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER - Twitter Inc., US),

Reverse DNS

Software

tsa_f /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://twitter.com/i/xss_report

Request headers

Referer: https://www.gp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 16 Jul 2019 12:28:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 1; mode=block; report=https://twitter.com/i/xss_report
x-response-time: 122
pragma: no-cache
last-modified: Tue, 16 Jul 2019 12:28:48 GMT
server: tsa_f
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 19e61219a1f8480080e474420f50aad9
x-transaction: 004b6e710090ad36
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H/1.1 200
OK arrow-white.svg
www.gp.com/_Images/svg/ 254 B
535 B 150ms
131ms Image
image/svg+xml 206.220.177.254
-Reserved AS-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gp.com/_Images/svg/arrow-white.svg
Requested by: Host: www.gp.com
URL: https://www.gp.com/_js/Main-bundle.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 206.220.177.254 , United States, ASN19254 (-Reserved AS-, ZZ),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: ea0065980a6f5f2de3e36219bfd743b89939d87b71006ac81e9baf172e33ef98

Request headers

Referer: https://www.gp.com/_css/styles.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 16 Jul 2019 12:28:17 GMT
ETag: "0bf58e7d32dd51:0"
Last-Modified: Fri, 28 Jun 2019 17:07:02 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Content-Type: image/svg+xml
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 254

GET
H/1.1 200
OK publicsettings Show response
api.cludo.com/api/v3/553/9286/websites/ 931 B
1 KB 39ms
39ms XHR
application/json 35.156.60.27
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://api.cludo.com/api/v3/553/9286/websites/publicsettings

Requested by

Host: www.gp.com
URL: https://www.gp.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.156.60.27 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-35-156-60-27.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

92fc00b036a03838bf5e4efb6ce785144bfaf8eb379c0e661daaad708a939c04

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://www.gp.com/
Origin: https://www.gp.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Authorization: SiteKey NTUzOjkyODY6U2VhcmNoS2V5
Content-type: application/json;charset=UTF-8

Response headers

Date: Tue, 16 Jul 2019 12:28:49 GMT
X-Content-Type-Options: nosniff
X-LB: 2
X-Permitted-Cross-Domain-Policies: none
Connection: keep-alive
Content-Length: 931
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: no-referrer-when-downgrade
Server: nginx
X-Cludo-Response-Time: 0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.gp.com
Cache-Control: no-cache
Expires: -1

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j77&a=930798016&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.gp.com%2F&ul=en-us&de=UTF-8&dt=Welcome%20to%20Georgia-Pacific&sd=24-bit&sr=1600x1200&vp=1585...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-72388053-2&cid=1834167279.1563280127&jid=2032593797&_gid=97626408.1563280127&gjid=1559129180&_v=j77&z=1455148647
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-72388053-2&cid=1834167279.1563280127&jid=2032593797&_v=j77&z=1455148647
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-72388053-2&cid=1834167279.1563280127&jid=2032593797&_v=j77&z=1455148647&slf_rd=1&random=3357795331

42 B
109 B

31ms
30ms

Image
image/gif

2a00:1450:4001:81c::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-72388053-2&cid=1834167279.1563280127&jid=2032593797&_v=j77&z=1455148647&slf_rd=1&random=3357795331

Requested by

Host: www.gp.com
URL: https://www.gp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jul 2019 12:28:50 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 16 Jul 2019 12:28:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-72388053-2&cid=1834167279.1563280127&jid=2032593797&_v=j77&z=1455148647&slf_rd=1&random=3357795331
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 p Show response
i.simpli.fi/ 742 B
1 KB 23ms
22ms Script
application/javascript 169.50.137.176
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to

Full URL

https://i.simpli.fi/p?cid=&cb=sifi_att_42656._hp

Requested by

Host: i.simpli.fi
URL: https://i.simpli.fi/dpx.js?cid=150932&action=100&segment=338-000089-001_GP_Day_Location_RT&m=1&sifi_tuid=71807

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.176 , United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),

Reverse DNS

b0.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

f3f16377223045afa68497baba381fb3d1d86d82ac62773960d41d7889bb76f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache, no-cache
date: Tue, 16 Jul 2019 12:28:54 GMT
x-content-type-options: nosniff
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="http://www.simplifi.com/w3c/Policies.xml", CP="ADMa DEVa PSAa PSDa OUR IND DSP NON COR"
status: 200
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type: application/javascript; charset=UTF-8
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 nexage
um.simpli.fi/ 43 B
361 B 318ms
19ms Image
image/gif 159.253.128.188
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/nexage

Requested by

Host: www.gp.com
URL: https://www.gp.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.253.128.188 Amsterdam, Netherlands, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),

Reverse DNS

bc.80.fd9f.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 16 Jul 2019 12:28:55 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
status: 200
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43

GET
H/1.1

200
OK

ProfilesEngineServlet
sync.intentiq.com/profiles_engine/
Redirect Chain

https://um.simpli.fi/intentiq
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=B08932A906C32D5D4469067E02F91D37

43 B
517 B

410ms
101ms

Image
image/gif

34.202.244.152
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=B08932A906C32D5D4469067E02F91D37
Requested by: Host: www.gp.com
URL: https://www.gp.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.202.244.152 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-202-244-152.compute-1.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

Referer: https://www.gp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 16 Jul 2019 12:28:54 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Tue, 16 Jul 2019 12:28:55 GMT
x-content-type-options: nosniff
server: nginx
access-control-allow-origin: *
location: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=B08932A906C32D5D4469067E02F91D37
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
status: 302
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154

GET
H2 200 pubmatic
um.simpli.fi/ 43 B
440 B 20ms
19ms Image
image/gif 159.253.128.188
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic

Requested by

Host: www.gp.com
URL: https://www.gp.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.253.128.188 Amsterdam, Netherlands, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),

Reverse DNS

bc.80.fd9f.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 16 Jul 2019 12:28:55 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
status: 200
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43

GET
H2 200 freewheel
um.simpli.fi/ 43 B
361 B 19ms
18ms Image
image/gif 159.253.128.188
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/freewheel

Requested by

Host: www.gp.com
URL: https://www.gp.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.253.128.188 Amsterdam, Netherlands, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),

Reverse DNS

bc.80.fd9f.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 16 Jul 2019 12:28:55 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
status: 200
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43

GET
H2

200

engine
pbid.pro-market.net/
Redirect Chain

https://um.simpli.fi/dtnx
https://fei.pro-market.net/engine?du=24;csync=BC80FD9F07C32D5D7DA18F5002A604CC;mimetype=img;
https://fei.pro-market.net/engine?du=24;csync=BC80FD9F07C32D5D7DA18F5002A604CC;mimetype=img;sr
https://cm.g.doubleclick.net/pixel?google_nid=datonics&google_cm&google_sc
https://cm.g.doubleclick.net/pixel?google_nid=datonics&google_cm=&google_sc=&google_tc=
https://pbid.pro-market.net/engine?du=53&mimetype=img&google_gid=CAESEIKXZQKkD0kdIIaa_NTlbHc&google_cver=1

43 B
416 B

23ms
14ms

Image
image/gif

2600:1901:0:8eee::
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pbid.pro-market.net/engine?du=53&mimetype=img&google_gid=CAESEIKXZQKkD0kdIIaa_NTlbHc&google_cver=1
Requested by: Host: www.gp.com
URL: https://www.gp.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1901:0:8eee:: , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a

Request headers

Referer: https://www.gp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jul 2019 12:28:56 GMT
via: 1.1 google
server: Apache-Coyote/1.1
anserver: gapp-eu-5.c.datonics-gcp-01.internal
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 1 Jan 1990 0:0:0 GMT

Redirect headers

pragma: no-cache
date: Tue, 16 Jul 2019 12:28:57 GMT
server: HTTP server (unknown)
location: https://pbid.pro-market.net/engine?du=53&mimetype=img&google_gid=CAESEIKXZQKkD0kdIIaa_NTlbHc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 302
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 315
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel.gif
load77.exelator.com/
Redirect Chain

https://um.simpli.fi/exelatem
https://loadm.exelator.com/load/?p=204&g=2191&simid=BC80FD9F07C32D5D7DA18F5002A604CC&j=0
https://loadm.exelator.com/load/?p=204&g=2191&simid=BC80FD9F07C32D5D7DA18F5002A604CC&j=0&xl8blockcheck=1
https://load77.exelator.com/pixel.gif

43 B
273 B

1366ms
27ms

Image
image/gif

195.181.175.9
CDN77

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://load77.exelator.com/pixel.gif
Requested by: Host: www.gp.com
URL: https://www.gp.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.181.175.9 Frankfurt am Main, Germany, ASN60068 (CDN77, GB),
Reverse DNS: frankfurt-2.cdn77.com
Software: CDN77-Turbo /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer: https://www.gp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 16 Jul 2019 12:28:57 GMT
last-modified: Wed, 25 Oct 2017 17:03:56 GMT
server: CDN77-Turbo
access-control-allow-origin: *
x-edge-location: frankfurtDE
etag: "59f0c3fc-2b"
x-cache: HIT
content-type: image/gif
status: 200
x-edge-ip: 195.181.175.2
x-age: 769103
accept-ranges: bytes
content-length: 43

Redirect headers

date: Tue, 16 Jul 2019 12:28:56 GMT
server: nginx/1.14.0
x-powered-by: Undertow/1
location: https://load77.exelator.com/pixel.gif
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
status: 302
cache-control: no-cache
access-control-allow-credentials: true
content-type: image/gif
content-length: 0

GET
H2 200 yahoo
um.simpli.fi/ 43 B
361 B 20ms
19ms Image
image/gif 159.253.128.188
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/yahoo

Requested by

Host: www.gp.com
URL: https://www.gp.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.253.128.188 Amsterdam, Netherlands, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),

Reverse DNS

bc.80.fd9f.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 16 Jul 2019 12:28:56 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
status: 200
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43

GET
H/1.1

204

sync
sync.bfmio.com/
Redirect Chain

https://um.simpli.fi/beachfront
https://sync.bfmio.com/sync?pid=141&uid=BC80FD9F07C32D5D7DA18F5002A604CC

0
421 B

656ms
101ms

Image
text/plain

34.205.245.130
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bfmio.com/sync?pid=141&uid=BC80FD9F07C32D5D7DA18F5002A604CC
Requested by: Host: www.gp.com
URL: https://www.gp.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.205.245.130 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-205-245-130.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Connection: keep-alive
Date: Tue, 16 Jul 2019 12:28:56 GMT

Redirect headers

date: Tue, 16 Jul 2019 12:28:56 GMT
x-content-type-options: nosniff
server: nginx
access-control-allow-origin: *
location: https://sync.bfmio.com/sync?pid=141&uid=BC80FD9F07C32D5D7DA18F5002A604CC
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
status: 302
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154

GET
H/1.1

200
OK

29931
stags.bluekai.com/site/
Redirect Chain

https://um.simpli.fi/bluekai
https://stags.bluekai.com/site/29931?id=BC80FD9F07C32D5D7DA18F5002A604CC

62 B
329 B

256ms
186ms

Image
image/gif

104.111.241.32
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stags.bluekai.com/site/29931?id=BC80FD9F07C32D5D7DA18F5002A604CC
Requested by: Host: www.gp.com
URL: https://www.gp.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.241.32 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-241-32.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Referer: https://www.gp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 16 Jul 2019 12:28:56 GMT
X-N: S
Connection: keep-alive
Content-Type: image/gif
Content-Length: 62
BK-Server: 7a4b
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

Redirect headers

date: Tue, 16 Jul 2019 12:28:56 GMT
x-content-type-options: nosniff
server: nginx
access-control-allow-origin: *
location: https://stags.bluekai.com/site/29931?id=BC80FD9F07C32D5D7DA18F5002A604CC
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
status: 302
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154

GET
H/1.1

200
OK

tpid=BC80FD9F07C32D5D7DA18F5002A604CC
bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/
Redirect Chain

https://um.simpli.fi/crwdcntrl
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=BC80FD9F07C32D5D7DA18F5002A604CC
https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=BC80FD9F07C32D5D7DA18F5002A604CC

49 B
935 B

45ms
44ms

Image
image/gif

99.81.69.137
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=BC80FD9F07C32D5D7DA18F5002A604CC
Requested by: Host: www.gp.com
URL: https://www.gp.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.81.69.137 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-99-81-69-137.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer: https://www.gp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 16 Jul 2019 12:28:59 GMT
P3P: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
Access-Control-Allow-Origin: *
Cache-Control: no-cache
X-Server: 10.45.27.85
Connection: keep-alive
Content-Type: image/gif
Content-Length: 49
Expires: 0

Redirect headers

Pragma: no-cache
Date: Tue, 16 Jul 2019 12:28:59 GMT
P3P: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
Location: https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=BC80FD9F07C32D5D7DA18F5002A604CC
Cache-Control: no-cache
X-Server: 10.45.15.163
Connection: keep-alive
Content-Length: 0
Expires: 0

GET
H/1.1

204
No Content

merge
ce.lijit.com/
Redirect Chain

https://um.simpli.fi/lj_match
https://ce.lijit.com/merge?pid=2&3pid=BC80FD9F07C32D5D7DA18F5002A604CC

0
532 B

3126ms
21ms

Image
text/html

72.251.249.14
Internap Corporation

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=BC80FD9F07C32D5D7DA18F5002A604CC
Requested by: Host: www.gp.com
URL: https://www.gp.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET - Internap Corporation, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 16 Jul 2019 12:28:59 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ap1ams1
Content-Type: text/html;charset=utf-8
X-Application-Context: application:prod:9080
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date: Tue, 16 Jul 2019 12:28:56 GMT
x-content-type-options: nosniff
server: nginx
access-control-allow-origin: *
location: https://ce.lijit.com/merge?pid=2&3pid=BC80FD9F07C32D5D7DA18F5002A604CC
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
status: 302
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154

GET
H2

204

419566.gif
idsync.rlcdn.com/
Redirect Chain

https://um.simpli.fi/liveramp_match
https://idsync.rlcdn.com/419566.gif?partner_uid=BC80FD9F07C32D5D7DA18F5002A604CC

0
62 B

3220ms
138ms

Image
text/plain

34.95.92.78
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/419566.gif?partner_uid=BC80FD9F07C32D5D7DA18F5002A604CC
Requested by: Host: www.gp.com
URL: https://www.gp.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.92.78 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 78.92.95.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 204
date: Tue, 16 Jul 2019 12:29:00 GMT
via: 1.1 google
alt-svc: clear

Redirect headers

date: Tue, 16 Jul 2019 12:28:56 GMT
x-content-type-options: nosniff
server: nginx
access-control-allow-origin: *
location: https://idsync.rlcdn.com/419566.gif?partner_uid=BC80FD9F07C32D5D7DA18F5002A604CC
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
status: 302
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154

GET
H2

200

aa_px
um.simpli.fi/
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9201915418
https://d.agkn.com/pixel/5502/?sk=164860503118000342802&pd=&l0=https://um.simpli.fi/aa_px?sk=164860503118000342802
https://um.simpli.fi/aa_px?sk=164860503118000342802

43 B
228 B

20ms
18ms

Image
image/gif

159.253.128.188
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://um.simpli.fi/aa_px?sk=164860503118000342802
Requested by: Host: www.gp.com
URL: https://www.gp.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 159.253.128.188 Amsterdam, Netherlands, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS: bc.80.fd9f.ip4.static.sl-reverse.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.gp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jul 2019 12:28:57 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 16 Jul 2019 12:28:56 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://um.simpli.fi/aa_px?sk=164860503118000342802
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

/
www.google.de/pagead/1p-conversion/1026675585/
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1026675585/?random=1563280134790&cv=7&fst=1563280134790&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=1561544261&cv=7&fst=*&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=f...
https://www.google.com/pagead/1p-conversion/1026675585/?random=1561544261&cv=7&fst=*&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&gtd...
https://www.google.de/pagead/1p-conversion/1026675585/?random=1561544261&cv=7&fst=*&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&gtd=...

42 B
110 B

23ms
22ms

Image
image/gif

2a00:1450:4001:81c::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/1026675585/?random=1561544261&cv=7&fst=*&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&gtd=&cdct=2&is_vtc=1&ocp_id=CMMtXeayNMTm3wP3_Y64Bw&random=2189339049&ipr=y

Requested by

Host: www.gp.com
URL: https://www.gp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jul 2019 12:28:56 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 16 Jul 2019 12:28:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/pagead/1p-conversion/1026675585/?random=1561544261&cv=7&fst=*&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&gtd=&cdct=2&is_vtc=1&ocp_id=CMMtXeayNMTm3wP3_Y64Bw&random=2189339049&ipr=y
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200

partner
sync.search.spotxchange.com/
Redirect Chain

https://um.simpli.fi/spotx_match
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=BC80FD9F07C32D5D7DA18F5002A604CC
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=BC80FD9F07C32D5D7DA18F5002A604CC&__user_check__=1&sync_id=48cd110d-a7c5-11e9-8086-1f057aaa0e06

43 B
525 B

22ms
22ms

Image
image/gif

185.94.180.126
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=7797&uid=BC80FD9F07C32D5D7DA18F5002A604CC&__user_check__=1&sync_id=48cd110d-a7c5-11e9-8086-1f057aaa0e06
Requested by: Host: www.gp.com
URL: https://www.gp.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.94.180.126 , Netherlands, ASN35220 (SPOTX-AMS, NL),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer: https://www.gp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 16 Jul 2019 12:28:58 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 42
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Tue, 16 Jul 2019 12:28:58 GMT
Server: nginx
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Location: /partner?adv_id=7797&uid=BC80FD9F07C32D5D7DA18F5002A604CC&__user_check__=1&sync_id=48cd110d-a7c5-11e9-8086-1f057aaa0e06
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 131
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

setuid
ib.adnxs.com/
Redirect Chain

https://um.simpli.fi/an
https://ib.adnxs.com/setuid?entity=66&code=BC80FD9F07C32D5D7DA18F5002A604CC

43 B
860 B

1077ms
19ms

Image
image/gif

185.33.223.218
AppNexus

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=66&code=BC80FD9F07C32D5D7DA18F5002A604CC

Requested by

Host: www.gp.com
URL: https://www.gp.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.218 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

313.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.gp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 16 Jul 2019 12:29:00 GMT
AN-X-Request-Uuid: bcc77b22-5be1-43fd-a78d-d66759de54b6
Content-Type: image/gif
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 89.39.105.174; 89.39.105.174; 313.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.107:80
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

date: Tue, 16 Jul 2019 12:28:57 GMT
x-content-type-options: nosniff
server: nginx
access-control-allow-origin: *
location: https://ib.adnxs.com/setuid?entity=66&code=BC80FD9F07C32D5D7DA18F5002A604CC
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
status: 302
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154

GET
H/1.1

200
OK

rtset
bh.contextweb.com/bh/
Redirect Chain

https://um.simpli.fi/cw_match
https://bh.contextweb.com/bh/rtset?do=add&pid=537085&ev=BC80FD9F07C32D5D7DA18F5002A604CC

49 B
628 B

3117ms
42ms

Image
image/gif

151.101.112.166
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bh.contextweb.com/bh/rtset?do=add&pid=537085&ev=BC80FD9F07C32D5D7DA18F5002A604CC
Requested by: Host: www.gp.com
URL: https://www.gp.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.112.166 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: Jetty(9.4.7.v20170914) /
Resource Hash: d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Request headers

Referer: https://www.gp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 16 Jul 2019 12:29:00 GMT
Via: 1.1 varnish
X-Cache: MISS
P3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
Connection: keep-alive
Content-Length: 49
X-Served-By: cache-hhn4065-HHN
Server: Jetty(9.4.7.v20170914)
Vary: Accept-Encoding
Content-Language: en
Expires: -1
Cache-Control: private, max-age=0, no-cache, no-store
Accept-Ranges: bytes
Content-Type: image/gif;charset=iso-8859-1
Cw-Server: bh-deployment-6cc768f58-s72d8
X-Cache-Hits: 0

Redirect headers

date: Tue, 16 Jul 2019 12:28:57 GMT
x-content-type-options: nosniff
server: nginx
access-control-allow-origin: *
location: https://bh.contextweb.com/bh/rtset?do=add&pid=537085&ev=BC80FD9F07C32D5D7DA18F5002A604CC
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
status: 302
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/
Redirect Chain

https://um.simpli.fi/rb_match
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=BC80FD9F07C32D5D7DA18F5002A604CC&expires=365

42 B
371 B

155ms
32ms

Image
image/gif

69.173.144.165
The Rubicon Project

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=BC80FD9F07C32D5D7DA18F5002A604CC&expires=365
Requested by: Host: www.gp.com
URL: https://www.gp.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software: Rubicon Project /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.gp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 16 Jul 2019 12:28:57 GMT
Server: Rubicon Project
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
X-RPHost: WceauyoFqYl2fOxhrsBsrA
Expires: 0

Redirect headers

date: Tue, 16 Jul 2019 12:28:58 GMT
x-content-type-options: nosniff
server: nginx
access-control-allow-origin: *
location: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=BC80FD9F07C32D5D7DA18F5002A604CC&expires=365
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
status: 302
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154

GET
H2

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://um.simpli.fi/ox_match
https://us-u.openx.net/w/1.0/sd?id=537072966&val=BC80FD9F07C32D5D7DA18F5002A604CC
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=BC80FD9F07C32D5D7DA18F5002A604CC

43 B
256 B

20ms
19ms

Image
image/gif

173.241.240.143
OPENX TECHNOLOGIES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=BC80FD9F07C32D5D7DA18F5002A604CC
Requested by: Host: www.gp.com
URL: https://www.gp.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.241.240.143 Amsterdam, Netherlands, ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US),
Reverse DNS: ox-173-241-240-143.xa.dc.openx.org
Software: OXGW/16.146.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://www.gp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jul 2019 12:28:58 GMT
server: OXGW/16.146.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
status: 200
cache-control: private, max-age=0, no-cache
content-type: image/gif
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

status: 302
date: Tue, 16 Jul 2019 12:28:58 GMT
server: OXGW/16.146.0
content-length: 0
location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=BC80FD9F07C32D5D7DA18F5002A604CC
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H2

204

g_match
um.simpli.fi/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc
https://um.simpli.fi/g_match?id=&google_gid=CAESEL1r_62qOzGXDBqmvaaY1ZY&google_cver=1
https://um.simpli.fi/match_redirect?sifi_redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsimplifi%26google_hm%3D%24UID
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=BC80FD9F07C32D5D7DA18F5002A604CC
https://um.simpli.fi/g_match?id=

0
272 B

20ms
19ms

Image
text/plain

159.253.128.188
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/g_match?id=

Requested by

Host: www.gp.com
URL: https://www.gp.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.253.128.188 Amsterdam, Netherlands, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),

Reverse DNS

bc.80.fd9f.ip4.static.sl-reverse.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 204
date: Tue, 16 Jul 2019 12:28:57 GMT
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS

Redirect headers

pragma: no-cache
date: Tue, 16 Jul 2019 12:28:57 GMT
server: HTTP server (unknown)
location: https://um.simpli.fi/g_match?id=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 302
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 229
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

97 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aa.agkn.com
analytics.twitter.com
api.cludo.com
bcp.crwdcntrl.net
bh.contextweb.com
ce.lijit.com
cm.g.doubleclick.net
connect.facebook.net
d.agkn.com
fei.pro-market.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.simpli.fi
ib.adnxs.com
idsync.rlcdn.com
load77.exelator.com
loadm.exelator.com
pbid.pro-market.net
pixel.rubiconproject.com
px.ads.linkedin.com
s.ytimg.com
secure.adnxs.com
snap.licdn.com
stags.bluekai.com
static.ads-twitter.com
stats.g.doubleclick.net
sync.bfmio.com
sync.intentiq.com
sync.search.spotxchange.com
t.co
um.simpli.fi
us-u.openx.net
www.facebook.com
www.gapac.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gp.com
www.linkedin.com
www.youtube.com
104.111.241.32
104.244.42.195
104.244.42.69
147.75.102.200
151.101.112.157
151.101.112.166
159.253.128.188
169.50.137.176
172.217.16.162
172.217.21.226
173.241.240.143
18.194.129.92
185.33.223.200
185.33.223.218
185.94.180.126
195.181.175.9
206.220.177.254
212.95.239.234
2600:1901:0:8eee::
2a00:1450:4001:808::2004
2a00:1450:4001:814::200e
2a00:1450:4001:815::200e
2a00:1450:4001:81c::2003
2a00:1450:4001:81c::2008
2a00:1450:4001:81e::2002
2a00:1450:4001:81f::200e
2a00:1450:4001:820::2003
2a00:1450:4001:824::200a
2a00:1450:400c:c0b::9b
2a02:26f0:6c00:29b::25ea
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a05:f500:10:101::b93f:9101
2a05:f500:10:101::b93f:9105
34.202.244.152
34.205.245.130
34.95.92.78
35.156.60.27
35.177.239.109
69.173.144.165
72.251.249.14
99.81.69.137
0843900120977b5d77b87ae738a718eba1f4b3b51cbc096c492435825668d8e9
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
130d7d156b574f280fc9526311c8a0ea847e6ed075217419364ec6aaa8385c4d
1570dded06259ba4b575ae7472e109bf9c59352d7d31435c485fa000f7cb6526
1719f6580a787e2868d91118ce6ba052eb179160a5e9cec05d846079a8d29b94
1f0a166a9d871f1e11e7f24c885812e39ece64afa502c72bfbb766568bc8013d
27e965672c944b3035b0a6904aa4bbba67eb93f934eff9f633ee243f7a07bfd9
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5
3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a
3a59a7ed34c74d30db647be7613dfae4cf34aa5e0239f8fcb8efe15b1f0638e0
3c4c103e39af6e6a4e06539be16c56e1208e19bb9148a4df438345ac627107e7
3e7fc132cff12312f6a0cb1bd4a46c1b66e134b046e2e10aede9ce75fbb403e3
41f068b41c5f1bcb425cbeb45c7084284104886175a1bc1d6a362e5e2290e30c
481864cd3df440bc8fe18ea1ac88c686f6bbb1b7c5a6efebc4e19a3dcfb48a4d
48ad43b336f908b247d3162b98ed6362c292f44c781b5068d1bb04bf84e109de
499c1fdff3199794372fdce5bdd0f0d56140104457f01f87d5dcc143b3ac2b6a
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
51a4fe3b6048bf2baf5895a3b66f5e798d7f881649466d13bd8e8ad1601759c0
54b6cea4b68829685a05d7973fae7e24b9a35fcc1f00b332b66c8a1bfe2b9d61
601eacb67ee3ff944b4c98e43e49a70aff435fca669fb2cdef14dbf2ba8abff0
610985b5e6bc9bdd628d399a34768004b9ca0a7e1db76ecdd9171936ace82132
657f79c4d5a6ea502202651151811d195b49cf9cf22fd7f8edaeefe2f8cc8fc4
67dc02bf4b4d4f4d1c7f4b02a1a30685ab66440dad5ad2d199d4dcc4072565e3
713841f8c61718a1b858310c94b79643bd9104501f31c7ba92b473228ac39342
73eea4b6484c2f0de916f77e5fe3270ee472d56294ae870824c0ebe337bc7572
7635e8a9360ec657e938bf986a9517eb4f8f06d899c8b8f4f62af5cb2f6c6189
77991101b09a5d8b4438cadbc4466ac4b954f82bc6841128507db95074054139
8069dd321eae1e5ea747c2c75d713d1864612667330c5715a786ee69e38db491
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8670872a09ddde8a28fa1fcce6e80f71e78ceb8d3b8c09922bb0d7d8abfad073
8bcb1d5b7dc86d041b4f6e58de89ecadd65481559b688d52bcc64719aeaaf06b
9087926d250206f8028fbaed397502380165726ee12acb92c952ee47e6f0bc3b
92fc00b036a03838bf5e4efb6ce785144bfaf8eb379c0e661daaad708a939c04
9624d14733a85fd37bc3b4cfaaa78dc76c2a81a5ecf32d3342fd46595535d09d
96a59619e07e1f0b41603e0fa7088c0b4f1c45a191b4be1c7246a53cb05abd16
9dae157a87bc1472539e661b05534283e6e0276c5cdfa9f7d27a36c0c09d2fdf
a4883cce814b6793c5bd6dd3639d6048ecab39a93a90b560d39a9fd0aff6e263
a66a6b675af35607bfd0d4c43104c4fcbe33e795e1d9123d4f447438a7bcf90f
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acfc3f95806ad86712c283eafa368d3d23393e687cf2a25dc9102ec8cef7a016
bc9cef10d07e8da3ce80181de07a056414731f86e0dc12e2c81d652b28ac770b
c6154bfdbc57a90fac6563e85120934d271ca98ec709147c99896b3e500b79cc
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
ced26106dd286b53848d95abebd29a5af8927e5c20efa27a2e5ed58714ce2f33
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfc4291a1bd912621561e76e59e94cf4a3fd76520b18dae728dd4d6956a11c65
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d1d6cc97c58877b134b36847c20ea6e3cdeb61bd326c7604ba839b4da83fa52d
d568385e79e3cc5c068f85d94ff786f2eee12432cd2110145ca58ba173bbb31a
d5ff60a380c9b39742e6a7263ea799db5050e06d4794f1770603b618f976164c
d985926060846ba345b5289640a8dc108a5756ec64aa37e5b00a05a2d1843239
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
ea0065980a6f5f2de3e36219bfd743b89939d87b71006ac81e9baf172e33ef98
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f19116e35e066d19b2699c85e6d70c249ddb49146974c37fb868d285f072bca5
f3f16377223045afa68497baba381fb3d1d86d82ac62773960d41d7889bb76f8
fa312ba27249f5aaffb43f1997558c30d2768f6823200ed7deb325b80aec78c9

www.gp.com Open in urlscan Pro 206.220.177.254 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

79 Requests

100 %HTTPS

38 %IPv6

35 Domains

43 Subdomains

35 IPs

8 Countries

1201 kBTransfer

2240 kBSize

0 Cookies

8 Outgoing links

Page URL History

Redirected requests

79 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.gp.com Open in urlscan Pro
206.220.177.254 Public Scan

Screenshot
Live screenshot

Full Image

79
Requests

100 %
HTTPS

38 %
IPv6

35
Domains

43
Subdomains

35
IPs

8
Countries

1201 kB
Transfer

2240 kB
Size

0
Cookies

79 HTTP transactions
0 data transactions