noteweekend.com Open in urlscan Pro
35.202.21.90 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://rw176.keap-link005.com/v2/click/409122d9d6fa47a0f632f83f78277497/eJyNj00LgkAQhv_LnCXRUHNvIiKieYg6x6IDLeq6bGMi4n9vrfBU0H...
Effective URL:
https://noteweekend.com/?inf_contact_key=5bc08ee2d365e048843b155097cfdd716788fa119d7a85871833ad8b0831730e
Submission: On April 25 via manual (April 25th 2023, 7:20:22 pm UTC) from US — Scanned from DE

Summary HTTP 61 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 24 IPs in 2 countries across 21 domains to perform 61 HTTP transactions. The main IP is 35.202.21.90, located in Council Bluffs, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is noteweekend.com.
TLS certificate: Issued by R3 on March 16th 2023. Valid for: 3 months.

This is the only time noteweekend.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	34.149.35.41 34.149.35.41	15169 (GOOGLE) (GOOGLE)
1 3	35.202.21.90 35.202.21.90	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
5	34.107.203.240 34.107.203.240	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
1	18.66.122.74 18.66.122.74	16509 (AMAZON-02) (AMAZON-02)
7	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2001:4860:480... 2001:4860:4802:32::15	15169 (GOOGLE) (GOOGLE)
1	52.92.133.32 52.92.133.32	16509 (AMAZON-02) (AMAZON-02)
9	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
2	2606:4700:310... 2606:4700:3108::ac42:28e6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	35.192.151.63 35.192.151.63	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 2	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2006	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2016	15169 (GOOGLE) (GOOGLE)
1	54.243.70.123 54.243.70.123	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1	2600:9000:223... 2600:9000:223c:d600:8:8845:1500:93a1	16509 (AMAZON-02) (AMAZON-02)
1	52.205.24.151 52.205.24.151	14618 (AMAZON-AES) (AMAZON-AES)
1 1	2600:1f18:730... 2600:1f18:730:b140:da14:81b8:2274:6bb2	14618 (AMAZON-AES) (AMAZON-AES)
1	44.194.121.192 44.194.121.192	14618 (AMAZON-AES) (AMAZON-AES)
2	50.112.129.245 50.112.129.245	16509 (AMAZON-02) (AMAZON-02)
61	24

1 34.149.35.41 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 41.35.149.34.bc.googleusercontent.com

rw176.keap-link005.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.202.21.90 (Council Bluffs, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 90.21.202.35.bc.googleusercontent.com

noteweekend.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
scottcarson.lpages.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.107.203.240 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 240.203.107.34.bc.googleusercontent.com

static.leadpages.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
embed.lpcontent.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.122.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-74.fra60.r.cloudfront.net

widgets.bumpsale.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:4860:4802:32::15 (United States)

ASN15169 (GOOGLE, US)

js.center.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.92.133.32 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2.amazonaws.com

s3-us-west-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3108::ac42:28e6 (United States)

ASN13335 (CLOUDFLARENET, US)

assets.calendly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.192.151.63 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 63.151.192.35.bc.googleusercontent.com

api.leadpages.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.243.70.123 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-243-70-123.compute-1.amazonaws.com

stats.pusher.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:d600:8:8845:1500:93a1 (United States)

ASN16509 (AMAZON-02, US)

b-code.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.205.24.151 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-205-24-151.compute-1.amazonaws.com

idx.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:730:b140:da14:81b8:2274:6bb2 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

rp.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.194.121.192 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-194-121-192.compute-1.amazonaws.com

rp4.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 50.112.129.245 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-50-112-129-245.us-west-2.compute.amazonaws.com

ckjjzdn8vk.execute-api.us-west-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	youtube.com www.youtube.com — Cisco Umbrella Rank: 87	862 KB
7	gstatic.com fonts.gstatic.com www.gstatic.com	110 KB
6	leadpages.io api.leadpages.io — Cisco Umbrella Rank: 51834	3 KB
6	googleusercontent.com lh3.googleusercontent.com — Cisco Umbrella Rank: 143	614 KB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 119 jnn-pa.googleapis.com — Cisco Umbrella Rank: 310	33 KB
4	liadm.com 1 redirects b-code.liadm.com — Cisco Umbrella Rank: 3443 idx.liadm.com — Cisco Umbrella Rank: 3099 rp.liadm.com — Cisco Umbrella Rank: 2091 rp4.liadm.com — Cisco Umbrella Rank: 5523	15 KB
4	center.io js.center.io — Cisco Umbrella Rank: 59011	15 KB
4	leadpages.net static.leadpages.net — Cisco Umbrella Rank: 56229	183 KB
3	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 67 static.doubleclick.net — Cisco Umbrella Rank: 390	1 KB
3	amazonaws.com s3-us-west-2.amazonaws.com ckjjzdn8vk.execute-api.us-west-2.amazonaws.com — Cisco Umbrella Rank: 45667	49 KB
2	calendly.com assets.calendly.com — Cisco Umbrella Rank: 25975	17 KB
2	noteweekend.com 1 redirects noteweekend.com	27 KB
1	pusher.com stats.pusher.com — Cisco Umbrella Rank: 11039	75 B
1	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 209	3 KB
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 108	29 KB
1	google.com www.google.com — Cisco Umbrella Rank: 16	14 KB
1	lpages.co scottcarson.lpages.co	41 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 344	17 KB
1	lpcontent.net embed.lpcontent.net — Cisco Umbrella Rank: 87785	15 KB
1	bumpsale.co widgets.bumpsale.co	69 KB
1	keap-link005.com 1 redirects rw176.keap-link005.com	210 B
61	21

	Domain	Requested by
9	www.youtube.com	noteweekend.com www.youtube.com
6	api.leadpages.io	js.center.io embed.lpcontent.net
6	lh3.googleusercontent.com	noteweekend.com
5	fonts.gstatic.com	fonts.googleapis.com www.youtube.com
4	jnn-pa.googleapis.com	www.youtube.com
4	js.center.io	noteweekend.com js.center.io scottcarson.lpages.co
4	static.leadpages.net	noteweekend.com static.leadpages.net scottcarson.lpages.co
2	ckjjzdn8vk.execute-api.us-west-2.amazonaws.com	s3-us-west-2.amazonaws.com
2	www.gstatic.com	www.youtube.com www.gstatic.com
2	googleads.g.doubleclick.net	1 redirects www.youtube.com
2	assets.calendly.com	noteweekend.com
2	fonts.googleapis.com	noteweekend.com scottcarson.lpages.co
2	noteweekend.com	1 redirects
1	rp4.liadm.com
1	rp.liadm.com	1 redirects
1	idx.liadm.com	b-code.liadm.com
1	b-code.liadm.com	s3-us-west-2.amazonaws.com
1	stats.pusher.com	widgets.bumpsale.co
1	yt3.ggpht.com	www.youtube.com
1	i.ytimg.com	www.youtube.com
1	www.google.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	scottcarson.lpages.co	embed.lpcontent.net
1	s3-us-west-2.amazonaws.com	noteweekend.com
1	cdnjs.cloudflare.com	noteweekend.com
1	embed.lpcontent.net	noteweekend.com
1	widgets.bumpsale.co	noteweekend.com
1	rw176.keap-link005.com	1 redirects
61	28

This site contains links to these domains. Also see Links.

Domain
calendly.com
rw176.infusionsoft.com
www.facebook.com
twitter.com
www.linkedin.com
instagram.com
youtube.com
pages.leadpages.net

Subject Issuer	Validity	Valid
noteweekend.com R3	`2023-03-16` - `2023-06-14`	3 months	crt.sh
static.leadpages.net GTS CA 1D4	`2023-04-25` - `2023-07-24`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
bumpsale.co Amazon RSA 2048 M01	`2023-03-01` - `2023-11-03`	8 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
embed.lpcontent.net GTS CA 1D4	`2023-04-11` - `2023-07-10`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
js.center.io GTS CA 1D4	`2023-03-25` - `2023-06-23`	3 months	crt.sh
*.s3-us-west-2.amazonaws.com Amazon	`2022-09-21` - `2023-08-24`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
calendly.com Cloudflare Inc ECC CA-3	`2023-04-09` - `2024-04-08`	a year	crt.sh
*.lpages.co R3	`2023-02-21` - `2023-05-22`	3 months	crt.sh
*.leadpages.io Go Daddy Secure Certificate Authority - G2	`2022-10-27` - `2023-10-22`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.pusher.com Gandi Standard SSL CA 2	`2023-04-11` - `2024-04-21`	a year	crt.sh
*.liadm.com Amazon RSA 2048 M02	`2023-02-28` - `2024-01-30`	a year	crt.sh
*.execute-api.us-west-2.amazonaws.com Amazon RSA 2048 M02	`2023-03-17` - `2023-07-31`	5 months	crt.sh

This page contains 5 frames:

Primary Page: https://noteweekend.com/?inf_contact_key=5bc08ee2d365e048843b155097cfdd716788fa119d7a85871833ad8b0831730e
Frame ID: 5C9DC91F504EFB4684852EC18C9D5143
Requests: 31 HTTP requests in this frame

Frame: https://www.youtube.com/embed/JT9k7ujJ52o
Frame ID: 7FF41AC92333A85226085648A65C4F14
Requests: 21 HTTP requests in this frame

Frame: https://scottcarson.lpages.co/serve-leadbox/waFExEnPvLfxTaULHJYz8d/?inf_contact_key=5bc08ee2d365e048843b155097cfdd716788fa119d7a85871833ad8b0831730e
Frame ID: BDE14708A8698DFAEC644018D9889700
Requests: 5 HTTP requests in this frame

Frame: https://js.center.io/identify.html
Frame ID: BC62C55139DBF9C0A0D2284CE081D08D
Requests: 1 HTTP requests in this frame

Frame: https://js.center.io/identify.html
Frame ID: 7FA0FAEE1CA28599E48B1149BF910A28
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Note Weekend

Page URL History Show full URLs

https://rw176.keap-link005.com/v2/click/409122d9d6fa47a0f632f83f78277497/eJyNj00LgkAQhv_LnCXRUHNvIiKieYg6x6... HTTP 303
http://noteweekend.com/?inf_contact_key=5bc08ee2d365e048843b155097cfdd716788fa119d7a85871833ad8b083... HTTP 301
https://noteweekend.com/?inf_contact_key=5bc08ee2d365e048843b155097cfdd716788fa119d7a85871833ad8b083... Page URL

Detected technologies

Calendly (Appointment scheduling) Expand

Overall confidence: 100%
Detected patterns

https://assets\.calendly\.com/assets/external/widget\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Moment.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

moment(?:\.min)?\.js

Page Statistics

61
Requests

97 %
HTTPS

60 %
IPv6

21
Domains

28
Subdomains

24
IPs

2
Countries

2116 kB
Transfer

5081 kB
Size

10
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://calendly.com/1scottcarson/30-minute-meeting
Title: .css-1m3wyde{display:inline-block;vertical-align:middle;max-width:1080px;}@media (max-width:530px){.site-header .composite .widget .css-1m3wyde{max-width:calc(100% - 80px);}}

Search URL Search Domain Scan URL

URL: https://rw176.infusionsoft.com/app/manageCart/addProduct?productId=133
Title: .css-12tbp2t{display:inline-block;vertical-align:middle;max-width:600px;}@media (max-width:530px){.site-header .composite .widget .css-12tbp2t{max-width:calc(100% - 80px);}}

Search URL Search Domain Scan URL

URL: https://www.facebook.com/1scottcarson/
Title: .css-4e78w1{position:absolute;height:1px;width:1px;overflow:hidden;-webkit-clip:rect(1px 1px 1px 1px);clip:rect(1px 1px 1px 1px);-webkit-clip:rect(1px,1px,1px,1px);clip:rect(1px,1px,1px,1px);white-space:nowrap;}Share on Facebook.css-168f5rq{color:white;}

Search URL Search Domain Scan URL

URL: https://twitter.com/1scottcarson
Title: Share on Twitter

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/in/1scottcarson/
Title: Share on LinkedIn

Search URL Search Domain Scan URL

URL: http://instagram.com/1scottcarson
Title: Share on Instagram

Search URL Search Domain Scan URL

URL: http://youtube.com/weclosenotes
Title: Share on Youtube

Search URL Search Domain Scan URL

URL: https://pages.leadpages.net/
Title: Privacy Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://rw176.keap-link005.com/v2/click/409122d9d6fa47a0f632f83f78277497/eJyNj00LgkAQhv_LnCXRUHNvIiKieYg6x6IDLeq6bGMi4n9vrfBU0HHej2d4ZyCUXFJWAwM9OoEPFmishBIoKe4l8eplum7gek5oQStkk-p-UMDmb-XNX9WD7-89C2hSaCLnUxTnWZlei6zMTVRxbZ78wwkDx9tvnOQYZQUsy08wdoKSh2HfgZEecJ1UCzOLLro1-RuRYrYte8IRsUFZ76q-M0WulDk-s3Oc3vXlCXh2Xvs= HTTP 303
http://noteweekend.com/?inf_contact_key=5bc08ee2d365e048843b155097cfdd716788fa119d7a85871833ad8b0831730e HTTP 301
https://noteweekend.com/?inf_contact_key=5bc08ee2d365e048843b155097cfdd716788fa119d7a85871833ad8b0831730e Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 29

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 54

https://rp.liadm.com/j?dtstmp=1682450416598&se=e30&duid=a8fde2a3b9ba--01gywxr0tvgt70v90ra9127ekh&tna=v2.7.1&pu=https%3A%2F%2Fnoteweekend.com%2F%3Finf_contact_key%3D5bc08ee2d365e048843b155097cfdd716788fa119d7a85871833ad8b0831730e&wpn=lc-bundle HTTP 302
https://rp4.liadm.com/j?dtstmp=1682450416598&se=e30&duid=a8fde2a3b9ba--01gywxr0tvgt70v90ra9127ekh&tna=v2.7.1&pu=https%3A%2F%2Fnoteweekend.com%2F%3Finf_contact_key%3D5bc08ee2d365e048843b155097cfdd716788fa119d7a85871833ad8b0831730e&wpn=lc-bundle&i6=MjAwMToxYjYwOjI6MjQwOjMyNDc6OjI%3D&n3pc=true

61 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
noteweekend.com/
Redirect Chain

https://rw176.keap-link005.com/v2/click/409122d9d6fa47a0f632f83f78277497/eJyNj00LgkAQhv_LnCXRUHNvIiKieYg6x6IDLeq6bGMi4n9vrfBU0HHej2d4ZyCUXFJWAwM9OoEPFmishBIoKe4l8eplum7gek5oQStkk-p-UMDmb-XNX9WD7-89...
http://noteweekend.com/?inf_contact_key=5bc08ee2d365e048843b155097cfdd716788fa119d7a85871833ad8b0831730e
https://noteweekend.com/?inf_contact_key=5bc08ee2d365e048843b155097cfdd716788fa119d7a85871833ad8b0831730e

146 KB
27 KB

525ms
256ms

Document
text/html

35.202.21.90
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://noteweekend.com/?inf_contact_key=5bc08ee2d365e048843b155097cfdd716788fa119d7a85871833ad8b0831730e

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.202.21.90 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

90.21.202.35.bc.googleusercontent.com

Software

Leadpages /

Resource Hash

b930f2def0adb9b59a1bb48f373cde6450e30ca9860010c39e8360ccd5deb7a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
content-encoding: br
content-type: text/html
date: Tue, 25 Apr 2023 19:20:15 GMT
etag: W/"2ba8a40998261607c0caa2697158ffa9"
last-modified: Wed, 15 Mar 2023 14:54:34 GMT
server: Leadpages
strict-transport-security: max-age=15768000
vary: Accept-Encoding
x-cache: MISS, HIT

Redirect headers

Connection: keep-alive
Content-Length: 166
Content-Type: text/html
Date: Tue, 25 Apr 2023 19:20:14 GMT
Location: https://noteweekend.com/?inf_contact_key=5bc08ee2d365e048843b155097cfdd716788fa119d7a85871833ad8b0831730e
Server: Leadpages
Strict-Transport-Security: max-age=15768000

GET
H2 200 all.min.css
static.leadpages.net/fonts/font-awesome/5.14.0/css/ 58 KB
15 KB 84ms
24ms Stylesheet
text/css 34.107.203.240
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.leadpages.net/fonts/font-awesome/5.14.0/css/all.min.css
Requested by: Host: noteweekend.com
URL: https://noteweekend.com/?inf_contact_key=5bc08ee2d365e048843b155097cfdd716788fa119d7a85871833ad8b0831730e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.203.240 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 240.203.107.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 14cbd9b866a9b092e3a2e03a93b128da5baca005fd8b44a1956146eaab7b48b7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 10:02:13 GMT
content-encoding: gzip
via: 1.1 google
server: Google Frontend
age: 465482
etag: "WOrHtA"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-cloud-trace-context: e3da7fb3ad89bfbde3ba2285d45a9097
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14628
expires: Fri, 19 Apr 2024 10:02:13 GMT

GET
H2 200 css
fonts.googleapis.com/ 15 KB
1 KB 80ms
30ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500,700|Montserrat:300,400,500,700

Requested by

Host: noteweekend.com
URL: https://noteweekend.com/?inf_contact_key=5bc08ee2d365e048843b155097cfdd716788fa119d7a85871833ad8b0831730e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b05669c78669c5f8c2caf61ba53d7bc1d218c13f68555c5c74f0a3771ee1a8c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noteweekend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 25 Apr 2023 19:20:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 25 Apr 2023 18:46:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 25 Apr 2023 19:20:15 GMT

GET
H/1.1 200
OK button.js Show response
widgets.bumpsale.co/ 69 KB
69 KB 111ms
37ms Script
application/javascript 18.66.122.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.bumpsale.co/button.js
Requested by: Host: noteweekend.com
URL: https://noteweekend.com/?inf_contact_key=5bc08ee2d365e048843b155097cfdd716788fa119d7a85871833ad8b0831730e
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-74.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 21e64724fb8d8c97187acc11e7bd6c0727e11f2f7ad343c620237ce3be16759c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noteweekend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Tue, 25 Apr 2023 16:09:46 GMT
Via: 1.1 b3bfeb8eb7405a05775de8861a4d117c.cloudfront.net (CloudFront)
Last-Modified: Fri, 11 Dec 2020 16:26:54 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA60-P2
Age: 11430
ETag: "6d67afc341013b324ff0508cf4bf64ac"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 70611
X-Amz-Cf-Id: rWi5KGYJCWrP2gl84j9UDJhjB1gxoh-vh3AKBXGY6U_fF6TBt3sFCg==

GET
H2 200 Lz4Lij9pJNRdgqaaXGTppX01OTIqfaiGnNDOQXniSUQ3Ekb25VJ8JT7soQr5IieaJF6nLHFdjuPQTvfk4LKheg=s0
lh3.googleusercontent.com/ 44 KB
44 KB 511ms
461ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/Lz4Lij9pJNRdgqaaXGTppX01OTIqfaiGnNDOQXniSUQ3Ekb25VJ8JT7soQr5IieaJF6nLHFdjuPQTvfk4LKheg=s0

Requested by

Host: noteweekend.com
URL: https://noteweekend.com/?inf_contact_key=5bc08ee2d365e048843b155097cfdd716788fa119d7a85871833ad8b0831730e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

7e22a478987591ef6283afbf94670419a70b7225823051b686d754bdb2b0d06d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noteweekend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 19:20:16 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45280
x-xss-protection: 0
expires: Wed, 26 Apr 2023 19:20:16 GMT

GET
H2 200 TN0yiND2KNMoeMEF0wQpZFcj_Yy3Wo5h6RNmpX16qMIq4sN75mL-LRoVgSfL7DVCE8Yg8uiMbW_f96_kMGoJiT3xyNhPpDKeGjPi=w16
lh3.googleusercontent.com/ 801 B
1 KB 457ms
408ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/TN0yiND2KNMoeMEF0wQpZFcj_Yy3Wo5h6RNmpX16qMIq4sN75mL-LRoVgSfL7DVCE8Yg8uiMbW_f96_kMGoJiT3xyNhPpDKeGjPi=w16

Requested by

Host: noteweekend.com
URL: https://noteweekend.com/?inf_contact_key=5bc08ee2d365e048843b155097cfdd716788fa119d7a85871833ad8b0831730e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

810ee0a53a4663092d322fcbd080f63e0d4c18e9c889fdac04a7a8362969c0a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noteweekend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 19:20:16 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 801
x-xss-protection: 0
expires: Wed, 26 Apr 2023 19:20:16 GMT

GET
H2 200 DpQIhzUPUE_uKVjODe1TFyA38qL1TGoqiNVstiRzpNA3U4dHCbccgFNxcgrOJA8EMSCLLIUeqyM-XwvVITUIXA=w16
lh3.googleusercontent.com/ 1 KB
1 KB 461ms
412ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/DpQIhzUPUE_uKVjODe1TFyA38qL1TGoqiNVstiRzpNA3U4dHCbccgFNxcgrOJA8EMSCLLIUeqyM-XwvVITUIXA=w16

Requested by

Host: noteweekend.com
URL: https://noteweekend.com/?inf_contact_key=5bc08ee2d365e048843b155097cfdd716788fa119d7a85871833ad8b0831730e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

6852b3271698470b318ed624a2b9b0bf097eff85f56fb251cc2f8cf3dce0b79d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noteweekend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 19:20:16 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1068
x-xss-protection: 0
expires: Wed, 26 Apr 2023 19:20:16 GMT

GET
H2 200 embed.js Show response
embed.lpcontent.net/leadboxes/current/ 42 KB
15 KB 83ms
23ms Script
application/javascript 34.107.203.240
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://embed.lpcontent.net/leadboxes/current/embed.js
Requested by: Host: noteweekend.com
URL: https://noteweekend.com/?inf_contact_key=5bc08ee2d365e048843b155097cfdd716788fa119d7a85871833ad8b0831730e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.203.240 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 240.203.107.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 5590f038f87169772f0bb512d942481838ac73230926fb92c4ff8db9a19b2296

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noteweekend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 19:16:11 GMT
content-encoding: gzip
via: 1.1 google
server: Google Frontend
age: 244
etag: "WOrHtA"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-cloud-trace-context: 5bb185f46964b304f09311cd7fc9bcf0
cache-control: public, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14811
expires: Tue, 25 Apr 2023 19:21:11 GMT

GET
H2 200 moment.min.js Show response
cdnjs.cloudflare.com/ajax/libs/moment.js/2.26.0/ 57 KB
17 KB 75ms
30ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.26.0/moment.min.js

Requested by

Host: noteweekend.com
URL: https://noteweekend.com/?inf_contact_key=5bc08ee2d365e048843b155097cfdd716788fa119d7a85871833ad8b0831730e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e6802973fc0c75ad67b4810ae2aa16278608b675787c11ccc32c2e9e3f203ea7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noteweekend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 19:20:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1729356
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16963
last-modified: Wed, 20 May 2020 06:50:28 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5ec4d334-e5ee"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yQwpsZPFFIe987rgSygSTF0RfchDGobPULro%2BUXibKPxMrHlMEYBBw7kFHWEYBIZcnUux4TbapRMPJkRdpimmvVIjdfXZ9HWZGImNq7Ig0nvkgEvExds5DOAEMkJve2ot5cndKZJSBCFk%2ByB609RfCwZ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7bd8f13999839268-FRA
expires: Sun, 14 Apr 2024 19:20:15 GMT

GET
H2 200 center.js Show response
js.center.io/ 12 KB
5 KB 102ms
35ms Script
application/javascript 2001:4860:4802:32::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://js.center.io/center.js
Requested by: Host: noteweekend.com
URL: https://noteweekend.com/?inf_contact_key=5bc08ee2d365e048843b155097cfdd716788fa119d7a85871833ad8b0831730e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: cc08eb3316359de0d8f025efee489da73ca552209a0c9cab6b00894d7fa21d42

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noteweekend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 19:17:24 GMT
content-encoding: gzip
server: Google Frontend
age: 171
etag: "OMWYXg"
content-type: application/javascript
x-cloud-trace-context: 518bae284eaacaf6f6e04541ebc0f131
cache-control: public, max-age=300
content-length: 5417
expires: Tue, 25 Apr 2023 19:22:24 GMT

GET
H/1.1 200
OK ge.js Show response
s3-us-west-2.amazonaws.com/jsstore/a/DY4HZ93/ 48 KB
49 KB 615ms
218ms Script
application/javascript 52.92.133.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3-us-west-2.amazonaws.com/jsstore/a/DY4HZ93/ge.js
Requested by: Host: noteweekend.com
URL: https://noteweekend.com/?inf_contact_key=5bc08ee2d365e048843b155097cfdd716788fa119d7a85871833ad8b0831730e
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.92.133.32 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 02f770f564732860cc3a52656296c4fb18b4fcd67be1995625b17428b731809b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noteweekend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Tue, 25 Apr 2023 19:20:17 GMT
Last-Modified: Mon, 10 Apr 2023 22:22:45 GMT
Server: AmazonS3
x-amz-request-id: JPJ61P2RWAMNPZJ3
ETag: "2b03053dc51f3f77742b9848d60c28a6"
x-amz-server-side-encryption: AES256
Content-Type: application/javascript
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Content-Length: 49235
x-amz-id-2: cN2e/JJgyscsP96VC1+EC1vZVmIimZ8o5hy05Y89okAi1UACD1uA3ReTMh1JW8OxKi7bH4ODeyk=
Expires: Wed, 10 May 2023 22:22:43 GMT

GET
H2 200 LACwzqrwDC4-Bt_ugm0196zprkfWSNewrrDTIf8-Z4pQXW9Pkb8l2N4ivh9jNqYKWj1WEybAveB1oNm1SiRd61k=w16
lh3.googleusercontent.com/ 456 B
518 B 533ms
486ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/LACwzqrwDC4-Bt_ugm0196zprkfWSNewrrDTIf8-Z4pQXW9Pkb8l2N4ivh9jNqYKWj1WEybAveB1oNm1SiRd61k=w16

Requested by

Host: noteweekend.com
URL: https://noteweekend.com/?inf_contact_key=5bc08ee2d365e048843b155097cfdd716788fa119d7a85871833ad8b0831730e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

fd70a44ddf14bc1e1531e71f607404abac20a4d51008ebc057cf224c9d2ba2c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noteweekend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 19:20:16 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 456
x-xss-protection: 0
expires: Wed, 26 Apr 2023 19:20:16 GMT

GET
H2 200 JT9k7ujJ52o Show response
www.youtube.com/embed/ Frame 7FF4 73 KB
31 KB 161ms
98ms Document
text/html 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/JT9k7ujJ52o

Requested by

Host: noteweekend.com
URL: https://noteweekend.com/?inf_contact_key=5bc08ee2d365e048843b155097cfdd716788fa119d7a85871833ad8b0831730e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

120f24a6724da87af8a2e98f2fadc719728a403016a199090756448f5f369e95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://noteweekend.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Tue, 25 Apr 2023 19:20:15 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 70ms
20ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700|Montserrat:300,400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://noteweekend.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 06:10:15 GMT
x-content-type-options: nosniff
age: 306600
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Apr 2024 06:10:15 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 74ms
25ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700|Montserrat:300,400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://noteweekend.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 06:22:44 GMT
x-content-type-options: nosniff
age: 305851
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Apr 2024 06:22:44 GMT

GET
H3 200 fa-solid-900.woff2
static.leadpages.net/fonts/font-awesome/5.14.0/webfonts/ 78 KB
78 KB 72ms
26ms Font
font/woff2 34.107.203.240
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.leadpages.net/fonts/font-awesome/5.14.0/webfonts/fa-solid-900.woff2
Requested by: Host: static.leadpages.net
URL: https://static.leadpages.net/fonts/font-awesome/5.14.0/css/all.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.203.240 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 240.203.107.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: cfe3b7382e477059da11be2099914b94f0e2a4f08240c60542c376957b8d9658

Request headers

Referer: https://static.leadpages.net/fonts/font-awesome/5.14.0/css/all.min.css
Origin: https://noteweekend.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:11:30 GMT
via: 1.1 google
server: Google Frontend
age: 493725
etag: "WOrHtA"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
x-cloud-trace-context: e4993f8e31e69aea68e6078e2c132cb1
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 80148
expires: Fri, 19 Apr 2024 02:11:30 GMT

GET
H3 200 fa-brands-400.woff2
static.leadpages.net/fonts/font-awesome/5.14.0/webfonts/ 76 KB
76 KB 67ms
22ms Font
font/woff2 34.107.203.240
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.leadpages.net/fonts/font-awesome/5.14.0/webfonts/fa-brands-400.woff2
Requested by: Host: static.leadpages.net
URL: https://static.leadpages.net/fonts/font-awesome/5.14.0/css/all.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.203.240 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 240.203.107.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 1c87d2b26de7d55c66037916bbb4cba6c791da0e2adfa378332678ff13e12d9d

Request headers

Referer: https://static.leadpages.net/fonts/font-awesome/5.14.0/css/all.min.css
Origin: https://noteweekend.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 01:43:23 GMT
via: 1.1 google
server: Google Frontend
age: 409012
etag: "WOrHtA"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
x-cloud-trace-context: 4725fd9d453eb7177ad3f484e8bb0d3f
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77400
expires: Sat, 20 Apr 2024 01:43:23 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ 30 KB
30 KB 91ms
43ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700|Montserrat:300,400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://noteweekend.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 18:31:37 GMT
x-content-type-options: nosniff
age: 262118
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30928
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Apr 2024 18:31:37 GMT

GET
H2 200 widget.css
assets.calendly.com/assets/external/ 2 KB
1 KB 250ms
204ms Stylesheet
text/css 2606:4700:3108::ac42:28e6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.calendly.com/assets/external/widget.css

Requested by

Host: noteweekend.com
URL: https://noteweekend.com/?inf_contact_key=5bc08ee2d365e048843b155097cfdd716788fa119d7a85871833ad8b0831730e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28e6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fcb209ef6d7ca07243d60aa46a83865255672006c403b988209cfbb6eacf88a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noteweekend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 19:20:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 261
cf-polished: origSize=3459
last-modified: Thu, 20 Apr 2023 20:34:24 GMT
cf-bgj: minify
server: cloudflare
etag: W/"4818473200224c9f9497adef8d7685bc"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=300
cf-ray: 7bd8f13a2a719bbc-FRA
expires: Wed, 26 Apr 2023 19:20:15 GMT

GET
H2 200 widget.js Show response
assets.calendly.com/assets/external/ 44 KB
16 KB 356ms
310ms Script
application/javascript 2606:4700:3108::ac42:28e6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.calendly.com/assets/external/widget.js

Requested by

Host: noteweekend.com
URL: https://noteweekend.com/?inf_contact_key=5bc08ee2d365e048843b155097cfdd716788fa119d7a85871833ad8b0831730e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28e6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f410a3f7fd756255808c81acc7244e4682a90f15e941a1eba37065aa6cf7abd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noteweekend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 19:20:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Fri, 21 Apr 2023 18:20:34 GMT
cf-bgj: minify
server: cloudflare
age: 103
etag: W/"5ba33f379a2674de9ffc1cb27f39d7d6"
vary: Accept-Encoding
content-type: application/javascript
content-encoding: br
cache-control: public, max-age=300
cf-ray: 7bd8f13a2a739bbc-FRA
expires: Wed, 26 Apr 2023 19:20:15 GMT

GET
H2 200 / Show response
scottcarson.lpages.co/serve-leadbox/waFExEnPvLfxTaULHJYz8d/ Frame BDE1 182 KB
41 KB 563ms
260ms Document
text/html 35.202.21.90
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://scottcarson.lpages.co/serve-leadbox/waFExEnPvLfxTaULHJYz8d/?inf_contact_key=5bc08ee2d365e048843b155097cfdd716788fa119d7a85871833ad8b0831730e

Requested by

Host: embed.lpcontent.net
URL: https://embed.lpcontent.net/leadboxes/current/embed.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.202.21.90 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

90.21.202.35.bc.googleusercontent.com

Software

Leadpages /

Resource Hash

d4d373d6c16c97c3d9ec3d5e57476d0f409c9e80e6c06dedfc2507991d04bfea

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://noteweekend.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
content-encoding: br
content-type: text/html
date: Tue, 25 Apr 2023 19:20:16 GMT
etag: W/"a6d992ed0e2dc830b0c5a376120e1f05"
last-modified: Wed, 15 Mar 2023 14:54:37 GMT
server: Leadpages
strict-transport-security: max-age=15768000
vary: Accept-Encoding
x-cache: MISS, HIT

GET
H2 200 LACwzqrwDC4-Bt_ugm0196zprkfWSNewrrDTIf8-Z4pQXW9Pkb8l2N4ivh9jNqYKWj1WEybAveB1oNm1SiRd61k=h1634-c
lh3.googleusercontent.com/ 457 KB
458 KB 522ms
522ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/LACwzqrwDC4-Bt_ugm0196zprkfWSNewrrDTIf8-Z4pQXW9Pkb8l2N4ivh9jNqYKWj1WEybAveB1oNm1SiRd61k=h1634-c

Requested by

Host: noteweekend.com
URL: https://noteweekend.com/?inf_contact_key=5bc08ee2d365e048843b155097cfdd716788fa119d7a85871833ad8b0831730e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

b94377478f81f905893ee042012ed7057dc8b01299a76120f7db54f2248e69ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noteweekend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 19:20:16 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 468315
x-xss-protection: 0
expires: Wed, 26 Apr 2023 19:20:16 GMT

GET
H2 200 identify.html Show response
js.center.io/ Frame BC62 4 KB
2 KB 31ms
31ms Document
text/html 2001:4860:4802:32::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://js.center.io/identify.html
Requested by: Host: js.center.io
URL: https://js.center.io/center.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 0efa1e4687032588dae8d6d3a00a92e504a3a14b9d1bb23c19670a47c9792110

Request headers

Referer: https://noteweekend.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 72
cache-control: public, max-age=300
content-encoding: gzip
content-length: 2016
content-type: text/html
date: Tue, 25 Apr 2023 19:19:03 GMT
etag: "OMWYXg"
expires: Tue, 25 Apr 2023 19:24:03 GMT
server: Google Frontend
x-cloud-trace-context: 589b542041b41a7a153d17a553706230

GET
H/1.1 200
OK capture Show response
api.leadpages.io/analytics/v1/events/ 35 B
664 B 433ms
144ms XHR
image/gif 35.192.151.63
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.leadpages.io/analytics/v1/events/capture?k=view&a=leadpage&l=6GFXm6ihfyxe4YKbb8f4rQ&v=&e=&st=&lc=en-US&pid=i9Msjs8VjsFjpcoKuhtQ7R&uid=z3wCqn78tuWqoJNeyRKxqT&sid=yAy8dG4BMjkEE8xRKYQu7n&cid=lp-6GFXm6ihfyxe4YKbb8f4rQ&uri=https%3A%2F%2Fnoteweekend.com%2F%3Finf_contact_key%3D5bc08ee2d365e048843b155097cfdd716788fa119d7a85871833ad8b0831730e&rf=&rx=1600&ry=1200&tz=%2B00%3A00
Requested by: Host: js.center.io
URL: https://js.center.io/center.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.192.151.63 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 63.151.192.35.bc.googleusercontent.com
Software: Stargate /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noteweekend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Tue, 25 Apr 2023 19:20:16 GMT
Server: Stargate
Transfer-Encoding: chunked
access-control-max-age: 600
Content-Type: image/gif
access-control-allow-origin: https://noteweekend.com
X-Forwarded-For: 217.114.218.21
access-control-expose-headers: LP-Security-Token
access-control-allow-credentials: true
Connection: keep-alive
x-request-id: 00hvmgovs8tknjp3mop0

GET
H2 200 www-player.css
www.youtube.com/s/player/d87d581f/ Frame 7FF4 400 KB
51 KB 21ms
20ms Stylesheet
text/css 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d87d581f/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/JT9k7ujJ52o

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

40fba0019ff3cd5ef1ad3797b7b223a9f434ccf632b89f322241ef51434a389b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/JT9k7ujJ52o
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 17:41:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5938
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52077
x-xss-protection: 0
last-modified: Wed, 19 Apr 2023 02:50:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 24 Apr 2024 17:41:17 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 7FF4 15 KB
15 KB 25ms
24ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/JT9k7ujJ52o

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 22:24:03 GMT
x-content-type-options: nosniff
age: 248172
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Apr 2024 22:24:03 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 7FF4 15 KB
15 KB 22ms
21ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/JT9k7ujJ52o

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 22:41:31 GMT
x-content-type-options: nosniff
age: 247124
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Apr 2024 22:41:31 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/d87d581f/www-embed-player.vflset/ Frame 7FF4 355 KB
110 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d87d581f/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/JT9k7ujJ52o

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3d179f0e69da4cb3808800bac82c6be701f77b395677dd09621e8009680a960

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/JT9k7ujJ52o
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 18:47:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1960
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 112492
x-xss-protection: 0
last-modified: Wed, 19 Apr 2023 02:50:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 24 Apr 2024 18:47:35 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/d87d581f/player_ias.vflset/de_DE/ Frame 7FF4 2 MB
622 KB 53ms
53ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d87d581f/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/JT9k7ujJ52o

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc467c312a15005618c8c6b173f0e56ceac1b8d090cb65011457fbff00c45434

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/JT9k7ujJ52o
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 14:25:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17682
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 636851
x-xss-protection: 0
last-modified: Wed, 19 Apr 2023 02:50:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 24 Apr 2024 14:25:33 GMT

GET
H2 200 fetch-polyfill.js Show response
www.youtube.com/s/player/d87d581f/fetch-polyfill.vflset/ Frame 7FF4 9 KB
3 KB 57ms
56ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d87d581f/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/JT9k7ujJ52o

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/JT9k7ujJ52o
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 19:12:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 479
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2786
x-xss-protection: 0
last-modified: Wed, 19 Apr 2023 02:50:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 24 Apr 2024 19:12:16 GMT

GET
H2

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 7FF4
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
242 B

41ms
33ms

XHR
application/json

2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/JT9k7ujJ52o

Protocol

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0bd8f410b2bf41edb80bd080ec4f35b8519935b3809c1004597540f957380ece

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 19:20:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 25 Apr 2023 19:20:16 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 7FF4 29 B
495 B 107ms
20ms Script
text/javascript 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d87d581f/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 19:14:40 GMT
x-content-type-options: nosniff
age: 336
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 25 Apr 2023 19:29:40 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 102ms
33ms Preflight
text/html 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Tue, 25 Apr 2023 19:20:16 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 7FF4 66 KB
30 KB 41ms
41ms XHR
application/json+protobuf 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d87d581f/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

badabcaa20a8c50b59a3be4897cb6c85332e43ed4e861b756552cd03d4bbf587

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Tue, 25 Apr 2023 19:20:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30859
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/d87d581f/player_ias.vflset/de_DE/ Frame 7FF4 116 KB
36 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d87d581f/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d87d581f/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1c82ac4e98af53271fb8168ec3a928368e436a9109bd3551b4075cf9522d277d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/JT9k7ujJ52o
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 14:34:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 276368
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36573
x-xss-protection: 0
last-modified: Wed, 19 Apr 2023 02:50:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 21 Apr 2024 14:34:08 GMT

GET
H2 200 n7MGVF3kyNWz2oksCmxFbvce_P6cfZxiCNxSfWAcPT8.js Show response
www.google.com/js/th/ Frame 7FF4 36 KB
14 KB 74ms
22ms Script
text/javascript 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/n7MGVF3kyNWz2oksCmxFbvce_P6cfZxiCNxSfWAcPT8.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d87d581f/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9fb306545de4c8d5b3da892c0a6c456ef71efcfe9c7d9c6208dc527d601c3d3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 17:58:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 264099
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14092
x-xss-protection: 0
last-modified: Tue, 11 Apr 2023 09:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 21 Apr 2024 17:58:37 GMT

GET
H2 200 sddefault.webp
i.ytimg.com/vi_webp/JT9k7ujJ52o/ Frame 7FF4 28 KB
29 KB 118ms
68ms Image
image/webp 2a00:1450:4001:813::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/JT9k7ujJ52o/sddefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/JT9k7ujJ52o

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b2e248c39295ce15fd1d251ac327aca7eb4ef1863c882f115f77f4e52dff138

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 19:20:16 GMT
x-content-type-options: nosniff
server: sffe
etag: "1655233705"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29134
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 25 Apr 2023 21:20:16 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/d87d581f/player_ias.vflset/de_DE/ Frame 7FF4 29 KB
9 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d87d581f/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d87d581f/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca23d7dd19f4e069e1188fb446a1e53840ccb61d6685ce3383f5dba23770447f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/JT9k7ujJ52o
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 17:07:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 267149
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9037
x-xss-protection: 0
last-modified: Wed, 19 Apr 2023 02:50:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 21 Apr 2024 17:07:47 GMT

GET
DATA 200
OK truncated
/ Frame 7FF4 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AGIKgqPq6c4NiDxheXt84EIZegW8X-gwA_274GWKN48jrQ=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 7FF4 3 KB
3 KB 37ms
23ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AGIKgqPq6c4NiDxheXt84EIZegW8X-gwA_274GWKN48jrQ=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/JT9k7ujJ52o

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9059682b053807d16e59e8decfe82208f3c1475ea7678c5c823bbf3d2c83e8e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 18:58:05 GMT
x-content-type-options: nosniff
age: 1331
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3178
x-xss-protection: 0
server: fife
etag: "v89"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 26 Apr 2023 18:58:05 GMT

GET
H2 200 TN0yiND2KNMoeMEF0wQpZFcj_Yy3Wo5h6RNmpX16qMIq4sN75mL-LRoVgSfL7DVCE8Yg8uiMbW_f96_kMGoJiT3xyNhPpDKeGjPi=w458
lh3.googleusercontent.com/ 110 KB
110 KB 212ms
212ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/TN0yiND2KNMoeMEF0wQpZFcj_Yy3Wo5h6RNmpX16qMIq4sN75mL-LRoVgSfL7DVCE8Yg8uiMbW_f96_kMGoJiT3xyNhPpDKeGjPi=w458

Requested by

Host: noteweekend.com
URL: https://noteweekend.com/?inf_contact_key=5bc08ee2d365e048843b155097cfdd716788fa119d7a85871833ad8b0831730e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

bbb02d61a169ffc1c744ef1856ce4099ee7076df4b18334b64def70bcfefb976

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noteweekend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 19:20:16 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 112265
x-xss-protection: 0
expires: Wed, 26 Apr 2023 19:20:16 GMT

GET
H2 200 1 Show response
stats.pusher.com/timeline/v2/jsonp/ 0
75 B 364ms
114ms Script
application/javascript 54.243.70.123
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.pusher.com/timeline/v2/jsonp/1?session=NDQ2NzgzNzYz&bundle=MQ%3D%3D&key=YjdkZjcyYzBlYTg0YzQ3NmQ0NTk%3D&lib=anM%3D&version=NC4yLjI%3D&features=WyJ3cyJd&timeline=W3siaW5zdGFuY2VzIjoxLCJ0aW1lc3RhbXAiOjE2ODI0NTA0MTU2NjR9LHsic3RhdGUiOiJjb25uZWN0aW5nIiwidGltZXN0YW1wIjoxNjgyNDUwNDE1NjY0fSx7ImNpZCI6MSwidHJhbnNwb3J0Ijoid3NzIiwidGltZXN0YW1wIjoxNjgyNDUwNDE1NjY0fSx7ImNpZCI6MSwic3RhdGUiOiJpbml0aWFsaXplZCIsInRpbWVzdGFtcCI6MTY4MjQ1MDQxNTY2NH0seyJjaWQiOjEsInN0YXRlIjoiY29ubmVjdGluZyIsInRpbWVzdGFtcCI6MTY4MjQ1MDQxNTY2NX0seyJjaWQiOjEsInN0YXRlIjoib3BlbiIsInRpbWVzdGFtcCI6MTY4MjQ1MDQxNjE1OH0seyJzdGF0ZSI6ImNvbm5lY3RlZCIsInBhcmFtcyI6eyJzb2NrZXRfaWQiOiI0NDUxNzQuMzg0MDYxNzAifSwidGltZXN0YW1wIjoxNjgyNDUwNDE2MTY3fV0%3D
Requested by: Host: widgets.bumpsale.co
URL: https://widgets.bumpsale.co/button.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.243.70.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-243-70-123.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noteweekend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 19:20:16 GMT
server: awselb/2.0
content-length: 0
content-type: application/javascript; charset=utf-8

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 7FF4 4 KB
2 KB 92ms
32ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d87d581f/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 19:20:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 25 Apr 2023 19:20:16 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame 7FF4 0
10 B 21ms
21ms Image
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?ukJiQQ
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/JT9k7ujJ52o
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/JT9k7ujJ52o
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 19:20:16 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 30ms
30ms Preflight
text/html 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Tue, 25 Apr 2023 19:20:16 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 7FF4 90 B
134 B 33ms
33ms XHR
application/json+protobuf 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d87d581f/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fab5657d66fcdbea9614f3823714ad4ecfaa82e29d5cbb84960899716e207780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Tue, 25 Apr 2023 19:20:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

GET
H/1.1 200
OK capture Show response
api.leadpages.io/analytics/v1/observations/ 35 B
439 B 393ms
133ms XHR
image/gif 35.192.151.63
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.leadpages.io/analytics/v1/observations/capture?origin=&version=1.2.2&correlateBy=hp8Qy499jCCuXrjutegCD9&kind=text,timer&label=lb_embed_leadbox_embedded,lb_embed_embed_script_load&value=waFExEnPvLfxTaULHJYz8d,161.39999771118164
Requested by: Host: embed.lpcontent.net
URL: https://embed.lpcontent.net/leadboxes/current/embed.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.192.151.63 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 63.151.192.35.bc.googleusercontent.com
Software: Stargate /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noteweekend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Tue, 25 Apr 2023 19:20:16 GMT
Server: Stargate
Transfer-Encoding: chunked
access-control-max-age: 600
Content-Type: image/gif
access-control-allow-origin: https://noteweekend.com
X-Forwarded-For: 217.114.218.21
access-control-expose-headers: LP-Security-Token
access-control-allow-credentials: true
Connection: keep-alive
x-request-id: 00hvnkofqvb2cqojj3hg

GET
H2 200 all.min.css
static.leadpages.net/fonts/font-awesome/5.14.0/css/ Frame BDE1 58 KB
14 KB 24ms
23ms Stylesheet
text/css 34.107.203.240
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.leadpages.net/fonts/font-awesome/5.14.0/css/all.min.css
Requested by: Host: scottcarson.lpages.co
URL: https://scottcarson.lpages.co/serve-leadbox/waFExEnPvLfxTaULHJYz8d/?inf_contact_key=5bc08ee2d365e048843b155097cfdd716788fa119d7a85871833ad8b0831730e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.203.240 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 240.203.107.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 14cbd9b866a9b092e3a2e03a93b128da5baca005fd8b44a1956146eaab7b48b7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 10:02:13 GMT
content-encoding: gzip
via: 1.1 google
server: Google Frontend
age: 465483
etag: "WOrHtA"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-cloud-trace-context: e3da7fb3ad89bfbde3ba2285d45a9097
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14628
expires: Fri, 19 Apr 2024 10:02:13 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame BDE1 8 KB
835 B 30ms
29ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500,700

Requested by

Host: scottcarson.lpages.co
URL: https://scottcarson.lpages.co/serve-leadbox/waFExEnPvLfxTaULHJYz8d/?inf_contact_key=5bc08ee2d365e048843b155097cfdd716788fa119d7a85871833ad8b0831730e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

66c84fd2e855f7f8795d82db9f5aacc7b3752200f492850aac5cda6eddad7fd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://scottcarson.lpages.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 25 Apr 2023 19:20:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 25 Apr 2023 18:03:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 25 Apr 2023 19:20:16 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/112/ Frame 7FF4 50 KB
15 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/112/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a312de5d5df23f9f480daa5837af8b88f77bb83c0ad3f04d474a449d43e7859

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 09:44:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34574
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14872
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 16:06:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Wed, 26 Apr 2023 09:44:02 GMT

GET
H2 200 center.js Show response
js.center.io/ Frame BDE1 12 KB
5 KB 34ms
33ms Script
application/javascript 2001:4860:4802:32::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://js.center.io/center.js
Requested by: Host: scottcarson.lpages.co
URL: https://scottcarson.lpages.co/serve-leadbox/waFExEnPvLfxTaULHJYz8d/?inf_contact_key=5bc08ee2d365e048843b155097cfdd716788fa119d7a85871833ad8b0831730e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: cc08eb3316359de0d8f025efee489da73ca552209a0c9cab6b00894d7fa21d42

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://scottcarson.lpages.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 19:18:57 GMT
content-encoding: gzip
server: Google Frontend
age: 79
etag: "OMWYXg"
content-type: application/javascript
x-cloud-trace-context: ee222433f981e0f9324548a1412aa947
cache-control: public, max-age=300
content-length: 5417
expires: Tue, 25 Apr 2023 19:23:57 GMT

GET
H2 200 lc2.js Show response
b-code.liadm.com/ 42 KB
13 KB 87ms
23ms Script
application/javascript 2600:9000:223c:d600:8:8845:1500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b-code.liadm.com/lc2.js
Requested by: Host: s3-us-west-2.amazonaws.com
URL: https://s3-us-west-2.amazonaws.com/jsstore/a/DY4HZ93/ge.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:d600:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e777dc35614fb617e7c6b15dd36bb357041cdd58a8842d961c6c89418b01dbd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noteweekend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 01:41:28 GMT
content-encoding: gzip
via: 1.1 993c0866e705e48daa4fed5e30627712.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 63528
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: "public, max-age=86400"
x-amz-cf-id: waIt65aHd0FPLLqIWuiibBZy-bWO3Wp_dlvPFq7-D9IhlOjLSdcz3g==

GET
H2 200 identify.html Show response
js.center.io/ Frame 7FA0 4 KB
2 KB 31ms
31ms Document
text/html 2001:4860:4802:32::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://js.center.io/identify.html
Requested by: Host: js.center.io
URL: https://js.center.io/center.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 0efa1e4687032588dae8d6d3a00a92e504a3a14b9d1bb23c19670a47c9792110

Request headers

Referer: https://scottcarson.lpages.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 295
cache-control: public, max-age=300
content-encoding: gzip
content-length: 2016
content-type: text/html
date: Tue, 25 Apr 2023 19:15:21 GMT
etag: "OMWYXg"
expires: Tue, 25 Apr 2023 19:20:21 GMT
server: Google Frontend
x-cloud-trace-context: 40f3ab41a589119f9ffb7b1e3e376544

GET
H2 200 72731 Show response
idx.liadm.com/idex/unknown/ 42 B
419 B 362ms
122ms XHR
application/json 52.205.24.151
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://idx.liadm.com/idex/unknown/72731?duid=a8fde2a3b9ba--01gywxr0tvgt70v90ra9127ekh&resolve=md5

Requested by

Host: b-code.liadm.com
URL: https://b-code.liadm.com/lc2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.205.24.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-205-24-151.compute-1.amazonaws.com

Software

Resource Hash

c6fa99a3cf7e7aa65b184b4b57639f44684a38fa3ec68c182827523715a1457a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noteweekend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 19:20:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin
request-time: 10
content-type: application/json
access-control-allow-origin: https://noteweekend.com
access-control-allow-credentials: true
trace-id: e3dc2b140210563d
content-length: 42
expires: Wed, 26 Apr 2023 19:20:16 GMT

GET
H/1.1 200
OK capture
api.leadpages.io/analytics/v1/observations/ 35 B
356 B 134ms
134ms Image
image/gif 35.192.151.63
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.leadpages.io/analytics/v1/observations/capture?version=1.7.13&origin=page-speed&kind=timer,timer,timer,timer,timer,timer,timer,timer,timer,timer&label=domain-lookup,connect,request,ttfb,response,loading,interactive,content-loaded,complete,load&value=1,268,256,525,8,528,721,728,1597,1616
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.192.151.63 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 63.151.192.35.bc.googleusercontent.com
Software: Stargate /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noteweekend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Tue, 25 Apr 2023 19:20:16 GMT
Server: Stargate
Transfer-Encoding: chunked
X-Forwarded-For: 217.114.218.21
Content-Type: image/gif
access-control-expose-headers: LP-Security-Token
access-control-allow-credentials: true
Connection: keep-alive
x-request-id: 00hvmgt4np7b32s7mncg

GET
H2

200

j Show response
rp4.liadm.com/
Redirect Chain

https://rp.liadm.com/j?dtstmp=1682450416598&se=e30&duid=a8fde2a3b9ba--01gywxr0tvgt70v90ra9127ekh&tna=v2.7.1&pu=https%3A%2F%2Fnoteweekend.com%2F%3Finf_contact_key%3D5bc08ee2d365e048843b155097cfdd716...
https://rp4.liadm.com/j?dtstmp=1682450416598&se=e30&duid=a8fde2a3b9ba--01gywxr0tvgt70v90ra9127ekh&tna=v2.7.1&pu=https%3A%2F%2Fnoteweekend.com%2F%3Finf_contact_key%3D5bc08ee2d365e048843b155097cfdd71...

13 B
552 B

392ms
126ms

XHR
application/json

44.194.121.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://rp4.liadm.com/j?dtstmp=1682450416598&se=e30&duid=a8fde2a3b9ba--01gywxr0tvgt70v90ra9127ekh&tna=v2.7.1&pu=https%3A%2F%2Fnoteweekend.com%2F%3Finf_contact_key%3D5bc08ee2d365e048843b155097cfdd716788fa119d7a85871833ad8b0831730e&wpn=lc-bundle&i6=MjAwMToxYjYwOjI6MjQwOjMyNDc6OjI%3D&n3pc=true

Protocol

Server

44.194.121.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-194-121-192.compute-1.amazonaws.com

Software

Resource Hash

efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noteweekend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 19:20:17 GMT
x-pixel-event-id: 362519c9-8561-4c45-b3f3-7ed1ae2a0bfb
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: DENY
vary: Origin
content-type: application/json
request-time: 9
access-control-allow-origin: null
access-control-allow-credentials: true
trace-id: 8fb5e19e64679f4e
content-length: 13
x-xss-protection: 1; mode=block

Redirect headers

date: Tue, 25 Apr 2023 19:20:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-frame-options: DENY
vary: Origin
location: https://rp4.liadm.com/j?dtstmp=1682450416598&se=e30&duid=a8fde2a3b9ba--01gywxr0tvgt70v90ra9127ekh&tna=v2.7.1&pu=https%3A%2F%2Fnoteweekend.com%2F%3Finf_contact_key%3D5bc08ee2d365e048843b155097cfdd716788fa119d7a85871833ad8b0831730e&wpn=lc-bundle&i6=MjAwMToxYjYwOjI6MjQwOjMyNDc6OjI%3D&n3pc=true
access-control-allow-origin: https://noteweekend.com
request-time: 0
access-control-allow-credentials: true
trace-id: 019ea788c5b8e172
content-length: 0
x-xss-protection: 1; mode=block

OPTIONS
H2 200 li
ckjjzdn8vk.execute-api.us-west-2.amazonaws.com/ Frame 0
0 610ms
198ms Preflight
application/json 50.112.129.245
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ckjjzdn8vk.execute-api.us-west-2.amazonaws.com/li
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 50.112.129.245 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-50-112-129-245.us-west-2.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://noteweekend.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: *
content-length: 0
content-type: application/json
date: Tue, 25 Apr 2023 19:20:17 GMT
x-amz-apigw-id: D8stxEACvHcFp8w=
x-amzn-requestid: 7551e59f-734f-496d-b2d5-b7da517a6dac

POST
H2 200 li Show response
ckjjzdn8vk.execute-api.us-west-2.amazonaws.com/ 312 B
516 B 204ms
203ms Fetch
application/json 50.112.129.245
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ckjjzdn8vk.execute-api.us-west-2.amazonaws.com/li
Requested by: Host: s3-us-west-2.amazonaws.com
URL: https://s3-us-west-2.amazonaws.com/jsstore/a/DY4HZ93/ge.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 50.112.129.245 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-50-112-129-245.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 6f69ca392e8d4033cc2f77e13bc312b7f171990e8e530af33df04b30fd09166e

Request headers

Referer: https://noteweekend.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Tue, 25 Apr 2023 19:20:17 GMT
x-amzn-trace-id: Root=1-644827f1-6047f694586d33e54d455619
x-amzn-requestid: 04c2cbc5-d460-495b-892c-65117f6a1ed8
content-length: 312
x-amz-apigw-id: D8stzE5UPHcFvjg=
content-type: application/json

GET
H/1.1 200
OK capture Show response
api.leadpages.io/analytics/v1/observations/ 35 B
439 B 131ms
130ms XHR
image/gif 35.192.151.63
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.leadpages.io/analytics/v1/observations/capture?origin=&version=1.2.2&correlateBy=hp8Qy499jCCuXrjutegCD9&kind=timer&label=lb_embed_leadbox_load&value=750
Requested by: Host: embed.lpcontent.net
URL: https://embed.lpcontent.net/leadboxes/current/embed.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.192.151.63 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 63.151.192.35.bc.googleusercontent.com
Software: Stargate /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noteweekend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Tue, 25 Apr 2023 19:20:16 GMT
Server: Stargate
Transfer-Encoding: chunked
access-control-max-age: 600
Content-Type: image/gif
access-control-allow-origin: https://noteweekend.com
X-Forwarded-For: 217.114.218.21
access-control-expose-headers: LP-Security-Token
access-control-allow-credentials: true
Connection: keep-alive
x-request-id: 00hvnkr9o343vgvvb5q0

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 7FF4 28 B
54 B 40ms
40ms XHR
application/json 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d87d581f/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
X-Goog-Request-Time: 1682450418362
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/JT9k7ujJ52o
X-YouTube-Client-Version: 1.20230418.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: Cgt1VW1ORzNOUmZWVSjvz6CiBg%3D%3D
X-YouTube-Ad-Signals: dt=1682450415864&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C504%2C283&vis=1&wgl=true&ca_type=image

Response headers

date: Tue, 25 Apr 2023 19:20:18 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0
expires: Tue, 25 Apr 2023 19:20:18 GMT

GET
H/1.1 200
OK capture Show response
api.leadpages.io/analytics/v1/observations/ 35 B
439 B 132ms
132ms XHR
image/gif 35.192.151.63
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.leadpages.io/analytics/v1/observations/capture?version=1.8.6&correlateBy=iV444FTs5pDYPWmVngngu7&origin=center-js&kind=timer,timer,counter,timer&label=load-center,load-identify,ident-new,send-events&value=105.10000228881836,59.099998474121094,1,434.9000015258789
Requested by: Host: js.center.io
URL: https://js.center.io/center.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.192.151.63 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 63.151.192.35.bc.googleusercontent.com
Software: Stargate /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://noteweekend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Tue, 25 Apr 2023 19:20:20 GMT
Server: Stargate
Transfer-Encoding: chunked
access-control-max-age: 600
Content-Type: image/gif
access-control-allow-origin: https://noteweekend.com
X-Forwarded-For: 217.114.218.21
access-control-expose-headers: LP-Security-Token
access-control-allow-credentials: true
Connection: keep-alive
x-request-id: 00hvmhprp1aoibesi5ug

GET
H/1.1 200
OK capture Show response
api.leadpages.io/analytics/v1/observations/ Frame BDE1 35 B
445 B 133ms
132ms XHR
image/gif 35.192.151.63
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.leadpages.io/analytics/v1/observations/capture?version=1.8.6&correlateBy=eQr3Q9sHj4NzYU4mMHCsz3&origin=center-js&kind=timer,timer,counter&label=load-center,load-identify,ident-exists&value=36.79999923706055,41,1
Requested by: Host: js.center.io
URL: https://js.center.io/center.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.192.151.63 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 63.151.192.35.bc.googleusercontent.com
Software: Stargate /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://scottcarson.lpages.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Tue, 25 Apr 2023 19:20:20 GMT
Server: Stargate
Transfer-Encoding: chunked
access-control-max-age: 600
Content-Type: image/gif
access-control-allow-origin: https://scottcarson.lpages.co
X-Forwarded-For: 217.114.218.21
access-control-expose-headers: LP-Security-Token
access-control-allow-credentials: true
Connection: keep-alive
x-request-id: 00hvmhrbeb7eeifbcuq0

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.api.leadpages.io/analytics/v1/events/capture	1970-01-20 11:22:16	Name: view.i9Msjs8VjsFjpcoKuhtQ7R.6GFXm6ihfyxe4YKbb8f4rQ Value: 1682450416000
js.center.io/	1970-01-20 20:56:50	Name: centerVisitorId Value: z3wCqn78tuWqoJNeyRKxqT
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: Wa5D0QSCIoo
.youtube.com/	1970-01-20 15:40:02	Name: VISITOR_INFO1_LIVE Value: uUmNG3NRfVU
.calendly.com/	1970-01-20 11:20:52	Name: __cf_bm Value: juY5fizEbKcYsyqOyVi56Vm8_SLxfZ6ccUA_lYJwbCQ-1682450415-0-AVUmOXpKFsShIl2pwvZyHk7W60n0QkRB6wPAAp/4zNNXzO9Zze2LhoZ+mGpXgss0F8bxWIsH29OwgqWMdLVAdIw=
.noteweekend.com/	1969-12-31 23:59:59	Name: _li_dcdm_c Value: .noteweekend.com
.noteweekend.com/	1970-01-20 20:56:50	Name: _lc2_fpi Value: a8fde2a3b9ba--01gywxr0tvgt70v90ra9127ekh
noteweekend.com/	1970-01-20 12:04:02	Name: _geps Value: true
.noteweekend.com/	1970-01-20 11:22:16	Name: __li_idex_cache_eyJxZiI6MCwicmVzb2x2ZSI6Im1kNSJ9 Value: {%22md5%22:%22481e3eb8826b4cbd27318277d0a19ec4%22}
.liadm.com/	1970-01-20 20:56:50	Name: lidid Value: 14854610-1bd5-4a0f-b515-94cb7a0eac08

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15768000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.leadpages.io
assets.calendly.com
b-code.liadm.com
cdnjs.cloudflare.com
ckjjzdn8vk.execute-api.us-west-2.amazonaws.com
embed.lpcontent.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
idx.liadm.com
jnn-pa.googleapis.com
js.center.io
lh3.googleusercontent.com
noteweekend.com
rp.liadm.com
rp4.liadm.com
rw176.keap-link005.com
s3-us-west-2.amazonaws.com
scottcarson.lpages.co
static.doubleclick.net
static.leadpages.net
stats.pusher.com
widgets.bumpsale.co
www.google.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
18.66.122.74
2001:4860:4802:32::15
2600:1f18:730:b140:da14:81b8:2274:6bb2
2600:9000:223c:d600:8:8845:1500:93a1
2606:4700:3108::ac42:28e6
2606:4700::6811:190e
2a00:1450:4001:800::200e
2a00:1450:4001:803::2006
2a00:1450:4001:810::2002
2a00:1450:4001:813::2004
2a00:1450:4001:813::200a
2a00:1450:4001:813::2016
2a00:1450:4001:82a::2003
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2003
34.107.203.240
34.149.35.41
35.192.151.63
35.202.21.90
44.194.121.192
50.112.129.245
52.205.24.151
52.92.133.32
54.243.70.123
02f770f564732860cc3a52656296c4fb18b4fcd67be1995625b17428b731809b
0bd8f410b2bf41edb80bd080ec4f35b8519935b3809c1004597540f957380ece
0efa1e4687032588dae8d6d3a00a92e504a3a14b9d1bb23c19670a47c9792110
120f24a6724da87af8a2e98f2fadc719728a403016a199090756448f5f369e95
14cbd9b866a9b092e3a2e03a93b128da5baca005fd8b44a1956146eaab7b48b7
1c82ac4e98af53271fb8168ec3a928368e436a9109bd3551b4075cf9522d277d
1c87d2b26de7d55c66037916bbb4cba6c791da0e2adfa378332678ff13e12d9d
21e64724fb8d8c97187acc11e7bd6c0727e11f2f7ad343c620237ce3be16759c
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
40fba0019ff3cd5ef1ad3797b7b223a9f434ccf632b89f322241ef51434a389b
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
4a312de5d5df23f9f480daa5837af8b88f77bb83c0ad3f04d474a449d43e7859
4e777dc35614fb617e7c6b15dd36bb357041cdd58a8842d961c6c89418b01dbd
5590f038f87169772f0bb512d942481838ac73230926fb92c4ff8db9a19b2296
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5b2e248c39295ce15fd1d251ac327aca7eb4ef1863c882f115f77f4e52dff138
66c84fd2e855f7f8795d82db9f5aacc7b3752200f492850aac5cda6eddad7fd1
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6852b3271698470b318ed624a2b9b0bf097eff85f56fb251cc2f8cf3dce0b79d
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6f69ca392e8d4033cc2f77e13bc312b7f171990e8e530af33df04b30fd09166e
7e22a478987591ef6283afbf94670419a70b7225823051b686d754bdb2b0d06d
810ee0a53a4663092d322fcbd080f63e0d4c18e9c889fdac04a7a8362969c0a0
9059682b053807d16e59e8decfe82208f3c1475ea7678c5c823bbf3d2c83e8e0
9fb306545de4c8d5b3da892c0a6c456ef71efcfe9c7d9c6208dc527d601c3d3f
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
b05669c78669c5f8c2caf61ba53d7bc1d218c13f68555c5c74f0a3771ee1a8c2
b930f2def0adb9b59a1bb48f373cde6450e30ca9860010c39e8360ccd5deb7a8
b94377478f81f905893ee042012ed7057dc8b01299a76120f7db54f2248e69ef
badabcaa20a8c50b59a3be4897cb6c85332e43ed4e861b756552cd03d4bbf587
bbb02d61a169ffc1c744ef1856ce4099ee7076df4b18334b64def70bcfefb976
c3d179f0e69da4cb3808800bac82c6be701f77b395677dd09621e8009680a960
c6fa99a3cf7e7aa65b184b4b57639f44684a38fa3ec68c182827523715a1457a
ca23d7dd19f4e069e1188fb446a1e53840ccb61d6685ce3383f5dba23770447f
cc08eb3316359de0d8f025efee489da73ca552209a0c9cab6b00894d7fa21d42
cfe3b7382e477059da11be2099914b94f0e2a4f08240c60542c376957b8d9658
d4d373d6c16c97c3d9ec3d5e57476d0f409c9e80e6c06dedfc2507991d04bfea
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
dc467c312a15005618c8c6b173f0e56ceac1b8d090cb65011457fbff00c45434
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6802973fc0c75ad67b4810ae2aa16278608b675787c11ccc32c2e9e3f203ea7
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
f410a3f7fd756255808c81acc7244e4682a90f15e941a1eba37065aa6cf7abd7
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fab5657d66fcdbea9614f3823714ad4ecfaa82e29d5cbb84960899716e207780
fcb209ef6d7ca07243d60aa46a83865255672006c403b988209cfbb6eacf88a6
fd70a44ddf14bc1e1531e71f607404abac20a4d51008ebc057cf224c9d2ba2c7

noteweekend.com Open in urlscan Pro 35.202.21.90 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

61 Requests

97 %HTTPS

60 %IPv6

21 Domains

28 Subdomains

24 IPs

2 Countries

2116 kBTransfer

5081 kBSize

10 Cookies

8 Outgoing links

Page URL History

Redirected requests

61 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

noteweekend.com Open in urlscan Pro
35.202.21.90 Public Scan

Screenshot
Live screenshot

Full Image

61
Requests

97 %
HTTPS

60 %
IPv6

21
Domains

28
Subdomains

24
IPs

2
Countries

2116 kB
Transfer

5081 kB
Size

10
Cookies

61 HTTP transactions
1 data transactions