urlscan.io logo urlscan.io
SecurityTrails logo

www.placesleisure.org Open in urlscan Pro
168.63.53.239  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.placesleisure.org/
Submission: On March 16 via manual from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 6 countries across 10 domains to perform 23 HTTP transactions. The main IP is 168.63.53.239, located in Dublin, Ireland and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is www.placesleisure.org.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on June 2nd 2019. Valid for: a year.
This is the only time www.placesleisure.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

7    168.63.53.239 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.placesleisure.org
1    2a00:1450:4001:817::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    147.75.84.39 (Parsippany, United States)

ASN54825 (PACKET, US)
static.hotjar.com
4    2a00:1450:4001:818::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2606:2800:133:206e:1315:22a5:2006:24fd (United States)

ASN15133 (EDGECAST, US)
pfpl-new-cdn.azureedge.net
1    2a00:1450:400c:c0c::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:809::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:820::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    147.75.100.69 (Central, Hong Kong)

ASN54825 (PACKET, US)
PTR: pkt-ams-k2-shared-ingress16
script.hotjar.com
4    2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    147.75.32.99 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
PTR: pkt-ams-k2-shared-ingress12
vars.hotjar.com
Domain Requested by
7 www.placesleisure.org www.placesleisure.org
4 www.facebook.com www.placesleisure.org
4 www.google-analytics.com 1 redirects www.googletagmanager.com
3 connect.facebook.net www.placesleisure.org
connect.facebook.net
1 vars.hotjar.com static.hotjar.com
1 script.hotjar.com static.hotjar.com
1 www.google.de www.placesleisure.org
1 www.google.com 1 redirects
1 stats.g.doubleclick.net 1 redirects
1 pfpl-new-cdn.azureedge.net www.placesleisure.org
1 static.hotjar.com www.googletagmanager.com
1 www.googletagmanager.com www.placesleisure.org
23 12
Subject Issuer Validity Valid
*.placesleisure.org
Go Daddy Secure Certificate Authority - G2		 2019-06-02 -
2020-08-01		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-02-25 -
2020-05-19		 3 months crt.sh
static.hotjar.com
Let's Encrypt Authority X3		 2020-02-03 -
2020-05-03		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2020-03-01 -
2020-05-30		 3 months crt.sh
*.vo.msecnd.net
Microsoft IT TLS CA 2		 2018-03-30 -
2020-03-30		 2 years crt.sh
www.google.de
GTS CA 1O1		 2020-02-25 -
2020-05-19		 3 months crt.sh
script.hotjar.com
Let's Encrypt Authority X3		 2020-02-03 -
2020-05-03		 3 months crt.sh
vars.hotjar.com
Let's Encrypt Authority X3		 2020-02-03 -
2020-05-03		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://www.placesleisure.org/
Frame ID: 12BEA1282BAF1441BD08EB1C79645533
Requests: 22 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Frame ID: 4B84E930FE527EE24508AC7CEE9FBEBD
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
Overall confidence: 100%
Detected patterns
  • script /^\/\/static\.hotjar\.com\/c\/hotjar-/i

Page Statistics

23
Requests

100 %
HTTPS

67 %
IPv6

10
Domains

12
Subdomains

10
IPs

6
Countries

821 kB
Transfer

3022 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11
  • https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1786611746&t=pageview&_s=1&dl=https%3A%2F%2Fwww.placesleisure.org%2F&ul=en-us&de=UTF-8&dt=Home%20%E2%80%93%20Places%20Leisure&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YEBAAEAB~&jid=666456469&gjid=28326809&cid=1927206208.1584375026&tid=UA-17525365-1&_gid=151193161.1584375026&_r=1&gtm=2wg3405V4P7PX&z=47298939 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-17525365-1&cid=1927206208.1584375026&jid=666456469&_gid=151193161.1584375026&gjid=28326809&_v=j81&z=47298939 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-17525365-1&cid=1927206208.1584375026&jid=666456469&_v=j81&z=47298939 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-17525365-1&cid=1927206208.1584375026&jid=666456469&_v=j81&z=47298939&slf_rd=1&random=3404960924

23 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.placesleisure.org/ 		858 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.placesleisure.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
168.63.53.239 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
452edef076746fa9728ecf245547ac71e096e3420b7f1f7c6daf881d4d1bf740
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
www.placesleisure.org
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
document
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document

Response headers

status
200
cache-control
private
content-length
26061
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
set-cookie
__RequestVerificationToken=8sR8LYae6S8ikq0crDw8kZVTlBbn3WvyNS8vrlqL0TGEdXDCltnLsZWYC_Dnbo4QCXrlh5ePT9odvRNfyo8BHSxUj9Q1; path=/; secure; HttpOnly
x-frame-options
SAMEORIGIN
arr-disable-session-affinity
true
date
Mon, 16 Mar 2020 16:10:25 GMT
/
www.placesleisure.org/bundles/styles/global/ 		59 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.placesleisure.org/bundles/styles/global/?v=RRImIvYIrXysQDXVu8KfIr6oLz8B8zJBFlMOjFbj7ck1
Requested by
Host: www.placesleisure.org
URL: https://www.placesleisure.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
168.63.53.239 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
30503d21ec924795995a1cc40fdbab262f91c57c9a3c5df275bf359aac9a8b4e

Request headers

Referer
https://www.placesleisure.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Mon, 16 Mar 2020 16:10:25 GMT
content-encoding
gzip
last-modified
Mon, 16 Mar 2020 16:10:26 GMT
cache-control
public
vary
User-Agent,Accept-Encoding
content-type
text/css; charset=utf-8
status
200
arr-disable-session-affinity
true
content-length
16132
expires
Tue, 16 Mar 2021 16:10:26 GMT
gtm.js
www.googletagmanager.com/ 		99 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5V4P7PX
Requested by
Host: www.placesleisure.org
URL: https://www.placesleisure.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6d73095a9a38873debc442cc4eb04d282fae241a5ee3eb970686a13f9284654f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.placesleisure.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 16 Mar 2020 16:10:26 GMT
content-encoding
br
status
200
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
29435
x-xss-protection
0
last-modified
Mon, 16 Mar 2020 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 16 Mar 2020 16:10:26 GMT
/
www.placesleisure.org/bundles/scripts/global/ 		189 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.placesleisure.org/bundles/scripts/global/?v=HdKI1V6TI68BrWaeG6ZK8wlb3GmmVd52ZffbedjuDEs1
Requested by
Host: www.placesleisure.org
URL: https://www.placesleisure.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
168.63.53.239 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
9f1010cb0210499e2ee4bda073d1a501a1990da193fc3d3293496fdeff0f31ac

Request headers

Referer
https://www.placesleisure.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 16 Mar 2020 16:10:25 GMT
content-encoding
gzip
last-modified
Mon, 16 Mar 2020 16:10:26 GMT
vary
User-Agent,Accept-Encoding
content-type
text/javascript; charset=utf-8
status
200
arr-disable-session-affinity
true
cache-control
public
expires
Tue, 16 Mar 2021 16:10:26 GMT
icon-sprite.svg
www.placesleisure.org/img/ 		21 KB
8 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.placesleisure.org/img/icon-sprite.svg
Requested by
Host: www.placesleisure.org
URL: https://www.placesleisure.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
168.63.53.239 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
3fef427e881e6939f900f50a25b6bbdfdae2479861a6be69500581d30436524f

Request headers

Referer
https://www.placesleisure.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 16 Mar 2020 16:10:25 GMT
content-encoding
gzip
last-modified
Wed, 20 Nov 2019 12:16:34 GMT
etag
"0bd58599c9fd51:0"
vary
Accept-Encoding
content-type
image/svg+xml
status
200
arr-disable-session-affinity
true
accept-ranges
bytes
content-length
7734
hotjar-1036293.js
static.hotjar.com/c/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-1036293.js?sv=5
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5V4P7PX
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.84.39 Parsippany, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
/
Resource Hash
fdf196c95bed27e0666b7790f5debdae6fc3304336b8d97b92a9dd623b438c65
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.placesleisure.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 16 Mar 2020 16:10:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript
section-io-tag
hotjar
age
92
status
200
access-control-max-age
600
section-io-cache
Hit
content-length
1854
x-cache-hit
1
x-frame-options
SAMEORIGIN
etag
W/d0189d6bf06f1049241c0e3c89510504
vary
Accept-Encoding
section-io-origin-status
304
access-control-allow-origin
*
cache-control
max-age=60
section-io-origin-time-seconds
0.080
accept-ranges
bytes
section-io-id
7965c96b9caa5b9ac301b6dea0d06ab8
section-origin-responded
true
analytics.js
www.google-analytics.com/ 		44 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5V4P7PX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.placesleisure.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 06 Feb 2020 00:21:02 GMT
server
Golfe2
age
5511
date
Mon, 16 Mar 2020 14:38:35 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
18174
expires
Mon, 16 Mar 2020 16:38:35 GMT
fbevents.js
connect.facebook.net/en_US/ 		126 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.placesleisure.org
URL: https://www.placesleisure.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.placesleisure.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-27=":443"; ma=3600
content-length
30466
x-xss-protection
0
pragma
public
x-fb-debug
mv8SuDxdfHgxFU4xdFeQeHt/4SOwaar0b0a2nT9JM+RbL0tkNEJrDiaY8Wh9RGyesVJwo63dg54cXGNXRHU2ZQ==
x-fb-trip-id
1850256238
date
Mon, 16 Mar 2020 16:10:26 GMT, Mon, 16 Mar 2020 16:10:26 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
8f5f15c28141e518043b71d4fb2212b5aef9c63d.jpg
pfpl-new-cdn.azureedge.net/8/f/5/f/1/5/ 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pfpl-new-cdn.azureedge.net/8/f/5/f/1/5/8f5f15c28141e518043b71d4fb2212b5aef9c63d.jpg
Requested by
Host: www.placesleisure.org
URL: https://www.placesleisure.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8FF6) /
Resource Hash
99648b3426d3d43246e356bc2b3cf9c26f28ef1089e701104f36f032749b4d65

Request headers

Referer
https://www.placesleisure.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 16 Mar 2020 16:10:26 GMT
content-encoding
gzip
content-md5
n/Jfa5GgyVR5LJziDiL9AA==
age
357763
x-cache
HIT
status
200
content-length
58265
x-ms-lease-status
unlocked
last-modified
Tue, 10 Mar 2020 21:05:40 GMT
server
ECAcc (frc/8FF6)
etag
0x8D7C536C9E80999
vary
Accept-Encoding
x-ms-meta-imageprocessedby
ImageProcessor.Web/4.11.0.152
content-type
image/jpeg
x-ms-request-id
087fd69a-701e-002c-386c-f8a1d1000000
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
expires
Thu, 26 Mar 2020 16:10:26 GMT
PFDinTextStd-Reg.otf
www.placesleisure.org/bundles/styles/fonts/ 		110 KB
111 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.placesleisure.org/bundles/styles/fonts/PFDinTextStd-Reg.otf
Requested by
Host: www.placesleisure.org
URL: https://www.placesleisure.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
168.63.53.239 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b79f11a40eeb6a4851f6a0a21f81f387e16d76e1d69c998bc14553c901cfd57c

Request headers

Referer
https://www.placesleisure.org/bundles/styles/global/?v=RRImIvYIrXysQDXVu8KfIr6oLz8B8zJBFlMOjFbj7ck1
Origin
https://www.placesleisure.org
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 16 Mar 2020 16:10:26 GMT
last-modified
Wed, 20 Nov 2019 12:16:31 GMT
etag
"b55919589c9fd51:0"
content-type
font/otf
status
200
arr-disable-session-affinity
true
accept-ranges
bytes
content-length
112944
Sailec-Medium.otf
www.placesleisure.org/bundles/styles/fonts/ 		41 KB
41 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.placesleisure.org/bundles/styles/fonts/Sailec-Medium.otf
Requested by
Host: www.placesleisure.org
URL: https://www.placesleisure.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
168.63.53.239 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
1c4bd1a283b03a49f7e8336521cfb7161135167419c6f30a901083d78f93a2d8

Request headers

Referer
https://www.placesleisure.org/bundles/styles/global/?v=RRImIvYIrXysQDXVu8KfIr6oLz8B8zJBFlMOjFbj7ck1
Origin
https://www.placesleisure.org
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 16 Mar 2020 16:10:26 GMT
last-modified
Wed, 20 Nov 2019 12:16:32 GMT
etag
"51a527589c9fd51:0"
content-type
font/otf
status
200
arr-disable-session-affinity
true
accept-ranges
bytes
content-length
41764
PFDinTextStd-Medium.otf
www.placesleisure.org/bundles/styles/fonts/ 		115 KB
116 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.placesleisure.org/bundles/styles/fonts/PFDinTextStd-Medium.otf
Requested by
Host: www.placesleisure.org
URL: https://www.placesleisure.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
168.63.53.239 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
924ce52a2d235075810b1493aed1674fd69a018b294c9708dbcae73298d3a3bd

Request headers

Referer
https://www.placesleisure.org/bundles/styles/global/?v=RRImIvYIrXysQDXVu8KfIr6oLz8B8zJBFlMOjFbj7ck1
Origin
https://www.placesleisure.org
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 16 Mar 2020 16:10:26 GMT
last-modified
Wed, 20 Nov 2019 12:16:31 GMT
etag
"129214589c9fd51:0"
content-type
font/otf
status
200
arr-disable-session-affinity
true
accept-ranges
bytes
content-length
118076
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1786611746&t=pageview&_s=1&dl=https%3A%2F%2Fwww.placesleisure.org%2F&ul=en-us&de=UTF-8&dt=Home%20%E2%80%93%20Places%20Leisure&sd=24-bit&sr=16...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-17525365-1&cid=1927206208.1584375026&jid=666456469&_gid=151193161.1584375026&gjid=28326809&_v=j81&z=47298939
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-17525365-1&cid=1927206208.1584375026&jid=666456469&_v=j81&z=47298939
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-17525365-1&cid=1927206208.1584375026&jid=666456469&_v=j81&z=47298939&slf_rd=1&random=3404960924
42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-17525365-1&cid=1927206208.1584375026&jid=666456469&_v=j81&z=47298939&slf_rd=1&random=3404960924
Requested by
Host: www.placesleisure.org
URL: https://www.placesleisure.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.placesleisure.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Mar 2020 16:10:26 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 16 Mar 2020 16:10:26 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-17525365-1&cid=1927206208.1584375026&jid=666456469&_v=j81&z=47298939&slf_rd=1&random=3404960924
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
2563610033655491
connect.facebook.net/signals/config/ 		447 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/2563610033655491?v=2.9.15&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
acb2fad8905b685f2a8156f01be9e74053214d4797d3c1fcbb7a9903f1cc8731
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.placesleisure.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-27=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
IvU7J4tYmskLBNCO2AfSTPU/pQn9jp+nZ+rC3nX5J1lMG9i7uPQtqId85t7XFB65GFIvwAZFAMTdL+38QMg+PA==
x-fb-trip-id
1850256238
date
Mon, 16 Mar 2020 16:10:26 GMT, Mon, 16 Mar 2020 16:10:26 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
modules.4fb2c8f41d571985b5a1.js
script.hotjar.com/ 		405 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.4fb2c8f41d571985b5a1.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1036293.js?sv=5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.100.69 Central, Hong Kong, ASN54825 (PACKET, US),
Reverse DNS
pkt-ams-k2-shared-ingress16
Software
/
Resource Hash
01af78bf1a2fe98efcb2c8a4cf8c318607867799c005468e654bd104013c354b

Request headers

Referer
https://www.placesleisure.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 16 Mar 2020 16:10:24 GMT
content-encoding
br
content-type
application/javascript
age
274178
status
200
section-io-cache
Hit
content-length
74844
last-modified
Fri, 13 Mar 2020 11:57:43 GMT
etag
"d94a3a6748d1d63f2aea4fb25536c3ea"
vary
Accept-Encoding
section-io-origin-status
200
access-control-allow-origin
*
cache-control
max-age=31536000
section-io-origin-time-seconds
0.026
accept-ranges
bytes
section-io-id
196a099018cbd2e8b1cdacce84b56b05
section-origin-responded
true
2378157139065590
connect.facebook.net/signals/config/ 		447 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/2378157139065590?v=2.9.15&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
84c9c370996037fd9ddece4af7027af1c0567138225224813074a1e7773ab993
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.placesleisure.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-27=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
3MJuilFVYiO3Vyki5CDrwx1LfiwtljTpivyDUW/zUFpIDjtzIxpTTDw8Pw4gY8Cq53l+j/ztf8RkcX2T5GMeEQ==
x-fb-trip-id
1850256238
date
Mon, 16 Mar 2020 16:10:26 GMT, Mon, 16 Mar 2020 16:10:26 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
248 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=2563610033655491&ev=PageView&dl=https%3A%2F%2Fwww.placesleisure.org%2F&rl=&if=false&ts=1584375026581&sw=1600&sh=1200&v=2.9.15&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1584375026581.611138843&it=1584375026493&coo=false&rqm=GET
Requested by
Host: www.placesleisure.org
URL: https://www.placesleisure.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.placesleisure.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 16 Mar 2020 16:10:26 GMT, Mon, 16 Mar 2020 16:10:26 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-27=":443"; ma=3600
content-length
44
expires
Mon, 16 Mar 2020 16:10:26 GMT
box-469cf41adb11dc78be68c1ae7f9457a4.html
vars.hotjar.com/ Frame 4B84 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1036293.js?sv=5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.32.99 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
pkt-ams-k2-shared-ingress12
Software
/
Resource Hash

Request headers

:method
GET
:authority
vars.hotjar.com
:scheme
https
:path
/box-469cf41adb11dc78be68c1ae7f9457a4.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://www.placesleisure.org/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://www.placesleisure.org/

Response headers

status
200
date
Mon, 16 Mar 2020 16:10:27 GMT
content-type
text/html
content-length
851
last-modified
Wed, 29 Jan 2020 12:33:12 GMT
etag
"d594f1d4c3e5dbd6b556c60d34e0daea"
cache-control
max-age=31536000
content-encoding
br
section-io-origin-status
200
section-io-origin-time-seconds
0.025
section-origin-responded
true
age
4073648
vary
Accept-Encoding
section-io-cache
Hit
accept-ranges
bytes
section-io-id
92fc78acc2dfabda423f7ecefcfd1d35
/
www.facebook.com/tr/ 		44 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=2378157139065590&ev=PageView&dl=https%3A%2F%2Fwww.placesleisure.org%2F&rl=&if=false&ts=1584375026681&sw=1600&sh=1200&v=2.9.15&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1584375026581.611138843&it=1584375026493&coo=false&rqm=GET
Requested by
Host: www.placesleisure.org
URL: https://www.placesleisure.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.placesleisure.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 16 Mar 2020 16:10:26 GMT, Mon, 16 Mar 2020 16:10:26 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-27=":443"; ma=3600
content-length
44
expires
Mon, 16 Mar 2020 16:10:26 GMT
collect
www.google-analytics.com/ 		35 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j81&a=1786611746&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.placesleisure.org%2F&ul=en-us&de=UTF-8&dt=Home%20%E2%80%93%20Places%20Leisure&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=scroll_depth&ea=scroll&el=25&_u=aEDAAEAB~&jid=&gjid=&cid=1927206208.1584375026&tid=UA-17525365-1&_gid=151193161.1584375026&gtm=2wg3405V4P7PX&z=727420606
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.placesleisure.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Thu, 23 Jan 2020 19:32:49 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
4567057
content-type
image/gif
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
*
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j81&a=1786611746&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.placesleisure.org%2F&ul=en-us&de=UTF-8&dt=Home%20%E2%80%93%20Places%20Leisure&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=scroll_depth&ea=scroll&el=50&_u=aEDAAEAB~&jid=&gjid=&cid=1927206208.1584375026&tid=UA-17525365-1&_gid=151193161.1584375026&gtm=2wg3405V4P7PX&z=20049344
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.placesleisure.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Thu, 23 Jan 2020 19:32:49 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
4567057
content-type
image/gif
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
*
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
247 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=2563610033655491&ev=Microdata&dl=https%3A%2F%2Fwww.placesleisure.org%2F&rl=&if=false&ts=1584375028151&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Home%20%E2%80%93%20Places%20Leisure%22%2C%22meta%3Adescription%22%3A%22%22%2C%22meta%3Akeywords%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.15&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.1.1584375028150.1826488251&it=1584375026493&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.placesleisure.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 16 Mar 2020 16:10:28 GMT, Mon, 16 Mar 2020 16:10:28 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-27=":443"; ma=3600
content-length
44
expires
Mon, 16 Mar 2020 16:10:28 GMT
/
www.facebook.com/tr/ 		44 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=2378157139065590&ev=Microdata&dl=https%3A%2F%2Fwww.placesleisure.org%2F&rl=&if=false&ts=1584375028183&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Home%20%E2%80%93%20Places%20Leisure%22%2C%22meta%3Adescription%22%3A%22%22%2C%22meta%3Akeywords%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.15&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.1.1584375028150.1826488251&it=1584375026493&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.placesleisure.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 16 Mar 2020 16:10:28 GMT, Mon, 16 Mar 2020 16:10:28 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-27=":443"; ma=3600
content-length
44
expires
Mon, 16 Mar 2020 16:10:28 GMT

Verdicts & Comments Add Verdict or Comment

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| dataLayer object| google_tag_manager function| hj object| _hjSettings string| GoogleAnalyticsObject function| ga function| fbq function| _fbq object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| __core-js_shared__ object| core object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill function| FormValidator function| svg4everybody function| onYouTubeIframeAPIReady object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled

0 Cookies

1 Console Messages

Source Level URL
Text
console-api warning URL: https://connect.facebook.net/en_US/fbevents.js(Line 23)
Message:
[Facebook Pixel] - Duplicate Pixel ID: 2378157139065590.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.facebook.net
pfpl-new-cdn.azureedge.net
script.hotjar.com
static.hotjar.com
stats.g.doubleclick.net
vars.hotjar.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.placesleisure.org
147.75.100.69
147.75.32.99
147.75.84.39
168.63.53.239
2606:2800:133:206e:1315:22a5:2006:24fd
2a00:1450:4001:809::2004
2a00:1450:4001:817::2008
2a00:1450:4001:818::200e
2a00:1450:4001:820::2003
2a00:1450:400c:c0c::9a
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
01af78bf1a2fe98efcb2c8a4cf8c318607867799c005468e654bd104013c354b
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1c4bd1a283b03a49f7e8336521cfb7161135167419c6f30a901083d78f93a2d8
30503d21ec924795995a1cc40fdbab262f91c57c9a3c5df275bf359aac9a8b4e
3fef427e881e6939f900f50a25b6bbdfdae2479861a6be69500581d30436524f
452edef076746fa9728ecf245547ac71e096e3420b7f1f7c6daf881d4d1bf740
5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685
6d73095a9a38873debc442cc4eb04d282fae241a5ee3eb970686a13f9284654f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84c9c370996037fd9ddece4af7027af1c0567138225224813074a1e7773ab993
924ce52a2d235075810b1493aed1674fd69a018b294c9708dbcae73298d3a3bd
99648b3426d3d43246e356bc2b3cf9c26f28ef1089e701104f36f032749b4d65
9f1010cb0210499e2ee4bda073d1a501a1990da193fc3d3293496fdeff0f31ac
acb2fad8905b685f2a8156f01be9e74053214d4797d3c1fcbb7a9903f1cc8731
b79f11a40eeb6a4851f6a0a21f81f387e16d76e1d69c998bc14553c901cfd57c
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fdf196c95bed27e0666b7790f5debdae6fc3304336b8d97b92a9dd623b438c65