greenskymotions.net Open in urlscan Pro
185.177.94.152 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.headsuplaunceston.com/
Effective URL:
https://greenskymotions.net/go/mu4genjugq5dcmjrhe3a?sub2=dfastspeed16
Submission: On November 15 via manual (November 15th 2022, 4:10:38 pm UTC) from PH — Scanned from DE

Summary HTTP 78 Redirects Behaviour Indicators

Summary

This website contacted 27 IPs in 6 countries across 23 domains to perform 78 HTTP transactions. The main IP is 185.177.94.152, located in Amsterdam, Netherlands and belongs to ADVANCEDHOSTERS-AS, NL. The main domain is greenskymotions.net. The Cisco Umbrella rank of the primary domain is 706471.
TLS certificate: Issued by R3 on November 14th 2022. Valid for: 3 months.

This is the only time greenskymotions.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
20	162.241.219.89 162.241.219.89	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
2	2606:4700:20:... 2606:4700:20::681a:9df	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
4	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:800::2008	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
2 4	91.211.91.114 91.211.91.114	206638 (HOSTFORY) (HOSTFORY)
1	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c1b::9d	15169 (GOOGLE) (GOOGLE)
1 3	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
1	91.211.91.104 91.211.91.104	206638 (HOSTFORY) (HOSTFORY)
5	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
2 2	104.76.200.221 104.76.200.221	16625 (AKAMAI-AS) (AKAMAI-AS)
4	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
1	34.98.67.61 34.98.67.61	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
2 2	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2a05:d01c:1d8... 2a05:d01c:1d8:8100:3d7c:b3e5:1d0f:44c5	16509 (AMAZON-02) (AMAZON-02)
1	185.177.94.152 185.177.94.152	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
78	27

20 162.241.219.89 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: box5630.bluehost.com

www.headsuplaunceston.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:9df (United States)

ASN13335 (CLOUDFLARENET, US)

pxgcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 91.211.91.114 (Ukraine) 2 redirects

ASN206638 (HOSTFORY, UA)

main.weatherplllatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
go.weatherplllatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c1b::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.211.91.104 (Ukraine)

ASN206638 (HOSTFORY, UA)

away.cdnbestplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.76.200.221 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-76-200-221.deploy.static.akamaitechnologies.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.61 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.78 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d01c:1d8:8100:3d7c:b3e5:1d0f:44c5 (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.177.94.152 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
PTR: ip-185-177-94-152.ah-server.com

greenskymotions.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	headsuplaunceston.com www.headsuplaunceston.com	1011 KB
11	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 stats.g.doubleclick.net — Cisco Umbrella Rank: 78 cm.g.doubleclick.net — Cisco Umbrella Rank: 203	41 KB
10	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 101 tpc.googlesyndication.com — Cisco Umbrella Rank: 136	369 KB
6	google.com 1 redirects maps.google.com — Cisco Umbrella Rank: 1975 adservice.google.com — Cisco Umbrella Rank: 72 www.google.com — Cisco Umbrella Rank: 2	54 KB
4	gstatic.com fonts.gstatic.com	47 KB
4	weatherplllatform.com 2 redirects main.weatherplllatform.com go.weatherplllatform.com	2 KB
4	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 201	27 KB
3	google.de adservice.google.de — Cisco Umbrella Rank: 8709 www.google.de — Cisco Umbrella Rank: 5922	1 KB
2	pubmatic.com 2 redirects image6.pubmatic.com — Cisco Umbrella Rank: 662	1 KB
2	addthis.com 2 redirects e.dlx.addthis.com — Cisco Umbrella Rank: 1487	1 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 36	20 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 43 maps.googleapis.com — Cisco Umbrella Rank: 364	2 KB
2	pxgcdn.com pxgcdn.com — Cisco Umbrella Rank: 123549	20 KB
1	greenskymotions.net greenskymotions.net — Cisco Umbrella Rank: 706471 Failed 0.greenskymotions.net Failed	18 KB
1	innovid.com ag.innovid.com — Cisco Umbrella Rank: 1472	296 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 307	461 B
1	openx.net rtb.openx.net — Cisco Umbrella Rank: 1473	351 B
1	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 929	356 B
1	rlcdn.com id.rlcdn.com — Cisco Umbrella Rank: 540	98 B
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 185	48 KB
1	cdnbestplatform.com away.cdnbestplatform.com — Cisco Umbrella Rank: 409716	552 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 860	704 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 53	43 KB
78	23

	Domain	Requested by
20	www.headsuplaunceston.com	www.headsuplaunceston.com
6	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
5	tpc.googlesyndication.com	googleads.g.doubleclick.net
5	pagead2.googlesyndication.com	www.headsuplaunceston.com pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
4	cm.g.doubleclick.net	googleads.g.doubleclick.net
4	fonts.gstatic.com	fonts.googleapis.com
4	cdnjs.cloudflare.com	www.headsuplaunceston.com
3	go.weatherplllatform.com	2 redirects main.weatherplllatform.com go.weatherplllatform.com
3	www.google.com	1 redirects www.headsuplaunceston.com googleads.g.doubleclick.net
2	image6.pubmatic.com	2 redirects
2	e.dlx.addthis.com	2 redirects
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	pxgcdn.com	www.headsuplaunceston.com pxgcdn.com
1	greenskymotions.net	away.cdnbestplatform.com
1	ag.innovid.com	googleads.g.doubleclick.net
1	pixel.rubiconproject.com	1 redirects
1	rtb.openx.net	googleads.g.doubleclick.net
1	odr.mookie1.com	googleads.g.doubleclick.net
1	id.rlcdn.com	googleads.g.doubleclick.net
1	www.googletagservices.com	googleads.g.doubleclick.net
1	away.cdnbestplatform.com	go.weatherplllatform.com
1	maps.googleapis.com	maps.google.com
1	www.google.de	www.headsuplaunceston.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	maps.google.com	www.headsuplaunceston.com
1	main.weatherplllatform.com	www.headsuplaunceston.com
1	www.googletagmanager.com	www.headsuplaunceston.com
1	fonts.googleapis.com	www.headsuplaunceston.com
0	0.greenskymotions.net Failed	www.headsuplaunceston.com
78	32

This site contains no links.

Subject Issuer	Validity	Valid
webmail.headsuplaunceston.com R3	`2022-10-20` - `2023-01-18`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-16` - `2023-05-16`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
main.weatherplllatform.com R3	`2022-10-17` - `2023-01-15`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
go.weatherplllatform.com R3	`2022-09-25` - `2022-12-24`	3 months	crt.sh
away.cdnbestplatform.com R3	`2022-10-27` - `2023-01-25`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-24` - `2023-03-27`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.innovid.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-15` - `2023-04-15`	a year	crt.sh
greenskymotions.com R3	`2022-11-14` - `2023-02-12`	3 months	crt.sh

This page contains 7 frames:

Frame: https://0.greenskymotions.net/index.php?p=mu4genjugq5dcmjrhe3a&sub2=dfastspeed16
Frame ID: 6A3D90D82585E358580A63955D8AC5D4
Requests: 54 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
Frame ID: C2358D69332865A82954F67F75F7F546
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9982481797161433&output=html&adk=1812271804&adf=3025194257&lmt=1668528634&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fwww.headsuplaunceston.com%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668528633907&bpp=4&bdt=1060&idt=270&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2343935915971&frm=20&pv=2&ga_vid=1948568915.1668528634&ga_sid=1668528634&ga_hid=1810714727&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705&oid=2&pvsid=2838728575467031&tmod=149499881&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=33792&bc=31&ifi=1&uci=a!1&fsb=1&dtd=302
Frame ID: D998CBB897EF546E0E35E98206E8A6C7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9982481797161433&output=html&h=280&slotname=3236614501&adk=599970859&adf=3965145565&pi=t.ma~as.3236614501&w=1000&fwrn=4&fwrnh=100&lmt=1668528634&rafmt=1&format=1000x280&url=https%3A%2F%2Fwww.headsuplaunceston.com%2F&host=ca-host-pub-2644536267352236&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668528634562&bpp=20&bdt=1715&idt=20&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcc60ebf6e431d1ac-22943fa7b6ce0050%3AT%3D1668528634%3ART%3D1668528634%3AS%3DALNI_MbNvcDhQKx67hAYI7jdmMeaYYEx6A&gpic=UID%3D00000b81a7f6bf1a%3AT%3D1668528634%3ART%3D1668528634%3AS%3DALNI_MYpPxPDbCdvMrXKvTHa3kAdnb8Xqg&prev_fmts=0x0&nras=1&correlator=2343935915971&frm=20&pv=1&ga_vid=1948568915.1668528634&ga_sid=1668528634&ga_hid=1810714727&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=2822&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705&oid=2&pvsid=2838728575467031&tmod=149499881&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=09zXAnCHsD&p=https%3A//www.headsuplaunceston.com&dtd=29
Frame ID: 48F218F8473CE9DD8BC64323FE1AF238
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 78BFFF5E06B87CAA1FF804D7778E9BA0
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 4FE02A9E35FEED563A61A30500D6DE4B
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js
Frame ID: CCD24C0EE37E8453637DAC8E00AC1B49
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Überprüfen Ihren Browser

Page URL History Show full URLs

https://www.headsuplaunceston.com/ Page URL
https://go.weatherplllatform.com/fly.php?t=ZGZsa3lqaHNnZGY= HTTP 302
https://go.weatherplllatform.com/track.php?tid=54889&lid=9554-66-457679-29 HTTP 302
https://away.cdnbestplatform.com/go.php?id=11134985467-34-56736-11 Page URL
https://greenskymotions.net/go/mu4genjugq5dcmjrhe3a?sub2=dfastspeed16 Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

78
Requests

91 %
HTTPS

62 %
IPv6

23
Domains

32
Subdomains

27
IPs

6
Countries

1705 kB
Transfer

3584 kB
Size

20
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.headsuplaunceston.com/ Page URL
https://go.weatherplllatform.com/fly.php?t=ZGZsa3lqaHNnZGY= HTTP 302
https://go.weatherplllatform.com/track.php?tid=54889&lid=9554-66-457679-29 HTTP 302
https://away.cdnbestplatform.com/go.php?id=11134985467-34-56736-11 Page URL
https://greenskymotions.net/go/mu4genjugq5dcmjrhe3a?sub2=dfastspeed16 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 53

https://go.weatherplllatform.com/fly.php?t=ZGZsa3lqaHNnZGY= HTTP 302
https://go.weatherplllatform.com/track.php?tid=54889&lid=9554-66-457679-29 HTTP 302
https://away.cdnbestplatform.com/go.php?id=11134985467-34-56736-11

Request Chain 66

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DASkJ3FZZXXMeitaGh2xYGeCUo6H1fDAYXgqbRR3DPKOaDDkpmG8BIIMr7j_hep5X4LXBPsi_9q69C3pxZGg5iqKbXvoI51YDxU6Q&google_gid=CAESEGPPEBLEnXk81w2KpY1BUwY&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DASkJ3FZZXXMeitaGh2xYGeCUo6H1fDAYXgqbRR3DPKOaDDkpmG8BIIMr7j_hep5X4LXBPsi_9q69C3pxZGg5iqKbXvoI51YDxU6Q&google_gid=CAESEGPPEBLEnXk81w2KpY1BUwY&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjExMTUxNjEwMzYwMDAxMzM5MzY1Nzc5MQ%3D%3D&google_push=ASkJ3FZZXXMeitaGh2xYGeCUo6H1fDAYXgqbRR3DPKOaDDkpmG8BIIMr7j_hep5X4LXBPsi_9q69C3pxZGg5iqKbXvoI51YDxU6Q

Request Chain 69

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEIXFDPkWLijfJZ7iERAK2co&google_cver=1&google_push=ASkJ3FZCCbGquZPZ5Hbu8dG3Ot2DvXcvRZ13OHgOMjESer7vCZr4CnXVW-5-a1LfT_x9V9bFiqJAcG4e9GhXCVflF1bShNilQmE HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEIXFDPkWLijfJZ7iERAK2co&google_cver=1&google_push=ASkJ3FZCCbGquZPZ5Hbu8dG3Ot2DvXcvRZ13OHgOMjESer7vCZr4CnXVW-5-a1LfT_x9V9bFiqJAcG4e9GhXCVflF1bShNilQmE&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ws8_tAEuRhWgyw2rNLf4DQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FZCCbGquZPZ5Hbu8dG3Ot2DvXcvRZ13OHgOMjESer7vCZr4CnXVW-5-a1LfT_x9V9bFiqJAcG4e9GhXCVflF1bShNilQmE

Request Chain 70

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOo1aMjL9txpye7naD4NJug&google_cver=1&google_push=ASkJ3FbymF5sdy5V3SohMZspIZE4-elm15KQHJtqhpn-aPHo6hc7RPup_SX7tmWHTAuD1i4ElXRpfYbu5uzYRTDVYx8uee3JFt05 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFJRVZCRlotMTQtOVVFOA==&google_push=ASkJ3FbymF5sdy5V3SohMZspIZE4-elm15KQHJtqhpn-aPHo6hc7RPup_SX7tmWHTAuD1i4ElXRpfYbu5uzYRTDVYx8uee3JFt05

Request Chain 73

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

78 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
www.headsuplaunceston.com/ 224 KB
78 KB 4502ms
3965ms Document
text/html 162.241.219.89
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.headsuplaunceston.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.219.89 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5630.bluehost.com
Software: Apache /
Resource Hash: 58b806f2587e111d360ab05b495cd7d92729da336f15a811a5ba83a2780004c1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 15 Nov 2022 16:10:28 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
server: Apache
vary: Accept-Encoding

GET
H2 200 stylesheet.css
pxgcdn.com/fonts/league-spartan/ 249 B
732 B 108ms
47ms Stylesheet
text/css 2606:4700:20::681a:9df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pxgcdn.com/fonts/league-spartan/stylesheet.css
Requested by: Host: www.headsuplaunceston.com
URL: https://www.headsuplaunceston.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 50c664149e71bc6bb22e1a950faeba73cbe20676d338b203450a2665e3b64a1d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.headsuplaunceston.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 16:10:32 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7220817
pragma: public
last-modified: Mon, 15 Jun 2020 11:26:48 GMT
server: cloudflare
etag: W/"5ee75af8-f9"
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M0%2FZoUubrC01%2Ba6W2JieIa%2FpM4x5sO%2FEEeU0UfcJUO1Rlk3%2BuCcgU1fj4cgcK%2BXKPyM3gfd9A0qYyyVeJhhOzmvlkpySBlIIo2ligaCOH56v5hIW%2B3be7V81gjKsjebQsM4K%2FcECQEo%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate
cf-ray: 76a941f3ba47699b-FRA
access-control-allow-headers: *
expires: Wed, 12 Oct 2022 06:03:29 GMT

GET
H2 200 css2
fonts.googleapis.com/ 26 KB
2 KB 173ms
64ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&family=Lato:ital,wght@0,100;0,300;0,400;0,700;0,900;1,100;1,300;1,400;1,700;1,900&display=swap

Requested by

Host: www.headsuplaunceston.com
URL: https://www.headsuplaunceston.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

11a2dda2fbca969359a1f46ac3f0b4b5dd58c426957041d01afc57dcb885dbea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.headsuplaunceston.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 15 Nov 2022 16:10:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 15 Nov 2022 16:10:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 15 Nov 2022 16:10:32 GMT

GET
H2 200 7u2y0.css
www.headsuplaunceston.com/wp-content/cache/wpfc-minified/qh9400uw/ 87 KB
16 KB 432ms
429ms Stylesheet
text/css 162.241.219.89
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.headsuplaunceston.com/wp-content/cache/wpfc-minified/qh9400uw/7u2y0.css
Requested by: Host: www.headsuplaunceston.com
URL: https://www.headsuplaunceston.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.219.89 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5630.bluehost.com
Software: Apache /
Resource Hash: 595c8179e94fddabd1598615229afa5ef273638874474dace749f2a9971074b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.headsuplaunceston.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 16:10:33 GMT
content-encoding: gzip
last-modified: Wed, 02 Nov 2022 21:40:08 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=10368000
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 16541
expires: max-age=A10368000, public

GET
H2 200 7mvic.css
www.headsuplaunceston.com/wp-content/cache/wpfc-minified/d67u7381/ 182 B
283 B 307ms
305ms Stylesheet
text/css 162.241.219.89
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.headsuplaunceston.com/wp-content/cache/wpfc-minified/d67u7381/7mvic.css
Requested by: Host: www.headsuplaunceston.com
URL: https://www.headsuplaunceston.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.219.89 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5630.bluehost.com
Software: Apache /
Resource Hash: 69dd7e44643848d2ed6b9305ddc0a6246c22c397b5ac20d4101b6a558f4e35bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.headsuplaunceston.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 16:10:33 GMT
content-encoding: gzip
last-modified: Mon, 14 Nov 2022 05:19:50 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=10368000
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 158
expires: max-age=A10368000, public

GET
H2 200 7u2y0.css
www.headsuplaunceston.com/wp-content/cache/wpfc-minified/9kuli8t0/ 138 KB
31 KB 433ms
431ms Stylesheet
text/css 162.241.219.89
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.headsuplaunceston.com/wp-content/cache/wpfc-minified/9kuli8t0/7u2y0.css
Requested by: Host: www.headsuplaunceston.com
URL: https://www.headsuplaunceston.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.219.89 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5630.bluehost.com
Software: Apache /
Resource Hash: e90a8a0eb68da243e4982db067b61c2bbbbcd0832c393784669498175cbe6ddc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.headsuplaunceston.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 16:10:33 GMT
content-encoding: gzip
last-modified: Wed, 02 Nov 2022 21:40:08 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=10368000
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
expires: max-age=A10368000, public

GET
H2 200 select2.min.css
cdnjs.cloudflare.com/ajax/libs/select2/4.0.5/css/ 15 KB
2 KB 40ms
19ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/select2/4.0.5/css/select2.min.css

Requested by

Host: www.headsuplaunceston.com
URL: https://www.headsuplaunceston.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c493991dfa712d1fee861d41c18152e5f8663807484506a23ae97917f6fbbf7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.headsuplaunceston.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 16:10:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 430376
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1624
last-modified: Mon, 04 May 2020 16:16:11 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fcb-3b5c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S8LsAEF1Ni2P8xNUjVIDanB5r8Ro5zydflOYjGirbVUSaJOhK9wpEQzUPNOj%2BP8KXCevzwO7vl57Zb7Q9F5tI7kFU3O3TI4vTA96OxzVtur7bwjSt5pkAJgzlQjO4Wr1H%2FhW6Q5A0gK3UQbbWwL%2F13h9"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 76a941f378b19090-FRA
expires: Sun, 05 Nov 2023 16:10:32 GMT

GET
H2 200 7u2y0.css
www.headsuplaunceston.com/wp-content/cache/wpfc-minified/g1j289ao/ 432 KB
103 KB 434ms
432ms Stylesheet
text/css 162.241.219.89
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.headsuplaunceston.com/wp-content/cache/wpfc-minified/g1j289ao/7u2y0.css
Requested by: Host: www.headsuplaunceston.com
URL: https://www.headsuplaunceston.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.219.89 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5630.bluehost.com
Software: Apache /
Resource Hash: 101ec714713d5dfd72dcc0a3fd034b10eecc969af1f9dd4c5cded1850617ea8e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.headsuplaunceston.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 16:10:33 GMT
content-encoding: gzip
last-modified: Wed, 02 Nov 2022 21:40:08 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=10368000
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
expires: max-age=A10368000, public

GET
H2 200 7u2y0.js Show response
www.headsuplaunceston.com/wp-content/cache/wpfc-minified/3385mulx/ 99 KB
43 KB 433ms
431ms Script
application/javascript 162.241.219.89
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.headsuplaunceston.com/wp-content/cache/wpfc-minified/3385mulx/7u2y0.js
Requested by: Host: www.headsuplaunceston.com
URL: https://www.headsuplaunceston.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.219.89 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5630.bluehost.com
Software: Apache /
Resource Hash: aae07dd164641d37bdc8eab830e000cb8a51eb8b976c9b4250e3ab0ddd1a4252

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.headsuplaunceston.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 16:10:33 GMT
content-encoding: gzip
last-modified: Wed, 02 Nov 2022 21:40:08 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=10368000
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
expires: max-age=A10368000, public

GET
H2 200 TweenLite.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/1.18.5/ 27 KB
9 KB 42ms
22ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/1.18.5/TweenLite.min.js?ver=6.1

Requested by

Host: www.headsuplaunceston.com
URL: https://www.headsuplaunceston.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

15ff1b3821afd681d5c405d980a27e80997c0f1bca41ab01bb23533d75606df5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.headsuplaunceston.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 16:10:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 14407466
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8700
last-modified: Mon, 04 May 2020 16:10:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e71-6a69"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DqKMECjxRhAU72v07Z7hq30R8%2Bhb0X8CAHEpXSZyIbQqLZtOuR7xGbKrPBDrR9IrTPCc88%2BfV5hBL03H7ChB1ibZzMkyX16EwbjE97tP%2FEKyn6ikJ9abl8hRFuen0XfBiqMWE0a%2BjfZatPIUGTldA%2FdR"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 76a941f378b29090-FRA
expires: Sun, 05 Nov 2023 16:10:32 GMT

GET
H2 200 ScrollToPlugin.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/1.18.5/plugins/ 2 KB
1 KB 44ms
24ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/1.18.5/plugins/ScrollToPlugin.min.js?ver=6.1

Requested by

Host: www.headsuplaunceston.com
URL: https://www.headsuplaunceston.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

806548b84857dbb3a3243a0d7c0aedc2afd647bf96b48de90985df9591ca4a4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.headsuplaunceston.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 16:10:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 342230
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 934
last-modified: Mon, 04 May 2020 16:10:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e71-9fd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P1eSNdtQ%2BTb%2BeHyOnMDAnnURMtkLhQ4AR8pnLoLQcKP6TXwPASxF4PMll9Go6SEQwiQt9ojAVZcPziILLF9oESrMvBk0G7Zek2xvoPW8%2Fndg7FlFybbAXGNm4oss9v9d%2F72YQ1Owpvqbmd%2BpWTbvoPs1"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 76a941f378b39090-FRA
expires: Sun, 05 Nov 2023 16:10:32 GMT

GET
H2 200 CSSPlugin.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/1.18.5/plugins/ 40 KB
14 KB 37ms
17ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/1.18.5/plugins/CSSPlugin.min.js?ver=6.1

Requested by

Host: www.headsuplaunceston.com
URL: https://www.headsuplaunceston.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b5cc45eb6a71ddfc1e8c5f7a20b48120cfceded9a987af10113699cc8cc0aa8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.headsuplaunceston.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 16:10:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 5866531
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14131
last-modified: Mon, 04 May 2020 16:10:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e71-9e97"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tS6B62%2BFvVrVIxqeWaOyv6tT79riEqaCUOEXtARaKOpFuVsQGLsp6WHY%2FHUmkCnRhjPchRz9wIYOAGkOefIvGqGAWL5mBNJ79Pm%2B7%2Bueq4iAZOLQIvAtiOZbqjoF%2F%2BlYof9JtJks%2FhGRrFaaJQl3lQwI"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 76a941f378b69090-FRA
expires: Sun, 05 Nov 2023 16:10:32 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 109 KB
43 KB 258ms
67ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-54310597-1

Requested by

Host: www.headsuplaunceston.com
URL: https://www.headsuplaunceston.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fca0297a31866c0358aba5efc475901ca4da77f91d44a13653f77d3edfe4bccd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.headsuplaunceston.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 16:10:33 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43725
x-xss-protection: 0
last-modified: Tue, 15 Nov 2022 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 15 Nov 2022 16:10:33 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 166 KB
54 KB 346ms
156ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9982481797161433

Requested by

Host: www.headsuplaunceston.com
URL: https://www.headsuplaunceston.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f24f511fea7bfb7117fbf24d8ee9135385be9a52633490feaa6f0a4426f82c16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.headsuplaunceston.com/
Origin: https://www.headsuplaunceston.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 16:10:33 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54972
x-xss-protection: 0
server: cafe
etag: 11206035951790551642
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 15 Nov 2022 16:10:33 GMT

GET
H2 200 wp-emoji-release.min.js Show response
www.headsuplaunceston.com/wp-includes/js/ 18 KB
5 KB 157ms
156ms Script
application/javascript 162.241.219.89
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.headsuplaunceston.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1
Requested by: Host: www.headsuplaunceston.com
URL: https://www.headsuplaunceston.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.219.89 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5630.bluehost.com
Software: Apache /
Resource Hash: 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.headsuplaunceston.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 16:10:33 GMT
content-encoding: gzip
last-modified: Mon, 12 Sep 2022 08:47:29 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=10368000
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 5321
expires: max-age=A10368000, public

GET
H2 200 cropped-GoDaddyStudioPage-0-33-e1664968544706.png
www.headsuplaunceston.com/wp-content/uploads/2022/10/ 71 KB
72 KB 153ms
152ms Image
image/png 162.241.219.89
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.headsuplaunceston.com/wp-content/uploads/2022/10/cropped-GoDaddyStudioPage-0-33-e1664968544706.png
Requested by: Host: www.headsuplaunceston.com
URL: https://www.headsuplaunceston.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.219.89 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5630.bluehost.com
Software: Apache /
Resource Hash: 73f81698cf7954a3706833c84dbb9f94909f48b290fff5b263b3e95aed343e45

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.headsuplaunceston.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 16:10:33 GMT
last-modified: Wed, 05 Oct 2022 11:15:44 GMT
server: Apache
content-type: image/png
cache-control: max-age=10368000
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 72659
expires: max-age=A10368000, public

GET
H2 200 webcdn.js Show response
main.weatherplllatform.com/ 3 KB
1 KB 1124ms
159ms Script
application/javascript 91.211.91.114
HOSTFORY

General

Check archive.org

Show headers Download Go to

Full URL

https://main.weatherplllatform.com/webcdn.js?v=5.3.5

Requested by

Host: www.headsuplaunceston.com
URL: https://www.headsuplaunceston.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.211.91.114 , Ukraine, ASN206638 (HOSTFORY, UA),

Reverse DNS

Software

nginx /

Resource Hash

97ace9f2b3e1ab15b911363a273a2b807d10089c39603e1327616d36535ed8fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.headsuplaunceston.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 16:10:34 GMT
strict-transport-security: max-age=15768000;
content-encoding: gzip
last-modified: Thu, 20 Oct 2022 16:08:04 GMT
server: nginx
etag: W/"63517264-d0c"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 166 KB
54 KB 343ms
153ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.headsuplaunceston.com
URL: https://www.headsuplaunceston.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

416f8b6ef6161d9470d02a0e239a63e94b490a46c5d1404bff6c516553b4cb00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.headsuplaunceston.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 16:10:33 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54994
x-xss-protection: 0
server: cafe
etag: 16180832822970072767
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 15 Nov 2022 16:10:33 GMT

GET
H2 200 jquery.scrollUp.min.js Show response
www.headsuplaunceston.com/wp-content/plugins/smooth-scroll-up/js/ 2 KB
1 KB 170ms
170ms Script
application/javascript 162.241.219.89
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.headsuplaunceston.com/wp-content/plugins/smooth-scroll-up/js/jquery.scrollUp.min.js?ver=6.1
Requested by: Host: www.headsuplaunceston.com
URL: https://www.headsuplaunceston.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.219.89 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5630.bluehost.com
Software: Apache /
Resource Hash: ad07769358e416660ab17cc9b37f55a2c7ef68ae65fd1b710eb9e57973daff16

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.headsuplaunceston.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 16:10:33 GMT
content-encoding: gzip
last-modified: Sun, 28 Feb 2021 02:37:24 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=10368000
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 988
expires: max-age=A10368000, public

GET
H2 200 js Show response
maps.google.com/maps/api/ 160 KB
53 KB 335ms
143ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.google.com/maps/api/js?v=3.exp&key=AIzaSyDpXzw3nOjPX3OCA5Ufr603SxdOI40BGRU

Requested by

Host: www.headsuplaunceston.com
URL: https://www.headsuplaunceston.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

e4bbaab31cde20d4aadff1f89a67335e4910b0b44e43edcb1109fedb9e91fac2

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.headsuplaunceston.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 16:10:33 GMT
content-encoding: gzip
server: mafe
vary: Accept-Language
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=22
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53765
x-xss-protection: 0
expires: Tue, 15 Nov 2022 16:40:33 GMT

GET
H2 200 chosen.jquery.min.js Show response
www.headsuplaunceston.com/wp-content/plugins/wp-job-manager/assets/lib/jquery-chosen/ 27 KB
9 KB 160ms
158ms Script
application/javascript 162.241.219.89
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.headsuplaunceston.com/wp-content/plugins/wp-job-manager/assets/lib/jquery-chosen/chosen.jquery.min.js?ver=1.1.0
Requested by: Host: www.headsuplaunceston.com
URL: https://www.headsuplaunceston.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.219.89 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5630.bluehost.com
Software: Apache /
Resource Hash: 7662ec8d21c24b77d07b280c79033b8f939f16a338d6a48e2e7436e9e0dc004a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.headsuplaunceston.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 16:10:33 GMT
content-encoding: gzip
last-modified: Mon, 31 Oct 2022 07:25:18 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=10368000
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 8604
expires: max-age=A10368000, public

GET
H2 200 main.min.js Show response
www.headsuplaunceston.com/wp-content/themes/listable/assets/js/ 166 KB
63 KB 172ms
170ms Script
application/javascript 162.241.219.89
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.headsuplaunceston.com/wp-content/themes/listable/assets/js/main.min.js?ver=1.15.6
Requested by: Host: www.headsuplaunceston.com
URL: https://www.headsuplaunceston.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.219.89 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5630.bluehost.com
Software: Apache /
Resource Hash: 6925e69bf8aa5fae24b9117272bc36d6ea4ee13452fbbe5573c64e69d3608ad2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.headsuplaunceston.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 16:10:33 GMT
content-encoding: gzip
last-modified: Mon, 29 Aug 2022 03:32:08 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=10368000
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
expires: max-age=A10368000, public

GET
H2 200 sassy-social-share-public.js Show response
www.headsuplaunceston.com/wp-content/plugins/sassy-social-share/public/js/ 117 KB
52 KB 169ms
167ms Script
application/javascript 162.241.219.89
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.headsuplaunceston.com/wp-content/plugins/sassy-social-share/public/js/sassy-social-share-public.js?ver=3.3.43
Requested by: Host: www.headsuplaunceston.com
URL: https://www.headsuplaunceston.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.219.89 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5630.bluehost.com
Software: Apache /
Resource Hash: 79066a1d9ef05bd56eed607049321dfdd5ba5587541268b06616dbd09b1f1549

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.headsuplaunceston.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 16:10:33 GMT
content-encoding: gzip
last-modified: Sun, 23 Oct 2022 11:56:25 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=10368000
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
expires: max-age=A10368000, public

GET
H2 200 mudbar-seaport.jpg
www.headsuplaunceston.com/wp-content/uploads/2015/12/ 65 KB
65 KB 151ms
151ms Image
image/jpeg 162.241.219.89
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.headsuplaunceston.com/wp-content/uploads/2015/12/mudbar-seaport.jpg
Requested by: Host: www.headsuplaunceston.com
URL: https://www.headsuplaunceston.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.219.89 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5630.bluehost.com
Software: Apache /
Resource Hash: f10beee1e3723ab168e63b64b406cc0fa16718449df548ce12d0fb1517ae0a7d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.headsuplaunceston.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 16:10:33 GMT
last-modified: Fri, 21 Dec 2018 06:45:33 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=10368000
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 66086
expires: max-age=A10368000, public

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
24 KB 228ms
53ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&family=Lato:ital,wght@0,100;0,300;0,400;0,700;0,900;1,100;1,300;1,400;1,700;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.headsuplaunceston.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 17:07:14 GMT
x-content-type-options: nosniff
age: 601399
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Nov 2023 17:07:14 GMT

GET
H2 200 arrow-curved.svg
www.headsuplaunceston.com/wp-content/themes/listable/assets/svg/ 1 KB
709 B 152ms
150ms Image
image/svg+xml 162.241.219.89
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.headsuplaunceston.com/wp-content/themes/listable/assets/svg/arrow-curved.svg
Requested by: Host: www.headsuplaunceston.com
URL: https://www.headsuplaunceston.com/wp-content/cache/wpfc-minified/g1j289ao/7u2y0.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.219.89 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5630.bluehost.com
Software: Apache /
Resource Hash: 9e297fabbad29de04fa4815c745fd37be29867f1bf540d96adad3e18ff213938

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.headsuplaunceston.com/wp-content/cache/wpfc-minified/g1j289ao/7u2y0.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 16:10:33 GMT
content-encoding: gzip
last-modified: Mon, 29 Aug 2022 03:32:08 GMT
server: Apache
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=10368000
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 662
expires: max-age=A10368000, public

GET
H2 200 leaguespartan-bold-webfont.woff2
pxgcdn.com/fonts/league-spartan/ 19 KB
20 KB 188ms
161ms Font
application/font-woff2 2606:4700:20::681a:9df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pxgcdn.com/fonts/league-spartan/leaguespartan-bold-webfont.woff2
Requested by: Host: pxgcdn.com
URL: https://pxgcdn.com/fonts/league-spartan/stylesheet.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c3141b534a85ac2a6699ab0cb05163180e28b41a53c7bffdf410adf830f67308

Request headers

Referer: https://pxgcdn.com/fonts/league-spartan/stylesheet.css
Origin: https://www.headsuplaunceston.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 16:10:33 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 19512
pragma: public
last-modified: Tue, 24 Sep 2019 13:55:34 GMT
server: cloudflare
etag: "5d8a2056-4c38"
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
content-type: application/font-woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SZCaEE5Q0jmDF6YdSmYbnuFZObqbZVAnq2Q4P%2B9LHqiV41j%2BArerd2lGL2VCvgGWyZ%2B1eCh%2FisjwX%2Bn8h2nhJoVXemyEbDHBLnNy3DsZ6N3iu0pDOv8ee8TgmZr1hzXG22dyAO%2BFdwg%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 76a941f78e238ff8-FRA
access-control-allow-headers: *
expires: Tue, 14 Nov 2023 05:11:29 GMT

GET
H2 200 pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 275ms
106ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.headsuplaunceston.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:09:49 GMT
x-content-type-options: nosniff
age: 61244
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7840
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:51:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 14 Nov 2023 23:09:49 GMT

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 278ms
110ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.headsuplaunceston.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 19:24:53 GMT
x-content-type-options: nosniff
age: 506740
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7884
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Nov 2023 19:24:53 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 182ms
51ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-54310597-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.headsuplaunceston.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 15 Nov 2022 15:24:49 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 2744
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Tue, 15 Nov 2022 17:24:49 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/ 355 KB
117 KB 132ms
131ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9982481797161433&plah=www.headsuplaunceston.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9982481797161433

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c9ecfdea408321a7f5dcad4dfd4df6affcd077826566568cdd78a8a673cde15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.headsuplaunceston.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 16:10:33 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119607
x-xss-protection: 0
server: cafe
etag: 7743882904405439809
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 15 Nov 2022 16:10:33 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/ Frame C235 10 KB
5 KB 231ms
51ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9982481797161433

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.headsuplaunceston.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 6492
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 15 Nov 2022 14:22:22 GMT
etag: 10353107486223812946
expires: Tue, 29 Nov 2022 14:22:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 165ms
58ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&aip=1&a=1810714727&t=pageview&_s=1&dl=https%3A%2F%2Fwww.headsuplaunceston.com%2F&ul=en-us&de=UTF-8&dt=LAUNCESTON%20DINING%20%7C%20CAF%C3%89S%20%7C%20PUBS%20%C2%BB%20Heads%20Up%20Food%20Guide&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACUABBAAAACAAI~&jid=1348447031&gjid=1800014753&cid=1948568915.1668528634&tid=UA-54310597-1&_gid=738601396.1668528634&_r=1&gtm=2oub90&did=dZTNiMT&gdid=dZTNiMT&z=1980304652

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.headsuplaunceston.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 15 Nov 2022 16:10:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.headsuplaunceston.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 409 B
704 B 177ms
59ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.headsuplaunceston.com&callback=_gfp_s_&client=ca-pub-9982481797161433&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9982481797161433&plah=www.headsuplaunceston.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1cdeec85bb6f59d4d8270da3fa44567649a6334042ec4df887f3dd01e744423a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.headsuplaunceston.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 16:10:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 259
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 191ms
60ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.headsuplaunceston.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.headsuplaunceston.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 16:10:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 174ms
58ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.headsuplaunceston.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.headsuplaunceston.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 16:10:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D998 0
19 B 275ms
170ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9982481797161433&output=html&adk=1812271804&adf=3025194257&lmt=1668528634&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fwww.headsuplaunceston.com%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668528633907&bpp=4&bdt=1060&idt=270&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2343935915971&frm=20&pv=2&ga_vid=1948568915.1668528634&ga_sid=1668528634&ga_hid=1810714727&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705&oid=2&pvsid=2838728575467031&tmod=149499881&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=33792&bc=31&ifi=1&uci=a!1&fsb=1&dtd=302

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.headsuplaunceston.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 15 Nov 2022 16:10:34 GMT
expires: Tue, 15 Nov 2022 16:10:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
449 B 57ms
19ms XHR
text/plain 2a00:1450:400c:c1b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-54310597-1&cid=1948568915.1668528634&jid=1348447031&gjid=1800014753&_gid=738601396.1668528634&_u=YGBACUAABAAAACAAI~&z=501241678

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.headsuplaunceston.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 15 Nov 2022 16:10:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.headsuplaunceston.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 171ms
63ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-54310597-1&cid=1948568915.1668528634&jid=1348447031&_u=YGBACUAABAAAACAAI~&z=753567156

Requested by

Host: www.headsuplaunceston.com
URL: https://www.headsuplaunceston.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.headsuplaunceston.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Nov 2022 16:10:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 272ms
168ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-54310597-1&cid=1948568915.1668528634&jid=1348447031&_u=YGBACUAABAAAACAAI~&z=753567156

Requested by

Host: www.headsuplaunceston.com
URL: https://www.headsuplaunceston.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.headsuplaunceston.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Nov 2022 16:10:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 follow.js
go.weatherplllatform.com/fly/ 172 B
300 B 1432ms
384ms Script
text/html 91.211.91.114
HOSTFORY

General

Check archive.org

Show headers Download Go to

Full URL

https://go.weatherplllatform.com/fly/follow.js?v=3.7.3

Requested by

Host: main.weatherplllatform.com
URL: https://main.weatherplllatform.com/webcdn.js?v=5.3.5

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.211.91.114 , Ukraine, ASN206638 (HOSTFORY, UA),

Reverse DNS

Software

nginx / PHP/7.3.33

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.headsuplaunceston.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 16:10:35 GMT
strict-transport-security: max-age=15768000;
server: nginx
x-powered-by: PHP/7.3.33
content-length: 172
content-type: text/html; charset=UTF-8

GET
H2 200 nelson-family-450x338.jpg
www.headsuplaunceston.com/wp-content/uploads/2022/10/ 53 KB
54 KB 188ms
187ms Image
image/jpeg 162.241.219.89
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.headsuplaunceston.com/wp-content/uploads/2022/10/nelson-family-450x338.jpg
Requested by: Host: www.headsuplaunceston.com
URL: https://www.headsuplaunceston.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.219.89 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5630.bluehost.com
Software: Apache /
Resource Hash: 1762c96b20cd091471a8d1dacda1e5554faad2b4f41e4fd5ff2ff6cc5473f2d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.headsuplaunceston.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 16:10:34 GMT
last-modified: Sun, 09 Oct 2022 05:33:30 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=10368000
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 54551
expires: max-age=A10368000, public

GET
H2 200 COUNCILLOR-CANDIDATES-450x253.jpeg
www.headsuplaunceston.com/wp-content/uploads/2022/10/ 34 KB
34 KB 188ms
188ms Image
image/jpeg 162.241.219.89
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.headsuplaunceston.com/wp-content/uploads/2022/10/COUNCILLOR-CANDIDATES-450x253.jpeg
Requested by: Host: www.headsuplaunceston.com
URL: https://www.headsuplaunceston.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.219.89 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5630.bluehost.com
Software: Apache /
Resource Hash: 0357f182073b90a7a2bd3deb7a12c7a44c6008edd6c209cb07cfe78b4f7f02f9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.headsuplaunceston.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 16:10:34 GMT
last-modified: Tue, 04 Oct 2022 05:20:03 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=10368000
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 35008
expires: max-age=A10368000, public

GET
H2 200 fathers-day-2022-post-450x450.jpeg
www.headsuplaunceston.com/wp-content/uploads/2022/08/ 58 KB
58 KB 188ms
187ms Image
image/jpeg 162.241.219.89
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.headsuplaunceston.com/wp-content/uploads/2022/08/fathers-day-2022-post-450x450.jpeg
Requested by: Host: www.headsuplaunceston.com
URL: https://www.headsuplaunceston.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.219.89 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5630.bluehost.com
Software: Apache /
Resource Hash: e33c47534e8d89a1e7fd65632a8be6111253fd10dd8cd32b9bdc8923fc74d05f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.headsuplaunceston.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 16:10:34 GMT
last-modified: Wed, 31 Aug 2022 08:28:12 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=10368000
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 59018
expires: max-age=A10368000, public

GET
H2 200 firestorm-waiter-600x800.jpg
www.headsuplaunceston.com/wp-content/uploads/2021/08/ 88 KB
89 KB 186ms
185ms Image
image/jpeg 162.241.219.89
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.headsuplaunceston.com/wp-content/uploads/2021/08/firestorm-waiter-600x800.jpg
Requested by: Host: www.headsuplaunceston.com
URL: https://www.headsuplaunceston.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.219.89 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5630.bluehost.com
Software: Apache /
Resource Hash: 83f6846f52a3021d3126d173d451038dab32f5c9c087a3d73d5e78d488ab6a3c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.headsuplaunceston.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 16:10:34 GMT
last-modified: Mon, 18 Jul 2022 14:33:30 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=10368000
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 90143
expires: max-age=A10368000, public

GET
H2 200 brook-eden-vineyard-table-600x800.jpeg
www.headsuplaunceston.com/wp-content/uploads/2015/12/ 90 KB
90 KB 186ms
186ms Image
image/jpeg 162.241.219.89
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.headsuplaunceston.com/wp-content/uploads/2015/12/brook-eden-vineyard-table-600x800.jpeg
Requested by: Host: www.headsuplaunceston.com
URL: https://www.headsuplaunceston.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.219.89 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5630.bluehost.com
Software: Apache /
Resource Hash: 4db538412c8a50273cfaaaf3164bfc09000afcdc5f11545f009b9040ad6e2aa1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.headsuplaunceston.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 16:10:34 GMT
last-modified: Mon, 18 Jul 2022 14:29:01 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=10368000
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 91972
expires: max-age=A10368000, public

GET
H2 200 the-ridge-north-lilydale-800x800.jpg
www.headsuplaunceston.com/wp-content/uploads/2021/02/ 147 KB
148 KB 186ms
186ms Image
image/jpeg 162.241.219.89
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.headsuplaunceston.com/wp-content/uploads/2021/02/the-ridge-north-lilydale-800x800.jpg
Requested by: Host: www.headsuplaunceston.com
URL: https://www.headsuplaunceston.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.219.89 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5630.bluehost.com
Software: Apache /
Resource Hash: ad8bdd245667e081de37a79cab7336139619c321645b6eb6a211605464137b0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.headsuplaunceston.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 16:10:34 GMT
last-modified: Sun, 14 Feb 2021 09:42:47 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=10368000
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 150870
expires: max-age=A10368000, public

GET
H3 200 pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 166ms
58ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.headsuplaunceston.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 19:25:44 GMT
x-content-type-options: nosniff
age: 506690
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7816
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Nov 2023 19:25:44 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 166ms
61ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.headsuplaunceston.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.headsuplaunceston.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 16:10:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 165ms
60ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.headsuplaunceston.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.headsuplaunceston.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 16:10:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame 48F2 92 KB
34 KB 1428ms
1427ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9982481797161433&output=html&h=280&slotname=3236614501&adk=599970859&adf=3965145565&pi=t.ma~as.3236614501&w=1000&fwrn=4&fwrnh=100&lmt=1668528634&rafmt=1&format=1000x280&url=https%3A%2F%2Fwww.headsuplaunceston.com%2F&host=ca-host-pub-2644536267352236&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668528634562&bpp=20&bdt=1715&idt=20&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcc60ebf6e431d1ac-22943fa7b6ce0050%3AT%3D1668528634%3ART%3D1668528634%3AS%3DALNI_MbNvcDhQKx67hAYI7jdmMeaYYEx6A&gpic=UID%3D00000b81a7f6bf1a%3AT%3D1668528634%3ART%3D1668528634%3AS%3DALNI_MYpPxPDbCdvMrXKvTHa3kAdnb8Xqg&prev_fmts=0x0&nras=1&correlator=2343935915971&frm=20&pv=1&ga_vid=1948568915.1668528634&ga_sid=1668528634&ga_hid=1810714727&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=2822&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705&oid=2&pvsid=2838728575467031&tmod=149499881&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=09zXAnCHsD&p=https%3A//www.headsuplaunceston.com&dtd=29

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.headsuplaunceston.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 35170
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 15 Nov 2022 16:10:35 GMT
expires: Tue, 15 Nov 2022 16:10:35 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ 3 B
457 B 185ms
70ms XHR
application/json 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: maps.google.com
URL: https://maps.google.com/maps/api/js?v=3.exp&key=AIzaSyDpXzw3nOjPX3OCA5Ufr603SxdOI40BGRU

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.headsuplaunceston.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 16:10:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.headsuplaunceston.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23
x-xss-protection: 0

GET fly.php
go.weatherplllatform.com/ 0
0

GET
H2

200

go.php
away.cdnbestplatform.com/
Redirect Chain

https://go.weatherplllatform.com/fly.php?t=ZGZsa3lqaHNnZGY=
https://go.weatherplllatform.com/track.php?tid=54889&lid=9554-66-457679-29
https://away.cdnbestplatform.com/go.php?id=11134985467-34-56736-11

828 B
552 B

928ms
165ms

Document
text/html

91.211.91.104
HOSTFORY

General

Check archive.org

Show headers Download Go to

Full URL

https://away.cdnbestplatform.com/go.php?id=11134985467-34-56736-11

Requested by

Host: go.weatherplllatform.com
URL: https://go.weatherplllatform.com/fly/follow.js?v=3.7.3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.211.91.104 , Ukraine, ASN206638 (HOSTFORY, UA),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000;

Request headers

Referer: https://www.headsuplaunceston.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-length: 409
content-type: text/html; charset=UTF-8
date: Tue, 15 Nov 2022 16:10:37 GMT
server: nginx
strict-transport-security: max-age=15768000;
vary: Accept-Encoding

Redirect headers

content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 15 Nov 2022 16:10:36 GMT
location: https://away.cdnbestplatform.com/go.php?id=11134985467-34-56736-11
server: nginx
strict-transport-security: max-age=15768000;
x-powered-by: PHP/7.3.33

GET
H2 200 18284422129284599841
tpc.googlesyndication.com/simgad/ Frame 48F2 95 KB
95 KB 239ms
111ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/18284422129284599841?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qlryidx2Hmfj3Nc5FgL6uHknqh05Q

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9982481797161433&output=html&h=280&slotname=3236614501&adk=599970859&adf=3965145565&pi=t.ma~as.3236614501&w=1000&fwrn=4&fwrnh=100&lmt=1668528634&rafmt=1&format=1000x280&url=https%3A%2F%2Fwww.headsuplaunceston.com%2F&host=ca-host-pub-2644536267352236&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668528634562&bpp=20&bdt=1715&idt=20&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcc60ebf6e431d1ac-22943fa7b6ce0050%3AT%3D1668528634%3ART%3D1668528634%3AS%3DALNI_MbNvcDhQKx67hAYI7jdmMeaYYEx6A&gpic=UID%3D00000b81a7f6bf1a%3AT%3D1668528634%3ART%3D1668528634%3AS%3DALNI_MYpPxPDbCdvMrXKvTHa3kAdnb8Xqg&prev_fmts=0x0&nras=1&correlator=2343935915971&frm=20&pv=1&ga_vid=1948568915.1668528634&ga_sid=1668528634&ga_hid=1810714727&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=2822&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705&oid=2&pvsid=2838728575467031&tmod=149499881&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=09zXAnCHsD&p=https%3A//www.headsuplaunceston.com&dtd=29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 07:22:05 GMT
x-content-type-options: nosniff
age: 377311
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 97361
x-xss-protection: 0
last-modified: Wed, 07 Sep 2022 07:34:48 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 11 Nov 2023 07:22:05 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 48F2 0
0 100ms
99ms Fetch
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C2ICr-rlzY_7GKf6dvPIPkLKf6Au71YufbaaG7K29ENrZHhABILe2uiRgleKQgqAHoAGcr_uoAsgBAqgDAcgDyQSqBIcCT9C7kk-r1yTlCMegCTzBKPF7OkjMLnehZwn8oX6Eau-yX5rzPU82XdH7z5enP2i9h-7CdGuTdgWm8aHA-IIukCvQPr7R-nBODynHnXdsBCqBgB30-UcZiVtOI88ebsA1x5vtppPVkH8r2bPIOQ_0gedro-eRTcCE7eVsVIB7ihL1b3XFJNsJBkb5jNz75Ey8GVazqbaUFh7mGbpeolLO8CKdS9K2WCvXBq6G8sz7XMPw5cBUd3QVxKm3_RQhLjn4KlTkuPZ0IXxql8fkN28O2QEojv8Wg9Ye2_7HMzoNCfDefpnsXhfSmUFCNZVSqFAQsOQv0N0HFgaXcfxyacko6fe2iKfBajjABIm3xbKiBJIFBAgEGAGSBQQIBRgEoAYCgAfM0ITXAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEMb5LNIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMN0BUBmBYBgBcBshccChoIABIUcHViLTk5ODI0ODE3OTcxNjE0MzMYAA&sigh=hm3Eqbg8TBU&uach_m=[UACH]&cid=CAQSPADq26N9VEPCS1nDpdU4ufQaCj2idkEx4Lw5EW-6KrPUY1ICEvZWop7Q82xN8woSUvjieRddyaAA3Fl7qxgBIBM

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9982481797161433&output=html&h=280&slotname=3236614501&adk=599970859&adf=3965145565&pi=t.ma~as.3236614501&w=1000&fwrn=4&fwrnh=100&lmt=1668528634&rafmt=1&format=1000x280&url=https%3A%2F%2Fwww.headsuplaunceston.com%2F&host=ca-host-pub-2644536267352236&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668528634562&bpp=20&bdt=1715&idt=20&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcc60ebf6e431d1ac-22943fa7b6ce0050%3AT%3D1668528634%3ART%3D1668528634%3AS%3DALNI_MbNvcDhQKx67hAYI7jdmMeaYYEx6A&gpic=UID%3D00000b81a7f6bf1a%3AT%3D1668528634%3ART%3D1668528634%3AS%3DALNI_MYpPxPDbCdvMrXKvTHa3kAdnb8Xqg&prev_fmts=0x0&nras=1&correlator=2343935915971&frm=20&pv=1&ga_vid=1948568915.1668528634&ga_sid=1668528634&ga_hid=1810714727&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=2822&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705&oid=2&pvsid=2838728575467031&tmod=149499881&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=09zXAnCHsD&p=https%3A//www.headsuplaunceston.com&dtd=29
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 15 Nov 2022 16:10:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame 48F2 23 KB
10 KB 164ms
51ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 15:43:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1627
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9428
x-xss-protection: 0
server: cafe
etag: 246362764157784863
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 29 Nov 2022 15:43:29 GMT

GET
H2 200 window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 48F2 3 KB
1 KB 179ms
66ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 15:43:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1627
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 29 Nov 2022 15:43:29 GMT

GET
H2 200 qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 48F2 18 KB
7 KB 129ms
59ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 15:54:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 947
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 29 Nov 2022 15:54:49 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 48F2 0
0 164ms
58ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTl_MlVdc667M9FZfBG_1dEDMSJWXNfrgS4EUfEFYs3hviyFuIlj-Ylom6GqL-0bXsavNOWs2xAx3vj3m7TezNfSgWu2w
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9982481797161433&output=html&h=280&slotname=3236614501&adk=599970859&adf=3965145565&pi=t.ma~as.3236614501&w=1000&fwrn=4&fwrnh=100&lmt=1668528634&rafmt=1&format=1000x280&url=https%3A%2F%2Fwww.headsuplaunceston.com%2F&host=ca-host-pub-2644536267352236&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668528634562&bpp=20&bdt=1715&idt=20&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcc60ebf6e431d1ac-22943fa7b6ce0050%3AT%3D1668528634%3ART%3D1668528634%3AS%3DALNI_MbNvcDhQKx67hAYI7jdmMeaYYEx6A&gpic=UID%3D00000b81a7f6bf1a%3AT%3D1668528634%3ART%3D1668528634%3AS%3DALNI_MYpPxPDbCdvMrXKvTHa3kAdnb8Xqg&prev_fmts=0x0&nras=1&correlator=2343935915971&frm=20&pv=1&ga_vid=1948568915.1668528634&ga_sid=1668528634&ga_hid=1810714727&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=2822&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705&oid=2&pvsid=2838728575467031&tmod=149499881&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=09zXAnCHsD&p=https%3A//www.headsuplaunceston.com&dtd=29
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 48F2 154 KB
48 KB 221ms
109ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 16:10:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 15 Nov 2022 16:10:36 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 48F2 34 KB
13 KB 135ms
67ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 17:43:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80855
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13669
x-xss-protection: 0
server: cafe
etag: 7011066814545187240
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Nov 2022 17:43:01 GMT

GET
H3 200 s
googleads.g.doubleclick.net/pagead/drt/ Frame 78BF 143 B
166 B 52ms
51ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9982481797161433&output=html&h=280&slotname=3236614501&adk=599970859&adf=3965145565&pi=t.ma~as.3236614501&w=1000&fwrn=4&fwrnh=100&lmt=1668528634&rafmt=1&format=1000x280&url=https%3A%2F%2Fwww.headsuplaunceston.com%2F&host=ca-host-pub-2644536267352236&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668528634562&bpp=20&bdt=1715&idt=20&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcc60ebf6e431d1ac-22943fa7b6ce0050%3AT%3D1668528634%3ART%3D1668528634%3AS%3DALNI_MbNvcDhQKx67hAYI7jdmMeaYYEx6A&gpic=UID%3D00000b81a7f6bf1a%3AT%3D1668528634%3ART%3D1668528634%3AS%3DALNI_MYpPxPDbCdvMrXKvTHa3kAdnb8Xqg&prev_fmts=0x0&nras=1&correlator=2343935915971&frm=20&pv=1&ga_vid=1948568915.1668528634&ga_sid=1668528634&ga_hid=1810714727&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=2822&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705&oid=2&pvsid=2838728575467031&tmod=149499881&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=09zXAnCHsD&p=https%3A//www.headsuplaunceston.com&dtd=29
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 889
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 15 Nov 2022 15:55:47 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 4FE0 1 KB
643 B 51ms
51ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 7781
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 15 Nov 2022 14:00:55 GMT
etag: 48472445140208031
expires: Wed, 16 Nov 2022 14:00:55 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 48F2 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 451 466606.gif
id.rlcdn.com/ Frame 4FE0 0
98 B 176ms
53ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DASkJ3FaAfpicA5CMmSZTIMfaHBjqe_tPzWemZ6Xz4qr6CjcFoHiGAZmBVbi6I_jMItMvNJkxazUj3RHSN_JHUKGi9ATBRcrytbrp&google_gid=CAESEGndiCCszPYJm0AzMMDd6h0&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9982481797161433&output=html&h=280&slotname=3236614501&adk=599970859&adf=3965145565&pi=t.ma~as.3236614501&w=1000&fwrn=4&fwrnh=100&lmt=1668528634&rafmt=1&format=1000x280&url=https%3A%2F%2Fwww.headsuplaunceston.com%2F&host=ca-host-pub-2644536267352236&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668528634562&bpp=20&bdt=1715&idt=20&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcc60ebf6e431d1ac-22943fa7b6ce0050%3AT%3D1668528634%3ART%3D1668528634%3AS%3DALNI_MbNvcDhQKx67hAYI7jdmMeaYYEx6A&gpic=UID%3D00000b81a7f6bf1a%3AT%3D1668528634%3ART%3D1668528634%3AS%3DALNI_MYpPxPDbCdvMrXKvTHa3kAdnb8Xqg&prev_fmts=0x0&nras=1&correlator=2343935915971&frm=20&pv=1&ga_vid=1948568915.1668528634&ga_sid=1668528634&ga_hid=1810714727&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=2822&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705&oid=2&pvsid=2838728575467031&tmod=149499881&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=09zXAnCHsD&p=https%3A//www.headsuplaunceston.com&dtd=29
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 16:10:36 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4FE0
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DASkJ3FZZXXMe...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DASkJ3FZZXXMe...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjExMTUxNjEwMzYwMDAxMzM5MzY1Nzc5MQ%3D%3D&google_push=ASkJ3FZZXXMeitaGh2xYGeCUo6H1fDAYXgqbRR3DPKOaDDkpmG8BIIMr7j_hep5X4LXBPs...

170 B
188 B

170ms
63ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjExMTUxNjEwMzYwMDAxMzM5MzY1Nzc5MQ%3D%3D&google_push=ASkJ3FZZXXMeitaGh2xYGeCUo6H1fDAYXgqbRR3DPKOaDDkpmG8BIIMr7j_hep5X4LXBPsi_9q69C3pxZGg5iqKbXvoI51YDxU6Q

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Nov 2022 16:10:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjExMTUxNjEwMzYwMDAxMzM5MzY1Nzc5MQ%3D%3D&google_push=ASkJ3FZZXXMeitaGh2xYGeCUo6H1fDAYXgqbRR3DPKOaDDkpmG8BIIMr7j_hep5X4LXBPsi_9q69C3pxZGg5iqKbXvoI51YDxU6Q
pragma: no-cache
date: Tue, 15 Nov 2022 16:10:36 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=2628000
content-length: 0
expires: Tue, 15 Nov 2022 16:10:36 GMT

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame 4FE0 43 B
356 B 177ms
55ms Image
image/gif 34.98.67.61
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEOi4RxVyVIwJ0Q3V7aQNEvI&google_push=ASkJ3FY52g1pzQNoPCu_Q3E57PACRoVYqvi1XRRsi4GqAyjHK9pA9tQwhZUbnA0F6cJKrbP7hHCCh2fZzuSgQoFn_HJC9u_RFok&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9982481797161433&output=html&h=280&slotname=3236614501&adk=599970859&adf=3965145565&pi=t.ma~as.3236614501&w=1000&fwrn=4&fwrnh=100&lmt=1668528634&rafmt=1&format=1000x280&url=https%3A%2F%2Fwww.headsuplaunceston.com%2F&host=ca-host-pub-2644536267352236&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668528634562&bpp=20&bdt=1715&idt=20&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcc60ebf6e431d1ac-22943fa7b6ce0050%3AT%3D1668528634%3ART%3D1668528634%3AS%3DALNI_MbNvcDhQKx67hAYI7jdmMeaYYEx6A&gpic=UID%3D00000b81a7f6bf1a%3AT%3D1668528634%3ART%3D1668528634%3AS%3DALNI_MYpPxPDbCdvMrXKvTHa3kAdnb8Xqg&prev_fmts=0x0&nras=1&correlator=2343935915971&frm=20&pv=1&ga_vid=1948568915.1668528634&ga_sid=1668528634&ga_hid=1810714727&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=2822&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705&oid=2&pvsid=2838728575467031&tmod=149499881&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=09zXAnCHsD&p=https%3A//www.headsuplaunceston.com&dtd=29
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Nov 2022 16:10:36 GMT
via: 1.1 google
server: Apache
content-type: image/gif;charset=UTF-8
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame 4FE0 43 B
351 B 186ms
56ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEH3K0RNflgZFvZt4zCdA_jE&google_cver=1&google_push=ASkJ3FbGTebhkfxgjCoo7vdxUbcIR3T_OAqn7f3yp7HIG0w4HLbQE0z0avPJ20XGBokRQZkIiwptDSHTpYhWZbzvlZw6OpHRH8k
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9982481797161433&output=html&h=280&slotname=3236614501&adk=599970859&adf=3965145565&pi=t.ma~as.3236614501&w=1000&fwrn=4&fwrnh=100&lmt=1668528634&rafmt=1&format=1000x280&url=https%3A%2F%2Fwww.headsuplaunceston.com%2F&host=ca-host-pub-2644536267352236&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668528634562&bpp=20&bdt=1715&idt=20&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcc60ebf6e431d1ac-22943fa7b6ce0050%3AT%3D1668528634%3ART%3D1668528634%3AS%3DALNI_MbNvcDhQKx67hAYI7jdmMeaYYEx6A&gpic=UID%3D00000b81a7f6bf1a%3AT%3D1668528634%3ART%3D1668528634%3AS%3DALNI_MYpPxPDbCdvMrXKvTHa3kAdnb8Xqg&prev_fmts=0x0&nras=1&correlator=2343935915971&frm=20&pv=1&ga_vid=1948568915.1668528634&ga_sid=1668528634&ga_hid=1810714727&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=2822&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705&oid=2&pvsid=2838728575467031&tmod=149499881&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=09zXAnCHsD&p=https%3A//www.headsuplaunceston.com&dtd=29
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Nov 2022 16:10:36 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: ef03hhp9fetl744cqqd8v3v7uhorfnv0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 4FE0
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ws8_tAEuRhWgyw2rNLf4DQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
232 B

119ms
61ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ws8_tAEuRhWgyw2rNLf4DQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FZCCbGquZPZ5Hbu8dG3Ot2DvXcvRZ13OHgOMjESer7vCZr4CnXVW-5-a1LfT_x9V9bFiqJAcG4e9GhXCVflF1bShNilQmE

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Nov 2022 16:10:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ws8_tAEuRhWgyw2rNLf4DQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FZCCbGquZPZ5Hbu8dG3Ot2DvXcvRZ13OHgOMjESer7vCZr4CnXVW-5-a1LfT_x9V9bFiqJAcG4e9GhXCVflF1bShNilQmE
date: Tue, 15 Nov 2022 16:10:36 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 4FE0
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOo1aMjL9txpye7naD4NJug&google_cver=1&google_push=ASkJ3FbymF5sdy5V3SohMZspIZE4-elm15KQHJtqhpn-aPHo6hc7RPup_SX7tmWHTAuD1i4ElXR...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFJRVZCRlotMTQtOVVFOA==&google_push=ASkJ3FbymF5sdy5V3SohMZspIZE4-elm15KQHJtqhpn-aPHo6hc7RPup_SX7tmWHTAuD1i4ElXRpfYbu5uzYRTDVYx8uee3JFt05

170 B
329 B

147ms
61ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFJRVZCRlotMTQtOVVFOA==&google_push=ASkJ3FbymF5sdy5V3SohMZspIZE4-elm15KQHJtqhpn-aPHo6hc7RPup_SX7tmWHTAuD1i4ElXRpfYbu5uzYRTDVYx8uee3JFt05

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Nov 2022 16:10:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFJRVZCRlotMTQtOVVFOA==&google_push=ASkJ3FbymF5sdy5V3SohMZspIZE4-elm15KQHJtqhpn-aPHo6hc7RPup_SX7tmWHTAuD1i4ElXRpfYbu5uzYRTDVYx8uee3JFt05
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
Expires: 0

GET
H2 200 trk
ag.innovid.com/ Frame 4FE0 43 B
296 B 263ms
19ms Image
image/gif 2a05:d01c:1d8:8100:3d7c:b3e5:1d0f:44c5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEBjPUKxKZ1fnnIaW7G64tYc&google_cver=1&google_push=ASkJ3FYTR7rRegBUFA6KGqNHC2TrDAedKwIUP6WeN4XZbkpw0SxxVgYZHDC6KxQB5wJfAJMnCeLglAP2JrKBxpIpsqbpnHrkN8Hu
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9982481797161433&output=html&h=280&slotname=3236614501&adk=599970859&adf=3965145565&pi=t.ma~as.3236614501&w=1000&fwrn=4&fwrnh=100&lmt=1668528634&rafmt=1&format=1000x280&url=https%3A%2F%2Fwww.headsuplaunceston.com%2F&host=ca-host-pub-2644536267352236&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668528634562&bpp=20&bdt=1715&idt=20&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcc60ebf6e431d1ac-22943fa7b6ce0050%3AT%3D1668528634%3ART%3D1668528634%3AS%3DALNI_MbNvcDhQKx67hAYI7jdmMeaYYEx6A&gpic=UID%3D00000b81a7f6bf1a%3AT%3D1668528634%3ART%3D1668528634%3AS%3DALNI_MYpPxPDbCdvMrXKvTHa3kAdnb8Xqg&prev_fmts=0x0&nras=1&correlator=2343935915971&frm=20&pv=1&ga_vid=1948568915.1668528634&ga_sid=1668528634&ga_hid=1810714727&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=2822&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705&oid=2&pvsid=2838728575467031&tmod=149499881&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=09zXAnCHsD&p=https%3A//www.headsuplaunceston.com&dtd=29
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8100:3d7c:b3e5:1d0f:44c5 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 15 Nov 2022 16:10:36 GMT
cache-control: no-cache
content-length: 43
request-time: 0
expires: -1

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 4FE0 0
223 B 188ms
59ms Image
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JQab_XhzIWB--gMj-xLkEonQ8498jOgl-W-IiqH_KIjfdhUIYFxxlOPXi6no24Q9C-9vLg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 16:10:36 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 78BF
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

62ms
61ms

Document
text/html

2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 15 Nov 2022 16:10:36 GMT
expires: Tue, 15 Nov 2022 16:10:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 15 Nov 2022 16:10:36 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js
pagead2.googlesyndication.com/bg/ Frame CCD2 36 KB
16 KB 51ms
51ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 21:15:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 68082
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16085
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 14 Nov 2023 21:15:54 GMT

GET activeview
pagead2.googlesyndication.com/pcs/ Frame 48F2 0
0

GET mu4genjugq5dcmjrhe3a
greenskymotions.net/go/ 0
0

GET
H2 200 Primary Request mu4genjugq5dcmjrhe3a Show response
greenskymotions.net/go/ 18 KB
18 KB 661ms
26ms Document
text/html 185.177.94.152
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://greenskymotions.net/go/mu4genjugq5dcmjrhe3a?sub2=dfastspeed16

Requested by

Host: away.cdnbestplatform.com
URL: https://away.cdnbestplatform.com/go.php?id=11134985467-34-56736-11

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.177.94.152 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

ip-185-177-94-152.ah-server.com

Software

nginx /

Resource Hash

8ccd406879f8f90b9a64f4f5e0958f8b720b6ed4473cdd05d4fab82066dd6125

Security Headers

Name	Value
Content-Security-Policy	img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://away.cdnbestplatform.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
content-security-policy: img-src https: data:; upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Tue, 15 Nov 2022 16:10:38 GMT
server: nginx
strict-transport-security: max-age=31536000

GET index.php
0.greenskymotions.net/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: go.weatherplllatform.com
URL: https://go.weatherplllatform.com/fly.php?t=ZGZsa3lqaHNnZGY=

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu0a5OHJOHcGoDoMTSrJ_kxnpsz8P8onQLKZGfWwilH1i_sZEiFTudlcXlVodRQlUcI_2Im3zPQyQ7yAlUCXLOc09F_FD6fquq-kqIOx0Dhl54-qOLJXN9Lkc9ZT2Wp9YSL6D67UQ&sai=AMfl-YQYYNcGkS2ORC1bqeyx5BGER-zC7KyP27yq1IjoG5bEAdR7wrztfOc971fQcuxfe5Bcq9cQmJZRjuMqKSnrGlezG0DPUY6I6pa-AF8bniaO9bmlUAVMWSDua3AyOXE&sig=Cg0ArKJSzCEn0Ed65VZBEAE&cid=CAQSPADq26N9VEPCS1nDpdU4ufQaCj2idkEx4Lw5EW-6KrPUY1ICEvZWop7Q82xN8woSUvjieRddyaAA3Fl7qxgBIBM&id=lidartos&mcvt=0&p=0,0,258,1000&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20221110&bin=7&avms=nio&bs=0,0&mc=0&if=1&vu=1&app=0&itpl=4&adk=599970859&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=3&r=b&rst=1668528634594&rpt=1887&ec=1&met=mue&wmsd=0&pbe=0

Domain: greenskymotions.net
URL: https://greenskymotions.net/go/mu4genjugq5dcmjrhe3a?sub2=dfastspeed16

Domain: 0.greenskymotions.net
URL: https://0.greenskymotions.net/index.php?p=mu4genjugq5dcmjrhe3a&sub2=dfastspeed16

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| urlB64ToUint8Array

20 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.headsuplaunceston.com/	1970-01-20 17:04:48	Name: _ga Value: GA1.2.1948568915.1668528634
.headsuplaunceston.com/	1970-01-20 07:30:15	Name: _gid Value: GA1.2.738601396.1668528634
.headsuplaunceston.com/	1970-01-20 07:28:48	Name: _gat_gtag_UA_54310597_1 Value: 1
.headsuplaunceston.com/	1970-01-20 16:50:24	Name: __gads Value: ID=cc60ebf6e431d1ac-22943fa7b6ce0050:T=1668528634:RT=1668528634:S=ALNI_MbNvcDhQKx67hAYI7jdmMeaYYEx6A
.headsuplaunceston.com/	1970-01-20 16:50:24	Name: __gpi Value: UID=00000b81a7f6bf1a:T=1668528634:RT=1668528634:S=ALNI_MYpPxPDbCdvMrXKvTHa3kAdnb8Xqg
.doubleclick.net/	1970-01-20 16:50:24	Name: IDE Value: AHWqTUkIHSSTLzUhuvIk3tzIRKdzNIy76wr7gdJhdSqP78VpDmrZMMdkkFJQ47Lc_f8
.pubmatic.com/	1970-01-20 07:30:15	Name: KTPCACOOKIE Value: YES
.pubmatic.com/	1970-01-20 09:38:24	Name: KADUSERCOOKIE Value: C2CF3FB4-012E-4615-A0CB-0DAB34B7F80D
.doubleclick.net/	1970-01-20 07:28:52	Name: DSID Value: NO_DATA
.innovid.com/	1970-01-20 09:38:24	Name: uuid Value: d4aeecea-2679-42d3-852e-3072b10c51e4-20221115 11:10:36
.e.dlx.addthis.com/	1970-01-20 16:59:03	Name: na_tc Value: Y
.addthis.com/	1970-01-20 16:59:03	Name: na_id Value: 2022111516103600013393657791
.addthis.com/	1970-01-20 16:59:03	Name: na_tc Value: Y
.addthis.com/	1970-01-20 16:59:03	Name: uid Value: 6373b9fc63be61e5
.addthis.com/	1970-01-20 16:59:03	Name: ouid Value: 6373b9fc0001be78e5880a8ffae0600801f2a3dc9aa088aa057a
.dlx.addthis.com/	1970-01-20 08:12:00	Name: na_rn Value: 0
.dlx.addthis.com/	1970-01-20 08:12:00	Name: na_sr Value: 20221115
.dlx.addthis.com/	1970-01-20 07:28:48	Name: na_srp Value: 3614
.dlx.addthis.com/	1970-01-20 08:12:00	Name: na_sc_e Value: 0
.greenskymotions.net/	1970-01-20 08:12:00	Name: uuid Value: 3b466b27-9704-4e0c-803d-1556898ea285

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DASkJ3FaAfpicA5CMmSZTIMfaHBjqe_tPzWemZ6Xz4qr6CjcFoHiGAZmBVbi6I_jMItMvNJkxazUj3RHSN_JHUKGi9ATBRcrytbrp&google_gid=CAESEGndiCCszPYJm0AzMMDd6h0&google_cver=1 Message: Failed to load resource: the server responded with a status of 451 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0.greenskymotions.net
adservice.google.com
adservice.google.de
ag.innovid.com
away.cdnbestplatform.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
e.dlx.addthis.com
fonts.googleapis.com
fonts.gstatic.com
go.weatherplllatform.com
googleads.g.doubleclick.net
greenskymotions.net
id.rlcdn.com
image6.pubmatic.com
main.weatherplllatform.com
maps.google.com
maps.googleapis.com
odr.mookie1.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
pxgcdn.com
rtb.openx.net
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.headsuplaunceston.com
0.greenskymotions.net
go.weatherplllatform.com
greenskymotions.net
pagead2.googlesyndication.com
104.76.200.221
142.250.184.194
162.241.219.89
185.177.94.152
185.64.190.78
2606:4700:20::681a:9df
2606:4700::6811:190e
2a00:1450:4001:800::2001
2a00:1450:4001:800::2008
2a00:1450:4001:800::200a
2a00:1450:4001:801::2002
2a00:1450:4001:809::2002
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::200a
2a00:1450:4001:812::2002
2a00:1450:4001:812::200e
2a00:1450:4001:827::2002
2a00:1450:4001:828::2002
2a00:1450:4001:828::2003
2a00:1450:4001:830::2004
2a00:1450:4001:831::2003
2a00:1450:400c:c1b::9d
2a05:d01c:1d8:8100:3d7c:b3e5:1d0f:44c5
34.98.67.61
35.227.252.103
35.244.174.68
69.173.144.139
91.211.91.104
91.211.91.114
0357f182073b90a7a2bd3deb7a12c7a44c6008edd6c209cb07cfe78b4f7f02f9
101ec714713d5dfd72dcc0a3fd034b10eecc969af1f9dd4c5cded1850617ea8e
11a2dda2fbca969359a1f46ac3f0b4b5dd58c426957041d01afc57dcb885dbea
15ff1b3821afd681d5c405d980a27e80997c0f1bca41ab01bb23533d75606df5
1762c96b20cd091471a8d1dacda1e5554faad2b4f41e4fd5ff2ff6cc5473f2d5
1cdeec85bb6f59d4d8270da3fa44567649a6334042ec4df887f3dd01e744423a
3c9ecfdea408321a7f5dcad4dfd4df6affcd077826566568cdd78a8a673cde15
416f8b6ef6161d9470d02a0e239a63e94b490a46c5d1404bff6c516553b4cb00
4db538412c8a50273cfaaaf3164bfc09000afcdc5f11545f009b9040ad6e2aa1
50c664149e71bc6bb22e1a950faeba73cbe20676d338b203450a2665e3b64a1d
58b806f2587e111d360ab05b495cd7d92729da336f15a811a5ba83a2780004c1
595c8179e94fddabd1598615229afa5ef273638874474dace749f2a9971074b3
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
6925e69bf8aa5fae24b9117272bc36d6ea4ee13452fbbe5573c64e69d3608ad2
69dd7e44643848d2ed6b9305ddc0a6246c22c397b5ac20d4101b6a558f4e35bc
73f81698cf7954a3706833c84dbb9f94909f48b290fff5b263b3e95aed343e45
7662ec8d21c24b77d07b280c79033b8f939f16a338d6a48e2e7436e9e0dc004a
78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb
79066a1d9ef05bd56eed607049321dfdd5ba5587541268b06616dbd09b1f1549
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
806548b84857dbb3a3243a0d7c0aedc2afd647bf96b48de90985df9591ca4a4a
83f6846f52a3021d3126d173d451038dab32f5c9c087a3d73d5e78d488ab6a3c
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8ccd406879f8f90b9a64f4f5e0958f8b720b6ed4473cdd05d4fab82066dd6125
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
97ace9f2b3e1ab15b911363a273a2b807d10089c39603e1327616d36535ed8fb
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9e297fabbad29de04fa4815c745fd37be29867f1bf540d96adad3e18ff213938
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
aae07dd164641d37bdc8eab830e000cb8a51eb8b976c9b4250e3ab0ddd1a4252
ad07769358e416660ab17cc9b37f55a2c7ef68ae65fd1b710eb9e57973daff16
ad8bdd245667e081de37a79cab7336139619c321645b6eb6a211605464137b0e
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b5cc45eb6a71ddfc1e8c5f7a20b48120cfceded9a987af10113699cc8cc0aa8a
c3141b534a85ac2a6699ab0cb05163180e28b41a53c7bffdf410adf830f67308
c493991dfa712d1fee861d41c18152e5f8663807484506a23ae97917f6fbbf7b
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e33c47534e8d89a1e7fd65632a8be6111253fd10dd8cd32b9bdc8923fc74d05f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4bbaab31cde20d4aadff1f89a67335e4910b0b44e43edcb1109fedb9e91fac2
e90a8a0eb68da243e4982db067b61c2bbbbcd0832c393784669498175cbe6ddc
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f10beee1e3723ab168e63b64b406cc0fa16718449df548ce12d0fb1517ae0a7d
f24f511fea7bfb7117fbf24d8ee9135385be9a52633490feaa6f0a4426f82c16
fca0297a31866c0358aba5efc475901ca4da77f91d44a13653f77d3edfe4bccd

greenskymotions.net Open in urlscan Pro 185.177.94.152 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

78 Requests

91 %HTTPS

62 %IPv6

23 Domains

32 Subdomains

27 IPs

6 Countries

1705 kBTransfer

3584 kBSize

20 Cookies

0 Outgoing links

Page URL History

Redirected requests

78 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

greenskymotions.net Open in urlscan Pro
185.177.94.152 Public Scan

Screenshot
Live screenshot

Full Image

78
Requests

91 %
HTTPS

62 %
IPv6

23
Domains

32
Subdomains

27
IPs

6
Countries

1705 kB
Transfer

3584 kB
Size

20
Cookies

78 HTTP transactions
1 data transactions