wheregoes.com Open in urlscan Pro
2606:4700:3035::ac43:b70e Public Scan

Go To Rescan
Add Verdict Report

URL:
https://wheregoes.com/trace/20232483605/
Submission: On May 28 via manual (May 28th 2023, 12:06:03 am UTC) from ID — Scanned from DE

Summary HTTP 282 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 107 IPs in 11 countries across 93 domains to perform 282 HTTP transactions. The main IP is 2606:4700:3035::ac43:b70e, located in United States and belongs to CLOUDFLARENET, US. The main domain is wheregoes.com. The Cisco Umbrella rank of the primary domain is 763361.
TLS certificate: Issued by GTS CA 1P5 on April 21st 2023. Valid for: 3 months.

This is the only time wheregoes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
13	2606:4700:303... 2606:4700:3035::ac43:b70e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:e6:... 2606:4700:e6::ac40:c626	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	151.139.128.10 151.139.128.10	20446 (STACKPATH...) (STACKPATH-CDN)
1	192.0.77.48 192.0.77.48	2635 (AUTOMATTIC) (AUTOMATTIC)
5	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1	167.172.55.208 167.172.55.208	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
13	63.33.85.96 63.33.85.96	16509 (AMAZON-02) (AMAZON-02)
1	2a02:2638:d::a 2a02:2638:d::a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	185.255.84.150 185.255.84.150	200271 (IGUANE-) (IGUANE-)
1	34.120.63.153 34.120.63.153	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	51.89.9.252 51.89.9.252	16276 (OVH) (OVH)
2	216.52.2.6 216.52.2.6	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
3	2602:803:c003... 2602:803:c003:200::41	26667 (RUBICONPR...) (RUBICONPROJECT)
2 5	185.89.210.122 185.89.210.122	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2a04:4e42::485 2a04:4e42::485	54113 (FASTLY) (FASTLY)
1	2606:4700:10:... 2606:4700:10::6816:3556	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	65.9.66.122 65.9.66.122	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:225... 2600:9000:2250:e600:a:e047:753:be1	16509 (AMAZON-02) (AMAZON-02)
2	34.248.75.195 34.248.75.195	16509 (AMAZON-02) (AMAZON-02)
3	141.95.33.111 141.95.33.111	16276 (OVH) (OVH)
5 7	2a02:2638:d::d 2a02:2638:d::d	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
17	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
2	178.250.1.11 178.250.1.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
5	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
4	138.201.64.38 138.201.64.38	24940 (HETZNER-AS) (HETZNER-AS)
1 3	185.29.132.242 185.29.132.242	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1	2.18.233.201 2.18.233.201	16625 (AKAMAI-AS) (AKAMAI-AS)
3	23.35.236.188 23.35.236.188	16625 (AKAMAI-AS) (AKAMAI-AS)
8	185.89.210.101 185.89.210.101	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2a02:2638:d::4 2a02:2638:d::4	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 10	23.56.202.187 23.56.202.187	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2602:803:c003... 2602:803:c003:200::27	26667 (RUBICONPR...) (RUBICONPROJECT)
1 5	88.99.219.174 88.99.219.174	24940 (HETZNER-AS) (HETZNER-AS)
1	178.250.7.9 178.250.7.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 4	178.250.7.11 178.250.7.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a02:2638:d::13 2a02:2638:d::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:2638:3::1a 2a02:2638:3::1a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
12 15	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1 1	193.135.9.125 193.135.9.125	48314 (IP-PROJECTS) (IP-PROJECTS)
1 1	217.79.187.69 217.79.187.69	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
5	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1 2	35.186.194.101 35.186.194.101	15169 (GOOGLE) (GOOGLE)
4 4	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
2 3	2a05:d018:d29... 2a05:d018:d29:3601:cc5:dc1b:2834:9d22	16509 (AMAZON-02) (AMAZON-02)
3 7	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 5	52.46.151.131 52.46.151.131	16509 (AMAZON-02) (AMAZON-02)
2 4	67.220.226.233 67.220.226.233	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
3 4	3.68.180.113 3.68.180.113	16509 (AMAZON-02) (AMAZON-02)
1 2	185.89.210.90 185.89.210.90	29990 (ASN-APPNEX) (ASN-APPNEX)
2	2.18.235.93 2.18.235.93	16625 (AKAMAI-AS) (AKAMAI-AS)
2	35.157.25.132 35.157.25.132	16509 (AMAZON-02) (AMAZON-02)
2 4	185.86.139.93 185.86.139.93	201081 (SMARTADSE...) (SMARTADSERVER)
1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	104.111.217.42 104.111.217.42	16625 (AKAMAI-AS) (AKAMAI-AS)
1	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
3 4	3.71.149.231 3.71.149.231	16509 (AMAZON-02) (AMAZON-02)
1	37.157.6.237 37.157.6.237	198622 (ADFORM) (ADFORM)
1	185.255.84.152 185.255.84.152	200271 (IGUANE-) (IGUANE-)
2 9	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1 2	34.251.115.24 34.251.115.24	16509 (AMAZON-02) (AMAZON-02)
2 3	34.240.89.45 34.240.89.45	16509 (AMAZON-02) (AMAZON-02)
1	34.117.157.22 34.117.157.22	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	3.74.6.110 3.74.6.110	16509 (AMAZON-02) (AMAZON-02)
3 5	70.42.32.223 70.42.32.223	13789 (INTERNAP-...) (INTERNAP-BLK3)
4	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	2600:1f18:612... 2600:1f18:612b:4200:92b3:de3:12af:b1c1	14618 (AMAZON-AES) (AMAZON-AES)
1	85.215.5.31 85.215.5.31	6786 (CRONON-BE...) (CRONON-BERLIN-AS)
1	23.45.237.121 23.45.237.121	16625 (AKAMAI-AS) (AKAMAI-AS)
1	34.241.64.103 34.241.64.103	16509 (AMAZON-02) (AMAZON-02)
1	2a0b:4d07:102::1 2a0b:4d07:102::1	44239 (PROINITY ...) (PROINITY PROINITY)
1	18.135.173.74 18.135.173.74	16509 (AMAZON-02) (AMAZON-02)
1	23.56.205.163 23.56.205.163	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	35.186.231.97 35.186.231.97	15169 (GOOGLE) (GOOGLE)
1	13.224.189.31 13.224.189.31	16509 (AMAZON-02) (AMAZON-02)
7	2a00:1450:400... 2a00:1450:4001:80b::2006	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
1	18.66.147.52 18.66.147.52	16509 (AMAZON-02) (AMAZON-02)
1	99.86.4.53 99.86.4.53	16509 (AMAZON-02) (AMAZON-02)
1	34.243.48.125 34.243.48.125	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
2	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
1	52.15.58.80 52.15.58.80	16509 (AMAZON-02) (AMAZON-02)
2	18.130.160.192 18.130.160.192	16509 (AMAZON-02) (AMAZON-02)
1	13.32.99.30 13.32.99.30	16509 (AMAZON-02) (AMAZON-02)
1 2	23.35.228.23 23.35.228.23	16625 (AKAMAI-AS) (AKAMAI-AS)
1	52.209.74.61 52.209.74.61	16509 (AMAZON-02) (AMAZON-02)
1 3	185.86.138.152 185.86.138.152	201081 (SMARTADSE...) (SMARTADSERVER)
3	23.35.236.201 23.35.236.201	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:9000:223... 2600:9000:223f:3600:1f:4c18:bd40:93a1	16509 (AMAZON-02) (AMAZON-02)
2	77.245.57.72 77.245.57.72	36057 (WEBAIR-IN...) (WEBAIR-INTERNET-MTL)
1	3.229.221.86 3.229.221.86	14618 (AMAZON-AES) (AMAZON-AES)
2 2	216.52.2.16 216.52.2.16	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
4 4	213.19.147.45 213.19.147.45	26120 (RHYTHMONE) (RHYTHMONE)
1 1	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
3 3	193.0.160.131 193.0.160.131	54312 (ROCKETFUEL) (ROCKETFUEL)
1	69.166.1.10 69.166.1.10	27630 (AS-XFERNET) (AS-XFERNET)
1	147.75.84.158 147.75.84.158	54825 (PACKET) (PACKET)
1 1	3.210.236.185 3.210.236.185	14618 (AMAZON-AES) (AMAZON-AES)
1 2	198.47.127.19 198.47.127.19	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
3 3	185.29.132.245 185.29.132.245	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 1	2620:116:800d... 2620:116:800d:21:de2e:c7b3:55c0:d5a0	16509 (AMAZON-02) (AMAZON-02)
7 9	18.66.97.115 18.66.97.115	16509 (AMAZON-02) (AMAZON-02)
4 4	37.157.5.132 37.157.5.132	198622 (ADFORM) (ADFORM)
1	69.173.151.100 69.173.151.100	26667 (RUBICONPR...) (RUBICONPROJECT)
1 17	34.247.205.196 34.247.205.196	16509 (AMAZON-02) (AMAZON-02)
1 1	51.68.39.188 51.68.39.188	16276 (OVH) (OVH)
1 1	52.202.56.4 52.202.56.4	14618 (AMAZON-AES) (AMAZON-AES)
2 2	70.42.32.127 70.42.32.127	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1 1	104.111.217.14 104.111.217.14	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	74.214.196.131 74.214.196.131	19189 (PULSEPOINT) (PULSEPOINT)
3 3	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
2 2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1 1	52.7.147.27 52.7.147.27	14618 (AMAZON-AES) (AMAZON-AES)
1 1	2603:c020:400... 2603:c020:400d:3000:f50:982a:7877:65bd	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
1	169.197.150.8 169.197.150.8	398989 (DEEPINTENT) (DEEPINTENT)
2 2	151.101.2.49 151.101.2.49	54113 (FASTLY) (FASTLY)
1 1	202.241.208.54 202.241.208.54	4694 (IDCF IDC ...) (IDCF IDC Frontier Inc.)
1 1	80.77.87.162 80.77.87.162	46636 (NATCOWEB) (NATCOWEB)
4	185.64.191.210 185.64.191.210	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	213.155.156.182 213.155.156.182	1299 (TWELVE99 ...) (TWELVE99 Arelion)
2 2	34.111.129.221 34.111.129.221	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.111.131.239 34.111.131.239	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	35.204.74.118 35.204.74.118	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	198.47.127.20 198.47.127.20	() ()
282	107

13 2606:4700:3035::ac43:b70e (United States)

ASN13335 (CLOUDFLARENET, US)

wheregoes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:e6::ac40:c626 (United States)

ASN13335 (CLOUDFLARENET, US)

api.fouanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net

cdn4.buysellads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.48 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: s.w.org

s.w.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 167.172.55.208 (Enfield, United Kingdom)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: srv-eu-ldn-18.buysellads.com

srv.buysellads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 63.33.85.96 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-33-85-96.eu-west-1.compute.amazonaws.com

ads.servenobid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:d::a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.255.84.150 (France)

ASN200271 (IGUANE-, FR)

hb-api.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.63.153 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 153.63.120.34.bc.googleusercontent.com

prebid.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 51.89.9.252 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.6 (United States)

ASN32475 (SINGLEHOP-LLC, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2602:803:c003:200::41 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.89.210.122 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-122.fra56.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2250:e600:a:e047:753:be1 (United States)

ASN16509 (AMAZON-02, US)

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.248.75.195 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-75-195.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 141.95.33.111 (Germany)

ASN16276 (OVH, FR)
PTR: ns3203177.ip-141-95-33.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:2638:d::d (France) 5 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

b46f4489daff66e06603ea6e52980509.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 138.201.64.38 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.38.64.201.138.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.29.132.242 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

tags.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.233.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.35.236.188 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-188.deploy.static.akamaitechnologies.com

cdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 185.89.210.101 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ams3-ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:d::4 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 23.56.202.187 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-202-187.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:803:c003:200::27 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

beacon-ams3.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 88.99.219.174 (Falkenstein, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.174.219.99.88.clients.your-server.de

hal900029.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.7.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.fr3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 178.250.7.11 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

widget.fr3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638:d::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

imageproxy.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 142.250.184.226 (United States) 12 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.135.9.125 (Germany) 1 redirects

ASN48314 (IP-PROJECTS, DE)

ads.smartstream.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.79.187.69 (Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: cm41.as.net

cm.adsafety.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.194.101 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 101.194.186.35.bc.googleusercontent.com

ad.sxp.smartclip.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.173.144.165 (Frankfurt am Main, Germany) 4 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a05:d018:d29:3601:cc5:dc1b:2834:9d22 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 69.173.144.139 (Frankfurt am Main, Germany) 3 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.46.151.131 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 67.220.226.233 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.68.180.113 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-68-180-113.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.89.210.90 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.235.93 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.157.25.132 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-25-132.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.86.139.93 (France) 2 redirects

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.217.42 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-217-42.deploy.static.akamaitechnologies.com

criteo-sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.71.149.231 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.6.237 (Denmark)

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.255.84.152 (France)

ASN200271 (IGUANE-, FR)

visitor.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 185.80.39.216 (Canada) 2 redirects

ASN27381 (CASALE-MEDIA, CA)

r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.251.115.24 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-115-24.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.240.89.45 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-240-89-45.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.157.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.157.117.34.bc.googleusercontent.com

matching.ivitrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.74.6.110 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-74-6-110.eu-central-1.compute.amazonaws.com

exchange.mediavine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 70.42.32.223 (United States) 3 redirects

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4200:92b3:de3:12af:b1c1 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

criteo-partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.215.5.31 (Berlin, Germany)

ASN6786 (CRONON-BERLIN-AS, DE)

a.twiago.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.45.237.121 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-45-237-121.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.241.64.103 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-241-64-103.eu-west-1.compute.amazonaws.com

sync-criteo.ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0b:4d07:102::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

adv.office-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.135.173.74 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-135-173-74.eu-west-2.compute.amazonaws.com

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.56.205.163 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-205-163.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.231.97 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 97.231.186.35.bc.googleusercontent.com

impfr.tradedoubler.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.189.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-31.fra2.r.cloudfront.net

img.tradedoubler.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.147.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-52.fra60.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-53.fra6.r.cloudfront.net

cdn.track.production.webgains.team	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.243.48.125 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-243-48-125.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.15.58.80 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-15-58-80.us-east-2.compute.amazonaws.com

s.thebrighttag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.130.160.192 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-130-160-192.eu-west-2.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.30 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-30.fra60.r.cloudfront.net

public.servenobid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.35.228.23 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-228-23.deploy.static.akamaitechnologies.com

c21lg-d.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hbx.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.209.74.61 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-74-61.eu-west-1.compute.amazonaws.com

g2.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.86.138.152 (France) 1 redirects

ASN201081 (SMARTADSERVER, FR)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223f:3600:1f:4c18:bd40:93a1 (United States)

ASN16509 (AMAZON-02, US)

cs-rtb.minutemedia-prebid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 77.245.57.72 (United States)

ASN36057 (WEBAIR-INTERNET-MTL, US)

sync.adkernel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.229.221.86 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-229-221-86.compute-1.amazonaws.com

cs-server-s2s.yellowblue.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.16 (United States) 2 redirects

ASN30282 (AS-INAPCDN-OCY, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 213.19.147.45 (Amsterdam, Netherlands) 4 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 193.0.160.131 (United States) 3 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.166.1.10 (United States)

ASN27630 (AS-XFERNET, US)

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.84.158 (North Holland, Netherlands)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.210.236.185 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-210-236-185.compute-1.amazonaws.com

ssp.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.47.127.19 (United States) 1 redirects

ASN3257 (GTT-BACKBONE GTT, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.29.132.245 (United Kingdom) 3 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:de2e:c7b3:55c0:d5a0 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 18.66.97.115 (United States) 7 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-115.fra56.r.cloudfront.net

a.audrte.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.5.132 (Denmark) 4 redirects

ASN198622 (ADFORM, DK)

dmp.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)

pixel-us-east.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 34.247.205.196 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-205-196.eu-west-1.compute.amazonaws.com

usersync.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.68.39.188 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ns3129809.ip-51-68-39.eu

dsp.nrich.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.202.56.4 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-202-56-4.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 70.42.32.127 (United States) 2 redirects

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.217.14 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-217-14.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.214.196.131 (Sunnyvale, United States) 1 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.184.8.90 (Amsterdam, Netherlands) 3 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.7.147.27 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-7-147-27.compute-1.amazonaws.com

sync.ipredictive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2603:c020:400d:3000:f50:982a:7877:65bd (Ashburn, United States) 1 redirects

ASN31898 (ORACLE-BMC-31898, US)

sync.technoratimedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.197.150.8 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com

match.deepintent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.2.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 202.241.208.54 (Japan) 1 redirects

ASN4694 (IDCF IDC Frontier Inc., JP)

tg.socdm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 80.77.87.162 (Clifton, United States) 1 redirects

ASN46636 (NATCOWEB, US)

cs.admanmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.64.191.210 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.182 (Sweden) 2 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.129.221 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.129.111.34.bc.googleusercontent.com

cr.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.111.131.239 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.131.111.34.bc.googleusercontent.com

idsync.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.74.118 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.20 (None, )

ASN- ()

simage4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	doubleclick.net 12 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184 googleads.g.doubleclick.net — Cisco Umbrella Rank: 34 cm.g.doubleclick.net — Cisco Umbrella Rank: 210 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 337	178 KB
26	rubiconproject.com 9 redirects fastlane.rubiconproject.com — Cisco Umbrella Rank: 469 eus.rubiconproject.com — Cisco Umbrella Rank: 566 beacon-ams3.rubiconproject.com — Cisco Umbrella Rank: 10109 token.rubiconproject.com — Cisco Umbrella Rank: 573 pixel.rubiconproject.com — Cisco Umbrella Rank: 315 secure-assets.rubiconproject.com — Cisco Umbrella Rank: 953 pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 967	62 KB
23	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 93 b46f4489daff66e06603ea6e52980509.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 132	121 KB
19	criteo.net static.criteo.net — Cisco Umbrella Rank: 639 imageproxy.eu.criteo.net — Cisco Umbrella Rank: 9070 csm.eu.criteo.net — Cisco Umbrella Rank: 8905	266 KB
18	gumgum.com 1 redirects g2.gumgum.com — Cisco Umbrella Rank: 1404 usersync.gumgum.com — Cisco Umbrella Rank: 1728	6 KB
18	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 214 cdn.adnxs.com — Cisco Umbrella Rank: 1499 ams3-ib.adnxs.com — Cisco Umbrella Rank: 6762 secure.adnxs.com — Cisco Umbrella Rank: 417 acdn.adnxs.com — Cisco Umbrella Rank: 583	103 KB
16	criteo.com 6 redirects bidder.criteo.com — Cisco Umbrella Rank: 723 gum.criteo.com — Cisco Umbrella Rank: 413 mug.criteo.com — Cisco Umbrella Rank: 2837 ads.eu.criteo.com — Cisco Umbrella Rank: 8856 cat.fr3.eu.criteo.com — Cisco Umbrella Rank: 9810 widget.fr3.eu.criteo.com — Cisco Umbrella Rank: 18221 dis.criteo.com — Cisco Umbrella Rank: 575	68 KB
14	pubmatic.com 1 redirects simage2.pubmatic.com — Cisco Umbrella Rank: 660 ads.pubmatic.com — Cisco Umbrella Rank: 492 image6.pubmatic.com — Cisco Umbrella Rank: 682 image2.pubmatic.com — Cisco Umbrella Rank: 820 simage4.pubmatic.com	33 KB
14	servenobid.com ads.servenobid.com — Cisco Umbrella Rank: 1950 public.servenobid.com — Cisco Umbrella Rank: 3536	11 KB
13	wheregoes.com wheregoes.com — Cisco Umbrella Rank: 763361	160 KB
9	audrte.com 7 redirects a.audrte.com — Cisco Umbrella Rank: 1870	6 KB
9	casalemedia.com 2 redirects r.casalemedia.com — Cisco Umbrella Rank: 1339 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 431 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 530	8 KB
9	amazon-adsystem.com 4 redirects s.amazon-adsystem.com — Cisco Umbrella Rank: 273 aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 950	7 KB
9	redintelligence.net 1 redirects hal9000.redintelligence.net — Cisco Umbrella Rank: 41405 hal900029.redintelligence.net — Cisco Umbrella Rank: 348003	56 KB
7	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 276	124 KB
7	smartadserver.com 3 redirects rtb-csync.smartadserver.com — Cisco Umbrella Rank: 592 ssbsync.smartadserver.com — Cisco Umbrella Rank: 724	2 KB
7	yahoo.com 5 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 423 ups.analytics.yahoo.com — Cisco Umbrella Rank: 272	3 KB
7	mathtag.com 4 redirects tags.mathtag.com — Cisco Umbrella Rank: 4147 pixel.mathtag.com — Cisco Umbrella Rank: 978 sync.mathtag.com — Cisco Umbrella Rank: 482	4 KB
6	buysellads.net cdn4.buysellads.net — Cisco Umbrella Rank: 17373	163 KB
5	outbrain.com 3 redirects sync.outbrain.com — Cisco Umbrella Rank: 737	1 KB
5	adform.net 4 redirects cm.adform.net — Cisco Umbrella Rank: 1155 dmp.adform.net — Cisco Umbrella Rank: 2844 c1.adform.net — Cisco Umbrella Rank: 562	3 KB
5	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 306	1 KB
5	media.net 1 redirects prebid.media.net — Cisco Umbrella Rank: 1346 contextual.media.net — Cisco Umbrella Rank: 599 c21lg-d.media.net — Cisco Umbrella Rank: 2170 hbx.media.net — Cisco Umbrella Rank: 1194	11 KB
4	bidswitch.net 3 redirects x.bidswitch.net — Cisco Umbrella Rank: 290	1 KB
4	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 862 id5-sync.com — Cisco Umbrella Rank: 421	20 KB
4	lijit.com 2 redirects ap.lijit.com — Cisco Umbrella Rank: 597 ce.lijit.com — Cisco Umbrella Rank: 782	2 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 181	185 KB
3	weborama.fr 2 redirects cr.frontend.weborama.fr — Cisco Umbrella Rank: 26762 idsync.frontend.weborama.fr — Cisco Umbrella Rank: 26468	921 B
3	creativecdn.com 3 redirects creativecdn.com — Cisco Umbrella Rank: 531	1 KB
3	rfihub.com 3 redirects p.rfihub.com — Cisco Umbrella Rank: 728	2 KB
3	1rx.io 3 redirects sync.1rx.io — Cisco Umbrella Rank: 514	2 KB
3	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 21135 api.webgains.io — Cisco Umbrella Rank: 56810	31 KB
3	360yield.com 2 redirects ad.360yield.com — Cisco Umbrella Rank: 644	1 KB
3	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1025 bcp.crwdcntrl.net — Cisco Umbrella Rank: 863 sync.crwdcntrl.net — Cisco Umbrella Rank: 755	12 KB
3	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 729	361 B
3	fouanalytics.com api.fouanalytics.com — Cisco Umbrella Rank: 10025	7 KB
2	de17a.com 2 redirects d5p.de17a.com — Cisco Umbrella Rank: 4789	562 B
2	everesttech.net 2 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 606	645 B
2	openx.net 2 redirects us-u.openx.net — Cisco Umbrella Rank: 436	675 B
2	zemanta.com 2 redirects b1sync.zemanta.com — Cisco Umbrella Rank: 533	1 KB
2	adkernel.com sync.adkernel.com — Cisco Umbrella Rank: 1131	352 B
2	gstatic.com fonts.gstatic.com	26 KB
2	tradedoubler.com 1 redirects impfr.tradedoubler.com — Cisco Umbrella Rank: 102921 img.tradedoubler.com — Cisco Umbrella Rank: 82373	1 KB
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 200	2 KB
2	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 518	723 B
2	smartclip.net 1 redirects ad.sxp.smartclip.net — Cisco Umbrella Rank: 4139	866 B
2	google.com adservice.google.com — Cisco Umbrella Rank: 68 www.google.com — Cisco Umbrella Rank: 2	2 KB
2	omnitagjs.com hb-api.omnitagjs.com — Cisco Umbrella Rank: 3581 visitor.omnitagjs.com — Cisco Umbrella Rank: 827	2 KB
1	simpli.fi um.simpli.fi — Cisco Umbrella Rank: 722	611 B
1	admanmedia.com 1 redirects cs.admanmedia.com — Cisco Umbrella Rank: 931	660 B
1	socdm.com 1 redirects tg.socdm.com — Cisco Umbrella Rank: 969	695 B
1	deepintent.com match.deepintent.com — Cisco Umbrella Rank: 943	44 B
1	technoratimedia.com 1 redirects sync.technoratimedia.com — Cisco Umbrella Rank: 1463	338 B
1	ipredictive.com 1 redirects sync.ipredictive.com — Cisco Umbrella Rank: 839	465 B
1	contextweb.com 1 redirects bh.contextweb.com — Cisco Umbrella Rank: 550	541 B
1	bluekai.com 1 redirects stags.bluekai.com — Cisco Umbrella Rank: 511	771 B
1	stackadapt.com 1 redirects sync.srv.stackadapt.com — Cisco Umbrella Rank: 645	893 B
1	nrich.ai 1 redirects dsp.nrich.ai — Cisco Umbrella Rank: 2740	565 B
1	quantserve.com 1 redirects cms.quantserve.com — Cisco Umbrella Rank: 686	507 B
1	disqus.com 1 redirects ssp.disqus.com — Cisco Umbrella Rank: 1295	274 B
1	a-mo.net prebid.a-mo.net — Cisco Umbrella Rank: 855	109 B
1	sonobi.com sync.go.sonobi.com — Cisco Umbrella Rank: 874	500 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1040	465 B
1	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 812	434 B
1	yellowblue.io cs-server-s2s.yellowblue.io — Cisco Umbrella Rank: 2791	329 B
1	minutemedia-prebid.com cs-rtb.minutemedia-prebid.com — Cisco Umbrella Rank: 3607	486 B
1	thebrighttag.com s.thebrighttag.com — Cisco Umbrella Rank: 1806	268 B
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 601	338 B
1	webgains.team cdn.track.production.webgains.team — Cisco Umbrella Rank: 59947	437 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	43 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	1 KB
1	awin1.com www.awin1.com — Cisco Umbrella Rank: 16768	702 B
1	webgains.com track.webgains.com — Cisco Umbrella Rank: 44502	2 KB
1	office-partner.de adv.office-partner.de — Cisco Umbrella Rank: 195628	931 B
1	yieldmo.com sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 2169	38 B
1	yieldlab.net ad.yieldlab.net — Cisco Umbrella Rank: 4221	400 B
1	twiago.com a.twiago.com — Cisco Umbrella Rank: 33513	153 B
1	tremorhub.com criteo-partners.tremorhub.com — Cisco Umbrella Rank: 2297	399 B
1	mediavine.com exchange.mediavine.com — Cisco Umbrella Rank: 1306	885 B
1	ivitrack.com matching.ivitrack.com — Cisco Umbrella Rank: 2616	274 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 358	140 B
1	teads.tv criteo-sync.teads.tv — Cisco Umbrella Rank: 1927	163 B
1	taboola.com sync-t1.taboola.com — Cisco Umbrella Rank: 1288	99 B
1	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 339	648 B
1	adsafety.net 1 redirects cm.adsafety.net — Cisco Umbrella Rank: 21640	1 KB
1	smartstream.tv 1 redirects ads.smartstream.tv — Cisco Umbrella Rank: 32942	823 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 199	5 KB
1	google.de adservice.google.de — Cisco Umbrella Rank: 9037	531 B
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 2631	2 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 344	877 B
1	buysellads.com srv.buysellads.com — Cisco Umbrella Rank: 18291	689 B
1	w.org s.w.org — Cisco Umbrella Rank: 1790	1 KB
0	iqzone.com Failed cs.iqzone.com Failed
282	93

	Domain	Requested by
17	usersync.gumgum.com	1 redirects g2.gumgum.com
17	pagead2.googlesyndication.com	securepubads.g.doubleclick.net cdn4.buysellads.net pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net wheregoes.com www.googletagservices.com
15	cm.g.doubleclick.net	12 redirects wheregoes.com g2.gumgum.com
13	static.criteo.net	securepubads.g.doubleclick.net ads.eu.criteo.com cdn4.buysellads.net static.criteo.net
13	ads.servenobid.com	cdn4.buysellads.net public.servenobid.com ssum-sec.casalemedia.com ssbsync.smartadserver.com g2.gumgum.com ads.pubmatic.com
13	wheregoes.com	wheregoes.com
9	a.audrte.com	7 redirects ssbsync.smartadserver.com ads.pubmatic.com
9	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net wheregoes.com
8	eus.rubiconproject.com	wheregoes.com eus.rubiconproject.com cdn4.buysellads.net public.servenobid.com g2.gumgum.com
8	ams3-ib.adnxs.com	cdn4.buysellads.net wheregoes.com cdn.adnxs.com
7	s0.2mdn.net	wheregoes.com s0.2mdn.net
7	pixel.rubiconproject.com	3 redirects ads.eu.criteo.com eus.rubiconproject.com
7	gum.criteo.com	5 redirects static.criteo.net
6	cdn4.buysellads.net	wheregoes.com
5	sync.outbrain.com	3 redirects ads.eu.criteo.com g2.gumgum.com
5	s.amazon-adsystem.com	2 redirects ssum-sec.casalemedia.com ssbsync.smartadserver.com
5	match.adsrvr.org	googleads.g.doubleclick.net wheregoes.com ssum-sec.casalemedia.com g2.gumgum.com ads.pubmatic.com
5	hal900029.redintelligence.net	1 redirects wheregoes.com hal900029.redintelligence.net
5	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com wheregoes.com
5	ib.adnxs.com	2 redirects cdn4.buysellads.net acdn.adnxs.com
4	image2.pubmatic.com	ads.pubmatic.com
4	dsum-sec.casalemedia.com	1 redirects ssum-sec.casalemedia.com
4	simage2.pubmatic.com	ads.eu.criteo.com ads.pubmatic.com
4	ups.analytics.yahoo.com	3 redirects
4	rtb-csync.smartadserver.com	2 redirects ads.eu.criteo.com ssbsync.smartadserver.com
4	x.bidswitch.net	3 redirects
4	aax-eu.amazon-adsystem.com	2 redirects ads.pubmatic.com
4	token.rubiconproject.com	4 redirects
4	imageproxy.eu.criteo.net	ads.eu.criteo.com
4	hal9000.redintelligence.net	wheregoes.com hal900029.redintelligence.net
4	www.googletagservices.com	cdn4.buysellads.net securepubads.g.doubleclick.net
3	creativecdn.com	3 redirects
3	sync.mathtag.com	3 redirects
3	p.rfihub.com	3 redirects
3	sync.1rx.io	3 redirects
3	ads.pubmatic.com	public.servenobid.com g2.gumgum.com ads.pubmatic.com
3	ssum-sec.casalemedia.com	public.servenobid.com ssum-sec.casalemedia.com g2.gumgum.com
3	ssbsync.smartadserver.com	1 redirects public.servenobid.com ssum-sec.casalemedia.com
3	ad.360yield.com	2 redirects
3	dis.criteo.com	1 redirects
3	pr-bh.ybp.yahoo.com	2 redirects ssum-sec.casalemedia.com
3	tags.mathtag.com	1 redirects wheregoes.com
3	id5-sync.com	cdn.id5-sync.com ads.eu.criteo.com ssbsync.smartadserver.com
3	fastlane.rubiconproject.com	cdn4.buysellads.net
3	onetag-sys.com	cdn4.buysellads.net public.servenobid.com
3	api.fouanalytics.com	wheregoes.com api.fouanalytics.com
2	c1.adform.net	2 redirects
2	cr.frontend.weborama.fr	2 redirects
2	d5p.de17a.com	2 redirects
2	sync-tm.everesttech.net	2 redirects
2	us-u.openx.net	2 redirects
2	b1sync.zemanta.com	2 redirects
2	dmp.adform.net	2 redirects
2	image6.pubmatic.com	1 redirects ads.pubmatic.com
2	ce.lijit.com	2 redirects
2	sync.adkernel.com	public.servenobid.com g2.gumgum.com
2	secure-assets.rubiconproject.com	2 redirects
2	api.webgains.io	analytics.webgains.io
2	googleads4.g.doubleclick.net	wheregoes.com
2	fonts.gstatic.com	fonts.googleapis.com
2	dpm.demdex.net	1 redirects
2	r.casalemedia.com	1 redirects
2	match.sharethrough.com	ads.eu.criteo.com public.servenobid.com
2	contextual.media.net	ads.eu.criteo.com cdn4.buysellads.net
2	secure.adnxs.com	1 redirects ads.eu.criteo.com
2	ad.sxp.smartclip.net	1 redirects googleads.g.doubleclick.net
2	csm.eu.criteo.net	ads.eu.criteo.com
2	googleads.g.doubleclick.net	cdn4.buysellads.net pagead2.googlesyndication.com
2	cdn.adnxs.com	cdn4.buysellads.net
2	mug.criteo.com
2	ap.lijit.com	cdn4.buysellads.net public.servenobid.com
1	simage4.pubmatic.com	ads.pubmatic.com
1	um.simpli.fi	ads.pubmatic.com
1	idsync.frontend.weborama.fr	ads.pubmatic.com
1	sync.crwdcntrl.net	ads.pubmatic.com
1	cs.admanmedia.com	1 redirects
1	tg.socdm.com	1 redirects
1	match.deepintent.com	g2.gumgum.com
1	sync.technoratimedia.com	1 redirects
1	sync.ipredictive.com	1 redirects
1	bh.contextweb.com	1 redirects
1	stags.bluekai.com	1 redirects
1	sync.srv.stackadapt.com	1 redirects
1	dsp.nrich.ai	1 redirects
1	pixel-us-east.rubiconproject.com	eus.rubiconproject.com
1	cms.quantserve.com	1 redirects
1	hbx.media.net	1 redirects
1	ssp.disqus.com	1 redirects
1	prebid.a-mo.net	public.servenobid.com
1	sync.go.sonobi.com	public.servenobid.com
1	sync.targeting.unrulymedia.com	1 redirects
1	ad.turn.com	1 redirects
1	cs-server-s2s.yellowblue.io	public.servenobid.com
1	cs-rtb.minutemedia-prebid.com	public.servenobid.com
1	g2.gumgum.com	public.servenobid.com
1	c21lg-d.media.net	contextual.media.net
1	public.servenobid.com	cdn4.buysellads.net
1	acdn.adnxs.com	cdn4.buysellads.net
1	s.thebrighttag.com
1	beacon.krxd.net
1	cdn.track.production.webgains.team	wheregoes.com
1	analytics.webgains.io	track.webgains.com
1	www.googletagmanager.com	adv.office-partner.de
1	fonts.googleapis.com	hal900029.redintelligence.net
1	img.tradedoubler.com	wheregoes.com
1	impfr.tradedoubler.com	1 redirects
1	www.awin1.com	wheregoes.com
1	track.webgains.com	wheregoes.com
1	adv.office-partner.de	hal900029.redintelligence.net
1	sync-criteo.ads.yieldmo.com	ads.eu.criteo.com
1	ad.yieldlab.net	ads.eu.criteo.com
1	a.twiago.com	ads.eu.criteo.com
1	criteo-partners.tremorhub.com	ads.eu.criteo.com
1	exchange.mediavine.com	ads.eu.criteo.com
1	matching.ivitrack.com	ads.eu.criteo.com
1	visitor.omnitagjs.com	ads.eu.criteo.com
1	cm.adform.net	ads.eu.criteo.com
1	eb2.3lift.com	ads.eu.criteo.com
1	criteo-sync.teads.tv	ads.eu.criteo.com
1	sync-t1.taboola.com	ads.eu.criteo.com
1	www.google.com	tpc.googlesyndication.com
1	px.ads.linkedin.com	wheregoes.com
1	cm.adsafety.net	1 redirects
1	ads.smartstream.tv	1 redirects
1	cdnjs.cloudflare.com	ads.eu.criteo.com
1	widget.fr3.eu.criteo.com	ads.eu.criteo.com
1	cat.fr3.eu.criteo.com	ads.eu.criteo.com
1	beacon-ams3.rubiconproject.com	wheregoes.com
1	ads.eu.criteo.com	wheregoes.com
1	pixel.mathtag.com	wheregoes.com
1	b46f4489daff66e06603ea6e52980509.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	cdn.jsdelivr.net	securepubads.g.doubleclick.net
1	prebid.media.net	cdn4.buysellads.net
1	hb-api.omnitagjs.com	cdn4.buysellads.net
1	bidder.criteo.com	cdn4.buysellads.net
1	srv.buysellads.com	cdn4.buysellads.net
1	s.w.org	wheregoes.com
0	cs.iqzone.com Failed	g2.gumgum.com
282	144

This site contains links to these domains. Also see Links.

Domain
twitter.com

Subject Issuer	Validity	Valid
wheregoes.com GTS CA 1P5	`2023-04-21` - `2023-07-20`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-10-09` - `2023-10-09`	a year	crt.sh
cdn4.buysellads.net R3	`2023-05-22` - `2023-08-20`	3 months	crt.sh
*.w.org Sectigo ECC Domain Validation Secure Server CA	`2022-12-06` - `2024-01-06`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
*.buysellads.com Sectigo RSA Domain Validation Secure Server CA	`2022-05-09` - `2023-06-09`	a year	crt.sh
ads.servenobid.com Amazon RSA 2048 M01	`2023-04-29` - `2024-05-27`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-12` - `2023-08-10`	3 months	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-21` - `2023-07-21`	a year	crt.sh
prebid.media.net GTS CA 1D4	`2023-05-09` - `2023-08-07`	3 months	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-28` - `2024-01-28`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2022-06-27` - `2023-06-05`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-27` - `2023-08-27`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2022-11-07` - `2023-12-06`	a year	crt.sh
cdn.prod.uidapi.com R3	`2023-05-18` - `2023-08-16`	3 months	crt.sh
*.id5-sync.com R3	`2023-04-18` - `2023-07-17`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
redintelligence.net R3	`2023-04-10` - `2023-07-09`	3 months	crt.sh
pixel.mathtag.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-05` - `2023-07-05`	a year	crt.sh
*.mathtag.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-30` - `2024-04-29`	a year	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2022-10-21` - `2023-10-22`	a year	crt.sh
*.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-13` - `2023-08-10`	3 months	crt.sh
*.fr3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-22` - `2023-06-25`	3 months	crt.sh
*.eu.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-26` - `2023-06-29`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-02-18`	a year	crt.sh
*.sharethrough.com Amazon RSA 2048 M02	`2023-02-10` - `2023-08-12`	6 months	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
*.taboola.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
teads.tv R3	`2023-05-11` - `2023-08-09`	3 months	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2023-04-13` - `2024-05-11`	a year	crt.sh
*.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-05-18` - `2023-06-16`	a year	crt.sh
itm.ivitrack.com R3	`2023-04-04` - `2023-07-03`	3 months	crt.sh
exchange.mediavine.com Amazon RSA 2048 M01	`2023-02-11` - `2023-08-04`	6 months	crt.sh
*.outbrain.com Thawte RSA CA 2018	`2022-11-06` - `2023-11-28`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.tremorhub.com Amazon RSA 2048 M01	`2023-02-22` - `2024-03-23`	a year	crt.sh
*.twiago.com Sectigo RSA Domain Validation Secure Server CA	`2022-11-28` - `2023-12-29`	a year	crt.sh
*.yieldlab.net DigiCert TLS RSA SHA256 2020 CA1	`2022-11-16` - `2023-11-15`	a year	crt.sh
*.ads.yieldmo.com Amazon RSA 2048 M01	`2023-04-04` - `2024-05-02`	a year	crt.sh
adv.office-partner.de R3	`2023-05-01` - `2023-07-30`	3 months	crt.sh
*.webgains.com Amazon RSA 2048 M01	`2023-05-15` - `2024-06-13`	a year	crt.sh
www.awin1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-10` - `2024-03-09`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
*.webgains.io Amazon RSA 2048 M02	`2023-03-02` - `2023-09-21`	7 months	crt.sh
cdn.track.production.webgains.team Amazon RSA 2048 M01	`2023-02-28` - `2023-10-28`	8 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
*.servenobid.com Amazon RSA 2048 M02	`2023-02-21` - `2024-02-05`	a year	crt.sh
gumgum.com Amazon RSA 2048 M01	`2023-02-14` - `2023-10-05`	8 months	crt.sh
casalemedia.com Go Daddy Secure Certificate Authority - G2	`2022-12-13` - `2024-01-13`	a year	crt.sh
*.minutemedia-prebid.com Amazon RSA 2048 M01	`2023-05-01` - `2024-05-29`	a year	crt.sh
*.adkernel.com AlphaSSL CA - SHA256 - G4	`2023-01-03` - `2024-02-04`	a year	crt.sh
*.yellowblue.io Amazon RSA 2048 M01	`2023-03-24` - `2024-04-21`	a year	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2022-12-06` - `2024-01-07`	a year	crt.sh
*.a-mo.net R3	`2023-04-13` - `2023-07-12`	3 months	crt.sh
s.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-03` - `2024-02-19`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-04-04` - `2023-09-27`	6 months	crt.sh
*.deepintent.com Go Daddy Secure Certificate Authority - G2	`2022-11-30` - `2024-01-01`	a year	crt.sh
*.ad-server.k8s.ie.ggops.com Amazon RSA 2048 M02	`2023-02-08` - `2024-02-15`	a year	crt.sh
aax-eu.amazon-adsystem.com Amazon RSA 2048 M01	`2023-01-27` - `2024-01-27`	a year	crt.sh
*.simpli.fi DigiCert TLS RSA SHA256 2020 CA1	`2022-11-07` - `2023-12-08`	a year	crt.sh

This page contains 50 frames:

Primary Page: https://wheregoes.com/trace/20232483605/
Frame ID: B3991FB9E84596082137D11E57373027
Requests: 50 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=wheregoes.com
Frame ID: 04C408A40F481289364ACEC32382FB87
Requests: 2 HTTP requests in this frame

Frame: https://b46f4489daff66e06603ea6e52980509.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 193FB932616797C0E0B0258BB029A0EA
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstYiPXNHWi7b9YT2D8WATqHbJGpXhJLVnYMGt3PF5Uh_Emj-IkVZP-fpeOm13umGKRJpU4O4sxDqm13ipJRsb40Nw7lokNJG6kkeM7-_OFol8quVxp1dp3YxCcvaDsT30XSVAqY6gzfxWkKF2D-OhH5dU4fMaUYVwVhybYVghH9KV102wLWpG6I5nFMG9lZqFKC1i3b9RIS80BTNdLJ027WcPVOkOa3XIF0x3wfBtVaAbW_teWR2NrCKDugv6ricjXBq-dygcDGmbyX62iERFtRfqHic8TMMpr1Qo9GByaASOLt2hvdMZw6sKqjP8TbHWv3CN8HpVAze6iQVjAkCUi9DsAF9w&sai=AMfl-YSHtltn08UenGPnM6M8qVeUJLXhx7wq0dSqQatw9WkguKXrB7C1ix-rXUffPKW6JUoju3lI36mo8NI5PMnUMIa2p3DYVVBd6ooxmuYGjlReg9L35avuD9fQ8UVQ9Tua77QFekmqMLrpeEEtYHA&sig=Cg0ArKJSzKgy40gy_6WPEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 934620C724A5FBDD2DFC647B75F54AC2
Requests: 21 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstwdMTHQOjfxzvkFbJmtxw3GnfX2JhhoLZ_ZNd6cZp_f66tU0wkS5l_q2kFAsmOs8gUJYxybkCa28Uy0eoo2_I0v2nTgeX1Og9adNYrK6CnCaz43FmpdASCUOXl3J1DSJE2XFLlM97tnOznD5KmsZCdZaensQzrk39KFUrTV_QCOyDQ86nxlr5CM8dKCpQJe5pRc8UCmIWVOJjLwsdcMNr4GuEd-GlHD0NL2Me8VE7aU7Ur83VC9uRDN-wzMgqXmgjpvUqVIyRgCKzxm2LVQmRVUyYBJeRxHNCzfXUUQ4ExnqGJPJyiBGqjiv3SguBA5L2olfr7jWLTI1jKkwIHFS0jYg&sai=AMfl-YSYYilpPCaZ44gmx4pSltqbFFYRZe5_1GfMZCj9Akk70gDQXejk2XQc5LSl2H7c_B_h99whfdG13RvP2W7IhTMYvdpA1hDkNwgL5H6RDS9hMUuasqn9FA_VvH3s4gd6a42onwh-fTNyPAsNYEg&sig=Cg0ArKJSzAteJZXbDeZ9EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 7140573A3163482D00227025EB124540
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuDqnmIMya5K4aydwLJZwC8IPOtbNdwnnvZq-yUq7gPLGAzUpAPU69ioqmM6mt6qEbrwIcvwIw7fYo10jAVzSNqHW3103vN__KPYH68LVkzGJVUf2rOarHpFZ1WegcVWJi5dOGycomPZqfhZk9bok8zTryKNzau8jG7AQlOMOgg0RlAaBddqSypgnAQSn6zc1YwzAHMgAYkAClcx1MFfTtnXghYTl5KnIwYjuMZoOh4AT_5VPFa4McpQLgOVY28-32_bL4vlf1S9wLnz3asTfXFskkVRxVwQLy1pqTFarZE5iTuZWTkd0_6O9IfrTesRq5tyj2gjJRtVk8LP0Z2StknkQOwT-7b5Ug&sai=AMfl-YQCQbca1NGw7zd3EtG-5oF_dJkggO017WqF0uDkRK-bedHUIa7uWRniFIq60nOGmhubm6u-8jg1ugzT7htl79-WxGoCpevG5KhhpcAxDGT9uJDSM2ExI0Iv-G2ePBXh7UX-yhs-FhQAz3x-dZY&sig=Cg0ArKJSzGREM7a6zqTvEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: CCE23A3DBC1C472FF735CE4E25375C54
Requests: 25 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=12F10575BFC817E0&u=%7CIC%2BrATLYZKtX74gq%2Bc6p7MAvdOBtpvYX%2FKAaG4Gt7Fg%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU870gEAOzIR7LKk_mcvZ6vJsCmbh3GlMA9xW1E4e--yQkBCvTujtwhnkE7UomXZXVswmsA17itRYAOZTALqbApMURvT7YOOlW8h4Ff092eqbn5GMzzBI6oDeC_0xN36VuITFfOwr01f1af3xuK7kBWMr-W95x53I2tRwxXnzLNNS8LmEP5V0uI5h3Bh10fOb1XMr9et9vWHrTGyCWd5nwafsIRe287TBrLM9YhJJDBWWWxMtKZcZsGv0ZiQk7YIzTtDkM32cDgUZxNlJvgE55QQIhFKG19mxXdq0p2Z3OaHSiFnTuKIy_2kIhNjbRo2dmYeUCRCm1uX6hS1fBYgld2shpTZuz3jBNG2-Kk9bjeRDgx0CJFrLf7kBFSOUTvx71IlpxPVUYLpn4VMphT-ORR3ZYeOceQVzVz91mohGgpXdbtdiZ30Elj6A-wLVCWVzsgVktR550cEi54UgT3MbaBOlF89fJxsvCALd_OyMr-Kt9tSoEpmrTAAW7Lt3u40en2S9Rc0LAh7nz7ss9BIduJlwVvYIpdEYmcO0zK3YhLhBIVPmoYLpg3tcDwsUtGh5SIJzMVnipbsJPWBOf3SD_85AaxjTfQGMg_BW_qtnXTYE0o0YkFZP_57eS3Li-LAbxCXf2F49IsVYj4
Frame ID: 1A5D8712B825E38C74C5BA941B12BC92
Requests: 19 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: 8E6B4A66F5575418FB3F2173BC9970B2
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMmp1wIQ19vYAhjU3vPiATAB&v=APEucNVOB5P1ZWIRCR-GRP-TjeZuLws2dDXlG_o7UxYyMgvAoyy8hLksKgs_yP-x10sjQ4ElpWEsLtrd3g7vVHatz8xUf07aPFJoQtkSdDRqxiE4b7Fq-RmQDA3KVbCuwvTTMQVfA60GiKyvG3FtLYnVhuSSyIfqSFLa-FlqP_g4vrFZC81HdNpmqh37vhU1x6VU0glj_j91jAOnLVJ-OXWWZp_GX1ezhI2pBNlenxdalge_kp6V7Mc
Frame ID: F0B014597C0FA7191D0083D0817FEE92
Requests: 3 HTTP requests in this frame

Frame: https://widget.fr3.eu.criteo.com/dis/dis.aspx?pu=7944&cb=64729ae59959583edf155df17aca1587&r=https%3a%2f%2fwheregoes.com%2f&crossorigin=false
Frame ID: 22F4DF7BE0FFBABFB083F871E18C03EA
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 735AB4851EC1EC50459FA85F891775C3
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 07DEC430A5A1D7D8FB1845477790C3FF
Requests: 2 HTTP requests in this frame

Frame: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-ETEyNAfyAxJKbFc1RE-gSZrbp9BDwfL-OA2vVQ&expires=30
Frame ID: 9D51B634C372665B593E1EEA21B919F3
Requests: 28 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: 06570F5B8A9DB9F2CDB9D9A328964114
Requests: 2 HTTP requests in this frame

Frame: https://hal900029.redintelligence.net/request_content.php?s=97383300005799400951443012338029&a=4718c103
Frame ID: 417224A85136DFA9F654C7B21CC5F2A2
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: BC9B9A952455D35480F51D5EA65E47DA
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/4158533142830104492/index.html
Frame ID: 1B2E899CE0FC2E3CE9C718212D3F4265
Requests: 9 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=wheregoes.com
Frame ID: 727F5BD287B4F46067134996C0F5B397
Requests: 2 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU18831I&prvid=2034%2C2033%2C2031%2C2030%2C273%2C233%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C359%2C437%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C244%2C201%2C3007%2C246%2C4%2C203%2C446%2C9%2C407%2C2011%2C2055%2C3022%2C3020%2C173%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C336%2C3014%2C337%2C338%2C459%2C339%2C70%2C77%2C38%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: EB858A81EE8540789C0D2A7CE0D09321
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1685232357327
Frame ID: 9470CD0032B2577E86DFDBC46B11096D
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 11D5722FB08885906F21AC616FBBBC56
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 2732BA61B43BCAF2BA539AF120BBA96B
Requests: 2 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: 3B9E3B277F18805F9A6DC313CD6F24B4
Requests: 13 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: 186FE446FBFE57B8A6CE9D447CEBE48A
Requests: 15 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: 71B1F298782054AB562295CCEC58DD29
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: EC2F67AD1BA15EA486F9C7B261CF1372
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Frame ID: 1123AC7C85CD53E75C93A41637CBCA25
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Frame ID: C73C76AEC274E0F57EF47D32AFD98595
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Frame ID: 20F88DC97B5BCCF889637841CA0BDC06
Requests: 12 HTTP requests in this frame

Frame: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Frame ID: 3734A79D3678C3D4C21085B04B983300
Requests: 1 HTTP requests in this frame

Frame: https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Frame ID: C152B454D41CAECE659BD91B49E0AA49
Requests: 1 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Frame ID: B12FC5D591CA46D3E530A48EF420DFC3
Requests: 1 HTTP requests in this frame

Frame: https://sync.adkernel.com/user-sync?zone=181093&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dmdp%26i%3D%5BUID%5D&gdpr=0&gdpr_consent=&ccpa=1---
Frame ID: 9999C211EA4F010B20CCCEC11AD0C729
Requests: 1 HTTP requests in this frame

Frame: https://cs.iqzone.com/e9d4ff858b5e32317e843f5ed11b2659.gif?puid=e_307050ea-315e-41b2-8ee1-3a31bc5ad775&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diqz
Frame ID: D1C958AC8DCD0200DE8F9B53B0CE21EC
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: 2A8758352B1C2B9ACE9E6D950FC2E6C8
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Frame ID: 17715827B9546140793E4E669643A271
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=mmh&i=e7026472-9ae5-4401-9cbe-7a98e6149dc1&gdpr=0&gdpr_consent=
Frame ID: EE6116EC8B166480B1ABB7962D47E2EB
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=atm&i=ZHKa6AANZFcxZQBa&gdpr=0&gdpr_consent=&_test=ZHKa6AANZFcxZQBa
Frame ID: 10E81A3A21C74076BF3357665826D6E4
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV8zMDcwNTBlYS0zMTVlLTQxYjItOGVlMS0zYTMxYmM1YWQ3NzU=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: 0A5D44B8FB8511BDD3D9217E2C96E4A7
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=ZHKa6cCo5ssAAKe8xJAAAAAA
Frame ID: F420B1FF4B4619C3B9529C4D1EF9A117
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=aad&i=61dcd3de-6347-42c6-96f2-db0d0787e501
Frame ID: 3A2248CA9915BE263C58CB6B27D45FEE
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
Frame ID: FD73EC9AEF0A56D65103281F9F10C7E4
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=zWmv2AMEIKjLEuWMpWa2&pi=gumgum&tc=1
Frame ID: B61237F6C96D4EDA47F4C4BC43DDB743
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 3D091424CC61D2B9BA2AFE44ACC61225
Requests: 3 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:e7026472-9ae5-4401-9cbe-7a98e6149dc1&gdpr=0&gdpr_consent=
Frame ID: BB30F1C45646F287F2D014D0B71D7962
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5141210825224141390
Frame ID: B9E121D62A36C14E462F0B910F5330A5
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 57DB0E821E8CE54EA1ABC2F16E1F592A
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2203260035567559171
Frame ID: E2AE86A9652D3EF329D0CF1BF54A8791
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=53544C99-45ED-49E4-A1E4-0671C2D599C3&redir=true&gdpr=0&gdpr_consent=
Frame ID: 3F7CE6726655566ADFB3AA7A3246FD7B
Requests: 1 HTTP requests in this frame

Frame: https://ads.servenobid.com/sync?pid=316&uid=53544C99-45ED-49E4-A1E4-0671C2D599C3
Frame ID: 7A22D5247F8E0B60CD2D098D8998E120
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Trace Results | WhereGoes

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

282
Requests

80 %
HTTPS

25 %
IPv6

93
Domains

144
Subdomains

107
IPs

11
Countries

1754 kB
Transfer

4309 kB
Size

128
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/WhereGoes_com
Title: Twitter

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 47

https://gum.criteo.com/sid/json?origin=publishertagids&domain=wheregoes.com&sn=ChromeSyncframe&so=0&topUrl=wheregoes.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=QU3ym3x3UzZKcGN1NzljR2RwTkovVFJ3WEI1bkJ6QUhJL0NmaUp2YVI2b2dHZzF0SUw4LzdiZTlHdmNLM01QSlZ1d2hmbFNhclNWc1h2UUFSVWQ4dGE0YjFQODYzcS81RGpySmo0ei9tQi9NbWpDaFRsOVdMS1hTTDVFeGxyYVphOGZBTC9aK2NidDlvTkxBSzV3bk4rcU5qZElGTjJneDVjMDZlT0RWZUtDZGt2TUh0ZXI2MXJZbjZsTWR0dE45Vmx1ZVlEK0hCMlFzekJyZGQycWFjTGpyWXEvY3V2WFZDaDh6T3N5ZzlMYlpvRlAxRUtQY09vNnYwWWl3ZzFFOFJwdWkyU3QwU2grdWtaSS9pQXEzK2tnVFRWUT09fA&cppv=2

Request Chain 59

https://tags.mathtag.com/notify/img?exch=apn&s_exch=apn&id=5aW95q2jLzIzLyAvTW1RMFpUY3hNbUl0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzY0MjgxNDk0ODMwMDQ4MjgxMDIvNjYyMjQwNS80NTYyMzEyLzEzL3BsWjhWR3VrbnppclRLRkhTMEdIWExhTTl5M1gxSGxoT0JMZHZFUmt2Q2svMS8xMy8wLzAvOTU2ODAzLzMxMTc3ODM5NDkvMjE2NTM2LzY1MTg3MS8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzY0MjgxNDk0ODMwMDQ4MjgxMDIvYW1zLzAvMzEvOS85OTkvMTYyLzE4NS4yMTMuMTU1LjAvMC4wMDAvMTY4NTIzMjM1Ny8xNjg1MjQ0OTU3LzEzLzEwNzAxNDEv/6qWaEJxhlc4KPU178STRveA84bw&nodeid=3304&group=cdg&auctionid=6428149483004828102&pbs_auctionid=6428149483004828102&shardkey=6428149483004828102&sid=4562312&cid=6622405&bp=a_adafih&min_bid_win=${AUCTION_MIN_TO_WIN}&nfy_act=LD5wew&bfip=185.29.134.228&type=imp&client=c2s HTTP 302
https://tags.mathtag.com/ck-confirm?bid_id=6428149483004828102&node_id=3304&exch_id=13

Request Chain 74

https://hal900029.redintelligence.net/request.php?zone=knsinarql37c&nw=20&renderingType=javascript&namespace=354454591c&subid=&uid=29f0c7c5f293d076&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aapn&envData=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&ud=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D6428149483004828102%26mt_id%3D6622405%26mt_adid%3D216536%26redirect%3D&documentReferer=https%3A%2F%2Fwheregoes.com%2Ftrace%2F20232483605%2F&ancestorOrigins=https%3A%2F%2Fwheregoes.com&random=6818593416005&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal900029.redintelligence.net/request.php?zone=knsinarql37c&nw=20&renderingType=javascript&namespace=354454591c&subid=&uid=29f0c7c5f293d076&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aapn&envData=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&ud=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D6428149483004828102%26mt_id%3D6622405%26mt_adid%3D216536%26redirect%3D&documentReferer=https%3A%2F%2Fwheregoes.com%2Ftrace%2F20232483605%2F&ancestorOrigins=https%3A%2F%2Fwheregoes.com&random=6818593416005&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 95

https://cm.g.doubleclick.net/pixel?google_nid=smartstreamtv_dbm&google_cm&google_dbm HTTP 302
https://ads.smartstream.tv/cm/?cmsrc=dcm&google_gid=CAESENG6wG-7rbdZRUVpPVwlREA&google_cver=1 HTTP 302
https://cm.adsafety.net/?_cmsrc=dcm&testmidt=1&testdid=CAESENG6wG-7rbdZRUVpPVwlREA&idt=0&did=0&data[stv][midt]=100&data[stv][mdid]=37b5d98dbf86cd0dbc521231bccf8460&uid=37b5d98dbf86cd0dbc521231bccf8460&data[stv][idt_did_status]=added&gdpr_consent=&gdpr=0 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=admans&ttd_tpi=1&gdpr=1&gdpr_consent=

Request Chain 96

https://cm.g.doubleclick.net/pixel?google_nid=smartclip_dbm&google_cm&google_dbm HTTP 302
https://ad.sxp.smartclip.net/sync?type=host&dsp=10&dspuuid=CAESEMUssBwJyInKUuD7ZSjswvI&google_cver=1 HTTP 302
https://ad.sxp.smartclip.net/sync?type=host&dsp=10&dspuuid=CAESEMUssBwJyInKUuD7ZSjswvI&google_cver=1&ang_testid=1

Request Chain 97

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/e_y2fXTHHGdaVUktlqbVMw?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-UBMk1c5E2oJTcCdxQqVLhsg7zXPEHlwsEHOusw--~A

Request Chain 98

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEIgHqOMbUhTOTs5o61dIUIE&google_cver=1

Request Chain 99

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NDM1NTZlNzNiODUyMmFmNjFjZDYzZGE3ZGE1NWQxYjI2YzA0MmJhOA

Request Chain 100

https://token.rubiconproject.com/token?pid=36584 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LI6NU16A-25-XAT

Request Chain 101

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=H2QIgw2EQ5yP10NV3EtfMA&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=H2QIgw2EQ5yP10NV3EtfMA

Request Chain 103

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=aUCEJS0ZQAizp5WFZjWSMw&rk=usync-other HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=aUCEJS0ZQAizp5WFZjWSMw

Request Chain 104

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEk2TlUxNkEtMjUtWEFU HTTP 302
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMi2M2VJB5z2qIf6Ln_LT6U&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEk2TlUxNkEtMjUtWEFU&google_push=

Request Chain 110

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-ETEyNAfyAxJKbFc1RE-gSZrbp9BDwfL-OA2vVQ&expires=30 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-ETEyNAfyAxJKbFc1RE-gSZrbp9BDwfL-OA2vVQ&expires=30

Request Chain 111

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-ZA_blAfyAxJKbFc1RE-gSZrbp9CA0Mbc_odkBQ&google_cm&google_hm=ay1aQV9ibEFmeUF4SktiRmMxUkUtZ1NacmJwOUNBME1iY19vZGtCUQ HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-ZA_blAfyAxJKbFc1RE-gSZrbp9CA0Mbc_odkBQ&google_gid=CAESEB4wERfmyLTJ3ID5X-NL97o&google_cver=1&google_ula=913071,0

Request Chain 112

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5406120377368137467

Request Chain 121

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-9UpKrgfyAxJKbFc1RE-gSZrbp9DiPDMetJoDkw HTTP 302
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-9UpKrgfyAxJKbFc1RE-gSZrbp9DiPDMetJoDkw&verify=true

Request Chain 124

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-3clGMQfyAxJKbFc1RE-gSZrbp9BJi20PbVTCxA HTTP 302
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-3clGMQfyAxJKbFc1RE-gSZrbp9BJi20PbVTCxA&C=1

Request Chain 125

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=01TB7S78NQvUN_PexiXAClCBYbyC8S0y HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=01TB7S78NQvUN_PexiXAClCBYbyC8S0y

Request Chain 127

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-5kN9ZAfyAxJKbFc1RE-gSZrbp9DVQTizqjIjQA HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-5kN9ZAfyAxJKbFc1RE-gSZrbp9DVQTizqjIjQA

Request Chain 140

https://impfr.tradedoubler.com/imp?type(inv)g(24495172)a(1565155)epi(97383300005799400951443012338029)613189095 HTTP 302
https://img.tradedoubler.com/images/inv.gif

Request Chain 159

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=Jui3NgiUKvHc1pal_T199Wlit-N2W0cB

Request Chain 171

https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40 HTTP 302
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=iRwRj2izv3dKmw6z7OPYfqh25HE0fIsK

Request Chain 196

https://gum.criteo.com/sid/json?origin=publishertag&domain=wheregoes.com&sn=ChromeSyncframe&so=3&topUrl=wheregoes.com&bundle=W9rR9F9scEZ2JTJCJTJGTU4zNVdybTZNZWRubXlKWkdVcm51R3ppYUt5MU8zQWpNZ1JrZHB4RzU0RlVGM0RQM1g2Tzg4VVlSRFZzVnhMSDI4MSUyRjVRcjhmcXpCZ3ZLJTJGMm81ckZ2MGNyTjJER2NqNDdMOHE4aWM1Z1VFQ3NVTml1dnRSSkY1SVRvM1dpU1hBQ2ZiRGhZQ3h2eWJmcFJ1QSUzRCUzRA&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=EbnBQnx3eHZwajY1WFlOcGxVcDdFWE5Sc2dlbndJVUFncHZlUDZROXdqTnloYXBpSHI3d3ZBeTlCSGtOdXoyd3VmSkU2MmNMcG1BVXJtWW9MZXdHOHVNTTN5Y0ZDQ0JkK0tmVjBubkJrQys3RGxxemI5cVhxS0N5ajNMQXpvN3NkeW9vWEN0STFKTWl4cXJkYTZ6enF2NE1rYTF2ZE5aU2RTdURhV01uZWVWMFBuZDFpZnBlNFYvUUVhYWF0SWdvdUc3OVVISWpLT25KeUZLMEtPRkF2MWk4Mm81cmwraEpWT0QvK0VJdllHaXhrZ1hSZnE4NERXdVV5NnlYb3NpUWhqL3k3QzNLL084S001UkxWeEYwa0YycitxeWhuSDFhQ293bGNoWWl4WEM4a29DTT18&cppv=2

Request Chain 208

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east HTTP 301
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east

Request Chain 213

https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
https://ads.servenobid.com/sync?pid=312&uid=5406120377368137467

Request Chain 214

https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1 HTTP 302
https://ads.servenobid.com/sync?pid=310&uid=Gt9mrRZHp55ytvBjTP2xY7Cm

Request Chain 216

https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1685232360808 HTTP 302
https://ad.turn.com/r/cs?pid=45&rndcb=1734776722 HTTP 302
https://sync.1rx.io/usersync/turn/8652146884359079182?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-381267b1-276a-4dca-8eb3-7ab83a4ca641-003?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-381267b1-276a-4dca-8eb3-7ab83a4ca641-003 HTTP 302
https://ads.servenobid.com/sync?pid=321&uid=RX-381267b1-276a-4dca-8eb3-7ab83a4ca641-003

Request Chain 217

https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
https://ads.servenobid.com/sync?pid=324&uid=5134455419384659236

Request Chain 220

https://ups.analytics.yahoo.com/ups/58559/occ HTTP 302
https://ads.servenobid.com/sync?pid=337&uid=y-vTmGZ5pE2uEpmmG1o0mGKs4Fic_OrrDmvN5MaMM-~A

Request Chain 221

https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID HTTP 302
https://ads.servenobid.com/sync?pid=346&uid=ua-7b38cc84-a6a0-3b71-9039-70e214cc36c1

Request Chain 222

https://ups.analytics.yahoo.com/ups/58632/occ HTTP 302
https://ads.servenobid.com/sync?pid=339&uid=y-vTmGZ5pE2uEpmmG1o0mGKs4Fic_OrrDmvN5MaMM-~A

Request Chain 224

https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%3E HTTP 302
https://ads.servenobid.com/sync?pid=353&uid=0000EEA

Request Chain 227

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZHKa5tzRYLZfjMtOWmTNwAAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMlik9lDL_7IDS29bE9Cyck&google_cver=1

Request Chain 230

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZHKa5tzRYLZfjMtOWmTNwAAADNYAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEEw3jQaLU6hU-hKncVH0fhg&google_cver=1

Request Chain 232

https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=e7026472-9ae5-4401-9cbe-7a98e6149dc1

Request Chain 233

https://p.rfihub.com/cm?in=1&pub=2079 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5141210825224141390

Request Chain 238

https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=135&partneruserid=TAM_OK&redirurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fdcm%3Fpid%3D72348060-38ad-4586-8e4f-f1e2a8e789b3%26id%3DSMART_USER_ID&gdpr=0&gdpr_consent= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=72348060-38ad-4586-8e4f-f1e2a8e789b3&id=4049060541653575330&gdpr=0&gdpr_consent=

Request Chain 240

https://cms.quantserve.com/pixel/p-EtBqU4Lj3YbAv.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://rtb-csync.smartadserver.com/redir/?partnerid=80&&partneruserid=uij8X7V9rlWheKhcuS_mD-4lqAihKfoLvS31zyrV

Request Chain 241

https://a.audrte.com/get?p=M501991648&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D141%26partneruserid%3D$UID&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=MDFmQzZKZVloNXlTdUMtRmlUdXlqb29tQQ==&google_redir=http%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1MDAzZDAxZkM2SmVZaDV5U3VDLUZpVHV5am9vbUEiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn0seyJuYW1lIjoic21hcnQifV19%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1MDAzZDAxZkM2SmVZaDV5U3VDLUZpVHV5am9vbUEiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn0seyJuYW1lIjoic21hcnQifV19&gdpr=0&gdpr_consent= HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1MDAzZDAxZkM2SmVZaDV5U3VDLUZpVHV5am9vbUEiLCJkIjpbeyJuYW1lIjoic21hcnQifV19&gdpr=0&gdpr_consent= HTTP 302
https://a.audrte.com/a?adform_uid=2307736630812145290&r=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1MDAzZDAxZkM2SmVZaDV5U3VDLUZpVHV5am9vbUEiLCJkIjpbeyJuYW1lIjoic21hcnQifV19 HTTP 302
https://rtb-csync.smartadserver.com/redir/?partnerid=141&partneruserid=01fHTUp1NO6ROK5GmdECwwf7g&gdpr=0&gdpr_consent=&redirurl=http%3A%2F%2Fa.audrte.com%2Fmatch%3Fuid%3DSMART_USER_ID%26p%3DM501991648%26r%3Dhttp%253A%252F%252Fa.audrte.com%252Fp%253F HTTP 302
https://a.audrte.com/match?uid=4049060541653575330&p=M501991648&r=http%3A%2F%2Fa.audrte.com%2Fp%3F&gdpr=0&gdpr_consent= HTTP 302
https://a.audrte.com/p

Request Chain 243

https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
https://usersync.gumgum.com/usersync?b=apn&i=5406120377368137467

Request Chain 244

https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_307050ea-315e-41b2-8ee1-3a31bc5ad775&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=7a9a65ad-ae90-414e-9142-8941316d6ef1&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=1--- HTTP 302
https://x.bidswitch.net/sync?dsp_id=283&user_id=e1e5e2d3-6a69-46dc-b7fa-23a73277d789&expires=1&user_group=5&ssp=gumgum2&bsw_param=7a9a65ad-ae90-414e-9142-8941316d6ef1&gdpr=0&gdpr_consent=&gdpr_pd= HTTP 302
https://usersync.gumgum.com/usersync?b=bsw&i=7a9a65ad-ae90-414e-9142-8941316d6ef1&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 245

https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
https://usersync.gumgum.com/usersync?b=sta&i=0-e3e1ac07-27ef-526c-5716-b5256910c2dc$ip$185.213.155.141

Request Chain 246

https://b1sync.zemanta.com/usersync/gumgum/?puid=e_307050ea-315e-41b2-8ee1-3a31bc5ad775&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
https://stags.bluekai.com/site/23178?id=yZQYHMNNKy1XU0Tbly95&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT26K2KFMUQTKOJZFXSMKYKUYFIYTMPE4TKJTVONPXA4TJOZQWG6J5GEWS2LI&gdpr=0&us_privacy=1--- HTTP 302
https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT26K2KFMUQTKOJZFXSMKYKUYFIYTMPE4TKJTVONPXA4TJOZQWG6J5GEWS2LI HTTP 302
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=yZQYHMNNKy1XU0Tbly95&us_privacy=1---

Request Chain 247

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
https://usersync.gumgum.com/usersync?b=pln&i=mkmFGVWhP4WL&ev=1&pid=558355

Request Chain 248

https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
https://usersync.gumgum.com/usersync?b=obn&i=ENC%28x_HQ64PTiqKFUu31EKyD9utag-fEZDQHbG3JGp8O5bh2byM2ZLtTQgGyGuO2iEGl%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28x_HQ64PTiqKFUu31EKyD9utag-fEZDQHbG3JGp8O5bh2byM2ZLtTQgGyGuO2iEGl%29%26gdpr%3D0 HTTP 302
https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_307050ea-315e-41b2-8ee1-3a31bc5ad775&obuid=ENC(x_HQ64PTiqKFUu31EKyD9utag-fEZDQHbG3JGp8O5bh2byM2ZLtTQgGyGuO2iEGl)&gdpr=0 HTTP 302
https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0 HTTP 302
https://creativecdn.com/cm-notify?pi=outbrain&obUid=x_HQ64PTiqKFUu31EKyD9utag-fEZDQHbG3JGp8O5bh2byM2ZLtTQgGyGuO2iEGl&gdpr=0&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&initiator=platform HTTP 302
https://sync.outbrain.com/cookie-sync?p=rtbhouse&uid=zWmv2AMEIKjLEuWMpWa2&pi=outbrain&obUid=x_HQ64PTiqKFUu31EKyD9utag-fEZDQHbG3JGp8O5bh2byM2ZLtTQgGyGuO2iEGl&gdpr=0&gdpr_consent=%24CONSNT_STRING&us_privacy=%24CCPA&initiator=platform

Request Chain 249

https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
https://usersync.gumgum.com/usersync?b=opx&i=41811d45-0e71-4714-992f-444807679486

Request Chain 250

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
https://usersync.gumgum.com/usersync?b=oth&i=y-ZB7R30pE2pe80y581.T2fhf_ELWJLD3DHzZ6~A

Request Chain 251

https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
https://usersync.gumgum.com/usersync?b=vnt&i=b18dea77-a6d3-4127-b677-ba77b6c8a675

Request Chain 252

https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D HTTP 307
https://usersync.gumgum.com/usersync?b=snc&i=GDPR

Request Chain 254

https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
https://usersync.gumgum.com/usersync?b=idi&i=ec5c77f9-dc7d-48ef-a716-f8faa0f01c90

Request Chain 255

https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP 302
https://usersync.gumgum.com/usersync?b=sad&i=4049060541653575330

Request Chain 261

https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
https://usersync.gumgum.com/usersync?b=mmh&i=e7026472-9ae5-4401-9cbe-7a98e6149dc1&gdpr=0&gdpr_consent=

Request Chain 262

https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=ZHKa6AANZFcxZQBa HTTP 302
https://usersync.gumgum.com/usersync?b=atm&i=ZHKa6AANZFcxZQBa&gdpr=0&gdpr_consent=&_test=ZHKa6AANZFcxZQBa

Request Chain 264

https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
https://usersync.gumgum.com/usersync?b=sus&i=ZHKa6cCo5ssAAKe8xJAAAAAA

Request Chain 265

https://cs.admanmedia.com/sync/gumgum?puid=e_307050ea-315e-41b2-8ee1-3a31bc5ad775&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=0&gdpr_consent=&ccpa=1--- HTTP 302
https://usersync.gumgum.com/usersync?b=aad&i=61dcd3de-6347-42c6-96f2-db0d0787e501

Request Chain 267

https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
https://usersync.gumgum.com/usersync?b=rth&i=zWmv2AMEIKjLEuWMpWa2&pi=gumgum&tc=1

Request Chain 268

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
https://eus.rubiconproject.com/usync.html?p=gumgum

Request Chain 269

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:e7026472-9ae5-4401-9cbe-7a98e6149dc1&gdpr=0&gdpr_consent=

Request Chain 270

https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5141210825224141390

Request Chain 271

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=

Request Chain 272

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2203260035567559171

Request Chain 275

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=U1RMmUXtSeSh5AZxwtWZww%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

Request Chain 277

https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=3003143263 HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0 HTTP 302
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=53544C99-45ED-49E4-A1E4-0671C2D599C3

Request Chain 278

https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=53544C99-45ED-49E4-A1E4-0671C2D599C3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=MDFmSFRVcDFOTzZST0s1R21kRUN3d2Y3Zw==&google_redir=http%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cDovL2EuYXVkcnRlLmNvbTo4MC9wIiwiZCI6W3sibmFtZSI6ImFkZm9ybSJ9XX0%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cDovL2EuYXVkcnRlLmNvbTo4MC9wIiwiZCI6W3sibmFtZSI6ImFkZm9ybSJ9XX0%3D&gdpr=0&gdpr_consent= HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cDovL2EuYXVkcnRlLmNvbTo4MC9wIiwiZCI6W119&gdpr=0&gdpr_consent= HTTP 302
https://a.audrte.com/a?adform_uid=2307736630812145290&r=eyJ1IjoiaHR0cDovL2EuYXVkcnRlLmNvbTo4MC9wIiwiZCI6W119 HTTP 302
https://a.audrte.com/p

Request Chain 279

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NTM1NDRDOTktNDVFRC00OUU0LUExRTQtMDY3MUMyRDU5OUMz&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 280

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPbZTpSD-E-99I9HfeY4Fzg&google_cver=1

Request Chain 282

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=2307736630812145290

282 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
wheregoes.com/trace/20232483605/ 20 KB
6 KB 235ms
180ms Document
text/html 2606:4700:3035::ac43:b70e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wheregoes.com/trace/20232483605/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:b70e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5e513322d53e0e80a5bedad804e8319b1a9f726b8f7e8b1f1009260c02690fbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7ce23fae88bbbbf1-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 28 May 2023 00:05:55 GMT
fastcgi-cache: MISS
link: <https://wheregoes.com/?p=19>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1NfelDSWy0h6gWKKsVBd6sq0dVCtohIaYCNS2DX2rrNE4AZ2FJq65MeY%2BTAhDLL5vQQuajYMnHNu%2FLkT5aGW6skFwkLqlCtEWatmJxgy%2FEIs4O37Sf%2BXov7xOo2WclPHxynye6%2BtROeVYzPT"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 autoptimize_5f69003b2a86aebf8c5894bb6876876e.css
wheregoes.com/c/cache/autoptimize/css/ 238 KB
85 KB 23ms
22ms Stylesheet
text/css 2606:4700:3035::ac43:b70e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wheregoes.com/c/cache/autoptimize/css/autoptimize_5f69003b2a86aebf8c5894bb6876876e.css

Requested by

Host: wheregoes.com
URL: https://wheregoes.com/trace/20232483605/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:b70e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2f37a5d48012b60d0912d3469d5d2e1557238e8b91695dbdfa4abf4519aae6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/trace/20232483605/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 00:05:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2263236
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 05 Apr 2023 20:53:53 GMT
server: cloudflare
etag: W/"642ddfe1-3b648"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xkYLJBKoRCm5qoaA8FBGxk6pDRDfDp5sN3P343ag0nrPB34Kmc1Yb9bBiLPm5WHYfkEIKZy9E6fcU9%2BLVL%2FraDmZee0ifl1%2BbZM8shhScEshNd1fpO58ZzoXIQZSnmoR8Q1Se1qvZ4bVBKLa"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 7ce23fafa9b2bbf1-FRA
expires: Thu, 04 Apr 2024 20:54:00 GMT

GET
H2 200 jquery.min.js Show response
wheregoes.com/wp-includes/js/jquery/ 88 KB
32 KB 115ms
114ms Script
application/javascript 2606:4700:3035::ac43:b70e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wheregoes.com/wp-includes/js/jquery/jquery.min.js?ver=202305280056

Requested by

Host: wheregoes.com
URL: https://wheregoes.com/trace/20232483605/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:b70e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/trace/20232483605/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 00:05:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 05 Apr 2023 20:53:50 GMT
server: cloudflare
etag: W/"642ddfde-15ed7"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VvWL3jf%2FW9KObnsMOiA%2Fp41gjHP8OZ%2F3pyxUAG1u1gVJAy7KkSM6agnA3pkXulzKLjw2sQIOy65%2BBbjPIKb6uMbyEFEyS2L71W1sRlj2BkdV9kSvSXaAzrVThZKgSurkEyJJXoByUOcDiAwg"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 7ce23fafa9b4bbf1-FRA
expires: Mon, 27 May 2024 00:00:40 GMT

GET
H2 200 jquery-migrate.min.js Show response
wheregoes.com/wp-includes/js/jquery/ 13 KB
5 KB 110ms
110ms Script
application/javascript 2606:4700:3035::ac43:b70e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wheregoes.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=202305280056

Requested by

Host: wheregoes.com
URL: https://wheregoes.com/trace/20232483605/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:b70e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/trace/20232483605/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 00:05:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 05 Apr 2023 20:53:50 GMT
server: cloudflare
etag: W/"642ddfde-3470"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0twKyz2vZxfr4%2FVMrzCs27FlGqvSjnm9Bx5jxfY3tGm%2FZFfnOxOytCH%2B5%2FL0X6yU5fHMppP5bbFn2K6kapmxX8TUrOCEYirtJO9OlAFYkCbGKzNLdTkSmcX%2FN%2F0ZzREt%2BgyShL8K8ErtEmed"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 7ce23fafa9b5bbf1-FRA
expires: Mon, 27 May 2024 00:00:40 GMT

GET
H3 200 script.js Show response
wheregoes.com/js/ 1 KB
1 KB 14ms
13ms Script
application/javascript 2606:4700:3035::ac43:b70e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wheregoes.com/js/script.js

Requested by

Host: wheregoes.com
URL: https://wheregoes.com/trace/20232483605/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:b70e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

021f0fd27042b279a49e982215c6dc3c3ab84e95b35553a119dfdbd50af6be94

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/trace/20232483605/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 00:05:55 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cdn-edgestorageid: 885
age: 2607
x-cache: EXPIRED
cdn-cachedat: 05/27/2023 21:55:26
cdn-pullzone: 682664
cross-origin-resource-policy: cross-origin
application: 10.0.0.3
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 27 May 2023 22:28:23 GMT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UpUTe0nQEBmIMGo6jUfcT2AIMzOIpOET3R8yPnE4zF2pBDWuhCx3qz8%2FuIKq%2FSsJPJ8cBVzjrbR7uhvIYlVpUw9R7C7TXaMJWE7xPemih9ijAaazLQuhuloe%2FYyt%2B5QVhiDblNajBsEyoA3F"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 153cb5b1-399a-48ef-b5bf-098c03770254
cache-control: public, max-age=14400
permissions-policy: interest-cohort=()
cdn-requestid: bfd0fd85629c637f29b652145c500661
cf-ray: 7ce23fb0788236de-FRA
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 init-1144pc80p2fur20uadwq.js Show response
api.fouanalytics.com/api/ 318 B
720 B 385ms
336ms Script
text/javascript 2606:4700:e6::ac40:c626
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.fouanalytics.com/api/init-1144pc80p2fur20uadwq.js
Requested by: Host: wheregoes.com
URL: https://wheregoes.com/trace/20232483605/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:c626 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89a7d8c7d9cc2d954be3e4e6420a65bda5306db7beddf4c36b14df790909a9a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 May 2023 00:05:56 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dk4WE0wesRZWm8xd%2Fw7EczaZYTGKQ3ZDwDqVyBy64mh6w9OCNKRQtmemegXUp2N6EFoVoGFOK7YomKRY6FC4oWhacmuE%2FmivWtsfiTOfL5nGiursSpBxviEpSZjBpY0SmK3gTsUk1mgr382yuhv2fQioAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
cf-ray: 7ce23fb0cbc51e53-FRA
alt-svc: h3=":443"; ma=86400
expires: 0

GET
H3 200 arrow-redirect-wheregoes.svg
wheregoes.com/c/themes/custom-theme/img/ 1 KB
1 KB 17ms
16ms Image
image/svg+xml 2606:4700:3035::ac43:b70e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wheregoes.com/c/themes/custom-theme/img/arrow-redirect-wheregoes.svg

Requested by

Host: wheregoes.com
URL: https://wheregoes.com/trace/20232483605/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:b70e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be0cd36c7aae81d58d929850be4471dcfdae950c9c90f99f1b43e5ed38f82dda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/trace/20232483605/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 00:05:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2698441
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sun, 11 Apr 2021 19:20:06 GMT
server: cloudflare
etag: W/"60734be6-448"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6MpAW%2B6VkaDxas8SQlpS49a%2B3IP7qbIUOm2tTgNTE%2FcP0DMG7mnkeXktMBooPB7aDxJai2zJ5fogV6EKoyESI6hs26SN7OA1sQQXG5Yzi70XrKvhMSBsxx8l5g5iS4uDGgGeVG02k%2FnTeZgc"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 7ce23fb0788336de-FRA
expires: Thu, 21 Mar 2024 07:28:22 GMT

GET
H3 200 index.js Show response
wheregoes.com/c/p/contact-form-7/includes/swv/js/ 10 KB
3 KB 112ms
111ms Script
application/javascript 2606:4700:3035::ac43:b70e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wheregoes.com/c/p/contact-form-7/includes/swv/js/index.js?ver=202305280056

Requested by

Host: wheregoes.com
URL: https://wheregoes.com/trace/20232483605/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:b70e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

52db930f81d97113dde679cac624cb5435b56d4ac486e91a0b6692d2cb615a84

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/trace/20232483605/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 00:05:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sun, 23 Apr 2023 14:21:42 GMT
server: cloudflare
etag: W/"64453ef6-2801"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ldSXtn5uyG799ySbi0ff8l%2FxVRWhGCabcEeuxKjiFBSRBZmw5N5vI%2BIcltW72%2B9U4xxB54GfDlPUFj8qc6SVcv%2FOGoP0phvK2IABmuypDh3xWKmVKZCmg47OXlB8FKnInQkp2ZqVUPMHR3Iy"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 7ce23fb0586836de-FRA
expires: Mon, 27 May 2024 00:00:40 GMT

GET
H3 200 index.js Show response
wheregoes.com/c/p/contact-form-7/includes/js/ 13 KB
5 KB 103ms
103ms Script
application/javascript 2606:4700:3035::ac43:b70e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wheregoes.com/c/p/contact-form-7/includes/js/index.js?ver=202305280056

Requested by

Host: wheregoes.com
URL: https://wheregoes.com/trace/20232483605/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:b70e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1060091178cbd6c843b802f516f230f1a3a1e85f1afbd6ef84d80e5430ba457e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/trace/20232483605/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 00:05:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sun, 23 Apr 2023 14:21:42 GMT
server: cloudflare
etag: W/"64453ef6-328f"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T1hZASUS3li3bFnHqvcLokeANvK78uSLum4SxB2ENeycupv%2F8xhHJIq4MqCl7lXAbZjoIU5HlgbmBhx5LiAKNCgoR%2B6WS6ZJwTFtGK9LsU3sVLcIG%2BuhnvlTD1CFuMl6xoo19aSV43SZ6nW0"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 7ce23fb0687936de-FRA
expires: Mon, 27 May 2024 00:00:40 GMT

GET
H3 200 main.js Show response
wheregoes.com/c/themes/custom-theme/dist/js/ 5 KB
2 KB 106ms
105ms Script
application/javascript 2606:4700:3035::ac43:b70e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wheregoes.com/c/themes/custom-theme/dist/js/main.js?ver=202305280056

Requested by

Host: wheregoes.com
URL: https://wheregoes.com/trace/20232483605/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:b70e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

19f4129c1cfc1a9fcb2e94b35853f3d2085c0807564e37971d1ccb6ef2a7e852

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/trace/20232483605/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 00:05:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 09 Feb 2023 20:32:40 GMT
server: cloudflare
etag: W/"63e55868-1464"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cOWcTD0tFlgtIuesL37bx4M05oax1l%2B%2Bd3Qmi6%2B0ifBtDCf%2FQ8Vhu2v8rFBifWLGGtKk6SrYXTavdx%2Bq7veBGWK3tUViNdIQmlV%2FFhnHVd0ZVUyClTmmBZzgJwo2UpQ4t%2Bbd6r87xWdLRQeb"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 7ce23fb0788136de-FRA
expires: Mon, 27 May 2024 00:00:40 GMT

GET
H3 200 wp-emoji-release.min.js Show response
wheregoes.com/wp-includes/js/ 18 KB
5 KB 104ms
103ms Script
application/javascript 2606:4700:3035::ac43:b70e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wheregoes.com/wp-includes/js/wp-emoji-release.min.js?ver=202305280056

Requested by

Host: wheregoes.com
URL: https://wheregoes.com/trace/20232483605/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:b70e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/trace/20232483605/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 00:05:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 05 Apr 2023 20:53:50 GMT
server: cloudflare
etag: W/"642ddfde-4904"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7cgQu0Ixq6TbanHfO3iIMwvxRAZu2v6%2BtMSfg4RVNmYafgqm8NjP1c00WTNNfDJL9gawTKgs6NZUci2jfvVe%2F3B%2Bfif9KtlQEq5pZ0UwO2lsSNn16Dy2aR%2BXJrCBYnA1XPRGC5LQi%2FapQt%2Fl"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 7ce23fb0788436de-FRA
expires: Mon, 27 May 2024 00:00:40 GMT

GET
H2 200 wheregoes.js Show response
cdn4.buysellads.net/pub/ 476 KB
136 KB 319ms
282ms Script
application/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn4.buysellads.net/pub/wheregoes.js?1685232000000
Requested by: Host: wheregoes.com
URL: https://wheregoes.com/trace/20232483605/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: AmazonS3 /
Resource Hash: 2fb1340c2c035f2e93af346eefb0c76f8714bca0ce7385c8d6c3221a3565c587

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 00:05:56 GMT
content-encoding: gzip
last-modified: Sun, 28 May 2023 00:01:45 GMT
server: AmazonS3
x-amz-request-id: 6690CDVVVFTHZV61
etag: "b6144484b10d786a884a944a4888d405"
x-amz-server-side-encryption: AES256
x-hw: 1685232355.cds281.am5.hn,1685232355.cds126.am5.sc,1685232356.cds126.am5.p
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-id-2: 7NBQP7jpI4lNDWsGIDSWOLdTnIAKvl+D+eAM8PxAsMFk4YFJJ0rVIBmqj4FA1qomJw0ZRGKne8o=

GET
H3 200 logo-h-blue.svg
wheregoes.com/c/themes/custom-theme/img/ 15 KB
6 KB 13ms
13ms Image
image/svg+xml 2606:4700:3035::ac43:b70e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wheregoes.com/c/themes/custom-theme/img/logo-h-blue.svg

Requested by

Host: wheregoes.com
URL: https://wheregoes.com/c/cache/autoptimize/css/autoptimize_5f69003b2a86aebf8c5894bb6876876e.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:b70e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d48f7d7bc477f61c161f38835c0daaead5a64ca51be3656755d0b08c866dfcf2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/c/cache/autoptimize/css/autoptimize_5f69003b2a86aebf8c5894bb6876876e.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 00:05:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9254936
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sun, 11 Apr 2021 19:20:03 GMT
server: cloudflare
etag: W/"60734be3-3afa"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RQuuH4L2r66oyedaYHzAl5gDrlLNQJmblcd%2Bg97UWqVmuIH8BYHE4BV6BAQR3OGEfqRVamADnGUAyFyF1lM%2BitFGV8bnVu6oytfGaBwZn4a8b7jUIenSfd5b21hT1nHgrQnzhYpe3olNx0yk"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 7ce23fb0888636de-FRA
expires: Fri, 09 Feb 2024 21:14:10 GMT

GET
H3 200 wheregoes.woff2
wheregoes.com/c/themes/custom-theme/fonts/ 8 KB
8 KB 15ms
15ms Font
font/woff2 2606:4700:3035::ac43:b70e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wheregoes.com/c/themes/custom-theme/fonts/wheregoes.woff2?90359859
Requested by: Host: wheregoes.com
URL: https://wheregoes.com/c/cache/autoptimize/css/autoptimize_5f69003b2a86aebf8c5894bb6876876e.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:b70e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0152ec54bafb1f951d4dc7585aebae598d2235c78d9e81ade8399006f8eb3b9b

Request headers

Referer: https://wheregoes.com/c/cache/autoptimize/css/autoptimize_5f69003b2a86aebf8c5894bb6876876e.css
Origin: https://wheregoes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 00:05:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9254936
alt-svc: h3=":443"; ma=86400
content-length: 8024
last-modified: Fri, 18 Jun 2021 18:52:37 GMT
server: cloudflare
etag: "60cceb75-1f58"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SU6s8LolcfK8oOjaQ7znsFDYl2gw2tkSG7QisOnLVFMKyBPcTLtWYclBugnKU2Nswc3vUdrJuPnDePwSDt7mlJzaGtbf5ibp3PnTWPNcZ3%2Bsvh9lEpVGSA9UO31HHyiO%2BveuzTV6aRmGoXpa"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7ce23fb0888736de-FRA
expires: Fri, 09 Feb 2024 21:14:10 GMT

POST
H3 202 event Show response
wheregoes.com/api/ 2 B
764 B 263ms
262ms XHR
text/plain 2606:4700:3035::ac43:b70e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wheregoes.com/api/event

Requested by

Host: wheregoes.com
URL: https://wheregoes.com/js/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:b70e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://wheregoes.com/trace/20232483605/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 28 May 2023 00:05:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cdn-edgestorageid: 885
cdn-cachedat: 05/28/2023 00:05:56
cdn-pullzone: 682664
application: 10.0.0.3
alt-svc: h3=":443"; ma=86400
content-length: 2
x-request-id: F2Ml5i-zHQ4sD7x5M5sE
cdn-proxyver: 1.03
cdn-requestpullcode: 202
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cxggoFFsYApYgItf3yyeNfMXsafHL%2BPNLQEs1UA9dgsaFoQRv3I7YRXKUhWpljWhJx7%2F2BtY%2BVo1IIrVCf8uwZzjwxBt087FPksOXFL%2FpcjqbanN1NxdgglGRtXZGVsJFJxQVf3iT6xmf2Fx"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cdn-uid: 153cb5b1-399a-48ef-b5bf-098c03770254
cache-control: must-revalidate, max-age=0, private
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
cdn-requestid: 6937b2fd81cba5682d3507bb45bc5983
cf-ray: 7ce23fb1291736de-FRA
cdn-requestcountrycode: US
cdn-requestpullsuccess: True

GET
H2 200 1f36a.svg
s.w.org/images/core/emoji/14.0.0/svg/ 2 KB
1 KB 33ms
6ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/1f36a.svg

Requested by

Host: wheregoes.com
URL: https://wheregoes.com/trace/20232483605/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

88724da3173eaf855fc8b8094480d1d923f69c420107501da8d40b503163bcf2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Sun, 28 May 2023 00:05:56 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:47:50 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 pp.js Show response
api.fouanalytics.com/s/ 15 KB
6 KB 21ms
20ms Script
text/javascript 2606:4700:e6::ac40:c626
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.fouanalytics.com/s/pp.js
Requested by: Host: api.fouanalytics.com
URL: https://api.fouanalytics.com/api/init-1144pc80p2fur20uadwq.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:c626 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5849aeb82f7a353bf9e41805eb61ff7b34079ed7f1794355555ba1ed42ebf601

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 00:05:56 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 24 May 2023 14:12:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 233
etag: W/"646e1b3d-3b63"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4K2BWExtbSmWzfwCuNiTaJUx4wImWW5ZaagHSmihPqhq2GF3fPzRfWz7OBLrMc3SI9x0LtLf%2BZ4GCX3MRntINFzZidq3p4oto8WMPpBRd%2Bomw0938SX%2B327UUSt1Bii%2BvnQNoZQO%2Fdld8NO4y%2BrwanDkGw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cf-ray: 7ce23fb2ed941e53-FRA
alt-svc: h3=":443"; ma=86400

GET
DATA 200
OK truncated
/ 15 KB
15 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c72f57881ea9665da29cc614802f61a04084e06b14de9f1d79ce26273e66a991

Request headers

Referer
Origin: https://wheregoes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

POST
H3 200 x
api.fouanalytics.com/api/ 0
453 B 178ms
178ms Ping
text/plain 2606:4700:e6::ac40:c626
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.fouanalytics.com/api/x
Requested by: Host: api.fouanalytics.com
URL: https://api.fouanalytics.com/s/pp.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e6::ac40:c626 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://wheregoes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 28 May 2023 00:05:56 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-methods: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mcSh3v6AXcyL5TqDtlYhawHJr34LHTa1se8v704%2BdCSINDobGTju62%2FufyYShYLSxu7MJbS0f0DD7SBZ4uCPKce2M5F%2B6D9rdJJ%2FMVLjURno4qsEJS75tO5Mn3iv%2BE1RBsrH%2F%2FBa3UmEEEfiA7v8Fe4TSw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 7ce23fb4ed2818d5-FRA
alt-svc: h3=":443"; ma=86400
priority: u=4,i

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 75 KB
25 KB 166ms
52ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1685232000000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4c0f87158de5042d109657192ae0ca3dad64601488662485d66cfc645d3fb060

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 00:05:56 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25139
x-xss-protection: 0
server: cafe
etag: 429 / 19505 / m202305230101 / config-hash: 5486929009166019583
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 28 May 2023 00:05:56 GMT

GET
H2 200 acceptable.gif
cdn4.buysellads.net/ 43 B
261 B 18ms
17ms Image
image/gif 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn4.buysellads.net/acceptable.gif?ch=1&rn=9.132609294007327
Requested by: Host: wheregoes.com
URL: https://wheregoes.com/trace/20232483605/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: AmazonS3 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 00:05:56 GMT
last-modified: Fri, 19 Jul 2019 16:45:51 GMT
server: AmazonS3
x-amz-request-id: J04P1499QRE91GPK
etag: "b4491705564909da7f9eaf749dbbfbb1"
x-hw: 1685232356.cds281.am5.hn,1685232356.cds125.am5.c
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=87
accept-ranges: bytes
content-length: 43
x-amz-id-2: vvIc37idy2st5cEEEEJ6wZMgJEdsgsXiE6qAK8vpdC7O88t2uYspnf0E+EYAxjMVK/y+Vq4KeL0=

GET
H2 200 acceptable.gif
cdn4.buysellads.net/ 43 B
102 B 19ms
19ms Image
image/gif 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn4.buysellads.net/acceptable.gif?ch=2&rn=9.132609294007327
Requested by: Host: wheregoes.com
URL: https://wheregoes.com/trace/20232483605/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: AmazonS3 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 00:05:56 GMT
last-modified: Fri, 19 Jul 2019 16:45:51 GMT
server: AmazonS3
x-amz-request-id: J04P1499QRE91GPK
etag: "b4491705564909da7f9eaf749dbbfbb1"
x-hw: 1685232356.cds281.am5.hn,1685232356.cds125.am5.c
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=87
accept-ranges: bytes
content-length: 43
x-amz-id-2: vvIc37idy2st5cEEEEJ6wZMgJEdsgsXiE6qAK8vpdC7O88t2uYspnf0E+EYAxjMVK/y+Vq4KeL0=

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305230101/ 403 KB
125 KB 151ms
35ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305230101/pubads_impl.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8106b51011b26cf5f69cf7769a95b3f7faf34e2f26191c4e657e705ad3f4ecb6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 27 May 2023 17:59:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21998
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127382
x-xss-protection: 0
server: cafe
etag: 12178286523779166803
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sun, 26 May 2024 17:59:19 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 508 B
802 B 160ms
47ms XHR
application/json 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=wheregoes.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

82b49e0e57e1c4820eb7bbff67a483071672bab681259129292554b5b3c4ccda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 00:05:57 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Sun, 28 May 2023 00:05:57 GMT

GET
H2 200 CEAIT5QE.json Show response
srv.buysellads.com/ads/ 934 B
689 B 73ms
19ms Fetch
application/json 167.172.55.208
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://srv.buysellads.com/ads/CEAIT5QE.json?forcebanner=496366&ignoretargeting=yes
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1685232000000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 167.172.55.208 Enfield, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: srv-eu-ldn-18.buysellads.com
Software: //srv.buysellads.com /
Resource Hash: fe6ace7f8cff4baae1e99312823acb0ff86c6c5125a27ae206c4111cda2564c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 00:05:57 GMT
content-encoding: gzip
server: //srv.buysellads.com
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: *
content-length: 552

POST
H2 200 adreq Show response
ads.servenobid.com/ 5 KB
3 KB 292ms
95ms XHR
application/json 63.33.85.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.servenobid.com/adreq?cb=6442
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1685232000000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.33.85.96 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-33-85-96.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: d8c1b80797dc2792cd87ecad812467323ae2c95ebb01da15cf5c93861e087d1f

Request headers

Referer: https://wheregoes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 28 May 2023 00:05:57 GMT
content-encoding: gzip
amp-access-control-allow-source-origin: *
vary: accept-encoding
content-type: application/json
access-control-allow-origin: https://wheregoes.com
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
192 B 219ms
33ms XHR
text/plain 2a02:2638:d::a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.43.0&cb=12920504858&lsavail=1

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1685232000000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://wheregoes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://wheregoes.com
date: Sun, 28 May 2023 00:05:56 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 200 v1 Show response
hb-api.omnitagjs.com/hb-api/prebid/ 1 KB
2 KB 92ms
51ms XHR
application/json 185.255.84.150
IGUANE-

General

Check archive.org

Show headers Download Go to

Full URL

https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwheregoes.com%2Ftrace%2F20232483605%2F&PageUrl=https%3A%2F%2Fwheregoes.com%2Ftrace%2F20232483605%2F&PageReferrer=https%3A%2F%2Fwheregoes.com%2Ftrace%2F20232483605%2F

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1685232000000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.150 , France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

703ff35b2c4a1e651357a455145c11a5f1e10522b9a1ed7307909a9aee6f7afb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://wheregoes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 28 May 2023 00:05:57 GMT
x-content-type-options: nosniff
server: ayl-lb-fra02
access-control-max-age: 3600
access-control-allow-methods: OPTIONS, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://wheregoes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 34
vary: Accept-Encoding
access-control-allow-headers: Accept-Encoding, Content-Type
content-length: 1247
expires: 0

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 1 KB
1 KB 122ms
84ms XHR
application/json 34.120.63.153
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CU18831I
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1685232000000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 153.63.120.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 4bee4c9ecfc0a950454054b92dcaf73a46e469743e20b05c5f424c2131b7eade

Request headers

Referer: https://wheregoes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 28 May 2023 00:05:57 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://wheregoes.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 28 May 2023 00:05:57 GMT

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
361 B 30ms
7ms XHR
application/json 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1685232000000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://wheregoes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://wheregoes.com
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 24 B
400 B 56ms
19ms XHR
application/json 216.52.2.6
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.43.0
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1685232000000
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.6 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: 672dd353a874c1e40cc89e241661c599d43c2b83abd278c0b80b8087accbcb2b

Request headers

Referer: https://wheregoes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 28 May 2023 00:05:57 GMT
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://wheregoes.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 24

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 9 KB
6 KB 280ms
97ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18812&site_id=405332&zone_id=2271886&size_id=2&alt_size_ids=55&rp_schain=1.0,1!buysellads.com,15074,1,,,&rf=https%3A%2F%2Fwheregoes.com%2Ftrace%2F20232483605%2F&tg_i.domain=wheregoes.com&tg_i.page=https%3A%2F%2Fwheregoes.com%2Ftrace%2F20232483605%2F&tg_i.pbadslot=%2F8691100%2FWheregoes_S2S_Leaderboard_ATF_ROS%23bsa-zone_1641228026595-4_123456&tk_flint=pbjs_lite_v7.43.0&x_source.tid=5e84d59c-9369-4035-b336-4d2802232e30&l_pb_bid_id=387c23bc0157cf6&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F8691100%2FWheregoes_S2S_Leaderboard_ATF_ROS%23bsa-zone_1641228026595-4_123456&slots=1&rand=0.0738923752538958
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1685232000000
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: e1d0dca3eb6e493e7a4168a4628dcc79ecce2fc33867bb7314b41e2f612772f8

Request headers

Referer: https://wheregoes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 28 May 2023 00:05:57 GMT
content-encoding: gzip
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://wheregoes.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 4 KB
3 KB 251ms
70ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18812&site_id=405332&zone_id=2271886&size_id=15&rp_schain=1.0,1!buysellads.com,15074,1,,,&rf=https%3A%2F%2Fwheregoes.com%2Ftrace%2F20232483605%2F&tg_i.domain=wheregoes.com&tg_i.page=https%3A%2F%2Fwheregoes.com%2Ftrace%2F20232483605%2F&tg_i.pbadslot=%2F8691100%2FWheregoes_S2S_Sidebar_ROS_Pos1%23bsa-zone_1641228120494-5_123456&tk_flint=pbjs_lite_v7.43.0&x_source.tid=36d3b4f6-9ad7-4a80-9678-929aeb2e47c0&l_pb_bid_id=393747d46ee5c7f&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F8691100%2FWheregoes_S2S_Sidebar_ROS_Pos1%23bsa-zone_1641228120494-5_123456&slots=1&rand=0.6061877690613173
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1685232000000
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 2d8ec22ed3d0609c918dea6e0cddf56c62e24b01d0aede67fd4c8f02a359246d

Request headers

Referer: https://wheregoes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 28 May 2023 00:05:57 GMT
content-encoding: gzip
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://wheregoes.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 10 KB
6 KB 289ms
108ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18812&site_id=405332&zone_id=2271886&size_id=15&alt_size_ids=9%2C8%2C10&rp_schain=1.0,1!buysellads.com,15074,1,,,&rf=https%3A%2F%2Fwheregoes.com%2Ftrace%2F20232483605%2F&tg_i.domain=wheregoes.com&tg_i.page=https%3A%2F%2Fwheregoes.com%2Ftrace%2F20232483605%2F&tg_i.pbadslot=%2F8691100%2FWheregoes_S2S_Sticky_Sidebar_ROS_Pos2%23bsa-zone_1641318529900-6_123456&tk_flint=pbjs_lite_v7.43.0&x_source.tid=77752e12-9c6d-4674-bc16-aa05e5d1aab2&l_pb_bid_id=40c959c7047b15a&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F8691100%2FWheregoes_S2S_Sticky_Sidebar_ROS_Pos2%23bsa-zone_1641318529900-6_123456&slots=1&rand=0.27466366420705524
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1685232000000
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 0a2f986297b063640a9411b055f436f995f37af478ae4c70434f32f335623217

Request headers

Referer: https://wheregoes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 28 May 2023 00:05:57 GMT
content-encoding: gzip
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://wheregoes.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 55 KB
18 KB 364ms
193ms XHR
application/json 185.89.210.122
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1685232000000

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

1a73f8a0ee18ff1878def45b81b14de934235357ce899fc580f510eae2cefb03

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://wheregoes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 28 May 2023 00:05:57 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.213.155.141; 185.213.155.141; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 81e4c127-da22-4f5e-8f78-c02722f6691c
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://wheregoes.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
877 B 178ms
8ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305230101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 28 May 2023 00:05:57 GMT
x-content-type-options: nosniff
content-encoding: br
age: 2789
x-jsd-version: master
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 439
x-served-by: cache-fra-eddf8230082-FRA
x-jsd-version-type: branch
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 59 KB
17 KB 195ms
22ms Script
text/javascript 2606:4700:10::6816:3556
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305230101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d961a31d3d2fdb93a35a4024f9878b2ed896cd86a084ceb8df6af3bc53e29125

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 00:05:57 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 06 Apr 2023 12:00:04 GMT
server: cloudflare
x-amz-request-id: S9JX37CDGCGPM1K6
age: 1621
etag: W/"110f0c3c343ee36404c8a2300f4755c3"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7ce23fba4e839273-FRA
x-amz-id-2: LEZHPh/M8YcieToZefnLggoRbQozK4vyVBqIFpM92t9ZTc/REr8IBauyCTgZhZVB0tZvCJ65eXcvzpRqF9ZCgw==

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 42 KB
13 KB 197ms
26ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305230101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

d27d3ce9124909a5ff44640d1a1556822d10db85c40fd45c9c574d52ff30fb1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 00:05:57 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 19 May 2023 17:15:21 GMT
server: nginx
etag: W/"6467aea9-a980"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 29 May 2023 00:05:57 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 38 KB
12 KB 178ms
7ms Script
text/javascript 65.9.66.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305230101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-122.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9cf4fc9350f69e442ebfdf130d4e601377e9273b642282a1ebb4f79d6116e8c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 27 May 2023 04:44:22 GMT
content-encoding: gzip
via: 1.1 d947c3ab534102b2c9a7f0a4541d2ed8.cloudfront.net (CloudFront)
last-modified: Thu, 27 Apr 2023 00:14:05 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 69696
x-amz-server-side-encryption: AES256
etag: W/"37e703da55f96b973658b8e7aeed0e93"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: UIlhEGD9LXbfpNtdxkNHKar8wVukYMOzgP2vbEDJfzxp5iPDLfoXyQ==

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 2 KB
2 KB 171ms
7ms Script
text/javascript 2600:9000:2250:e600:a:e047:753:be1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305230101/pubads_impl.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:e600:a:e047:753:be1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sat, 27 May 2023 05:58:55 GMT
Via: 1.1 0121ceb2efadb6db52d122a8b6b52f90.cloudfront.net (CloudFront)
Last-Modified: Thu, 04 May 2023 00:14:06 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA60-P2
Age: 65223
x-amz-server-side-encryption: AES256
ETag: "4d5acbf33f4a0592ac0515db92fe88e6"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1858
X-Amz-Cf-Id: znHwwZRexBNxWaXPC3keit9AvxIrKZ4841oOgExAnZ7v1BIwIwM0xg==

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
332 B 224ms
30ms XHR
application/json 34.248.75.195
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.248.75.195 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-248-75-195.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: ab49a0c9123c7b64ff525f199becec33dee08582cc0f7b82ea9435b1f76ce9bb

Request headers

Referer: https://wheregoes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 28 May 2023 00:05:57 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://wheregoes.com
cache-control: no-cache
x-server: 10.45.30.49
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H/1.1 204 increment Show response
id5-sync.com/api/esp/ 0
322 B 30ms
7ms XHR
text/plain 141.95.33.111
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.33.111 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ns3203177.ip-141-95-33.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://wheregoes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://wheregoes.com
date: Sun, 28 May 2023 00:05:57 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 04C4 15 KB
6 KB 178ms
17ms Document
text/html 2a02:2638:d::d
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=wheregoes.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

645709dcb09b2700fd5a5938dbdf783ac90a88334e5104041db53302441f33e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://wheregoes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 28 May 2023 00:05:56 GMT
server: Kestrel
server-processing-duration-in-ticks: 462587
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 180ms
44ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=wheregoes.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305230101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 00:05:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 137ms
44ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=wheregoes.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305230101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 00:05:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 91 KB
16 KB 112ms
111ms XHR
text/plain 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1203818401506877&correlator=1270763713779037&eid=31074923%2C31073559&output=ldjh&gdfp_req=1&vrg=202305230101&ptt=17&impl=fifs&iu_parts=8691100%2CWheregoes_S2S_Leaderboard_ATF_ROS%2CWheregoes_S2S_Sidebar_ROS_Pos1%2CWheregoes_S2S_Sticky_Sidebar_ROS_Pos2&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3&prev_iu_szs=728x90%7C970x90%2C300x250%2C300x250%7C120x600%7C160x600%7C300x600&ifi=1&adks=1696759606%2C2861055222%2C3809685794&sfv=1-0-40&prev_scp=optimize_ad_unit_id%3Dbsa-zone_1641228026595-4_123456%26optimize_inview%3Dfalse%26optimize_refresh_int%3D0%26hb_size%3D970x90%26hb_pb%3D0.02%26hb_creative%3D382650110%26hb_adid%3D5076d9871d828cf%26hb_bidder%3Dappnexus%26_bd%3Dbid%26_pl%3D0.02%26hb_size_rubicon%3D728x90%26hb_pb_rubicon%3D0.01%26hb_adid_rubicon%3D484ad7c57ce0d59%26hb_bidder_rubicon%3Drubicon%26hb_size_appnexus%3D970x90%26hb_pb_appnexus%3D0.02%26hb_adid_appnexus%3D5076d9871d828cf%26hb_bidder_appnexus%3Dappnexus%7Coptimize_ad_unit_id%3Dbsa-zone_1641228120494-5_123456%26optimize_inview%3Dfalse%26optimize_refresh_int%3D0%26hb_size%3D300x250%26hb_pb%3D0.04%26hb_creative%3D2149%253A11272455%26hb_adid%3D46104d2555875f3%26hb_bidder%3Drubicon%26_bd%3Dbid%26_pl%3D0.04%26hb_size_rubicon%3D300x250%26hb_pb_rubicon%3D0.04%26hb_adid_rubicon%3D46104d2555875f3%26hb_bidder_rubicon%3Drubicon%26hb_size_appnexus%3D300x250%26hb_pb_appnexus%3D0.03%26hb_adid_appnexus%3D5122d43dcd8541f%26hb_bidder_appnexus%3Dappnexus%7Coptimize_ad_unit_id%3Dbsa-zone_1641318529900-6_123456%26optimize_inview%3Dfalse%26optimize_refresh_int%3D0%26hb_size%3D300x250%26hb_pb%3D0.03%26hb_creative%3D423368973%26hb_adid%3D526b1a067e2f2d4%26hb_bidder%3Dappnexus%26_bd%3Dbid%26_pl%3D0.03%26hb_size_nobid%3D300x250%26hb_pb_nobid%3D0.02%26hb_adid_nobid%3D47e4eaf08a6e6c%26hb_bidder_nobid%3Dnobid%26hb_size_rubicon%3D300x600%26hb_pb_rubicon%3D0.02%26hb_adid_rubicon%3D49b2cf7839e4358%26hb_bidder_rubicon%3Drubicon%26hb_size_appnexus%3D300x250%26hb_pb_appnexus%3D0.03%26hb_adid_appnexus%3D526b1a067e2f2d4%26hb_bidder_appnexus%3Dappnexus&eri=1&cust_params=optimize_refreshed%3Dfalse%26optimize_acceptable%3Dfalse%26optimize_adl_debug%3Dfalse%26optimize_ctv_debug%3Dfalse%26optimize_debug%3Dfalse%26optimize%3Dtrue%26optimize_adl_id%3D%26optimize_amp%3Dfalse%26optimize_audience%3Dtech%26optimize_env%3Dprod%26optimize_pub%3Dwheregoes%26optimize_xp%3Da&sc=1&cookie_enabled=1&abxe=1&dt=1685232357696&lmt=1685232357&dlt=1685232355782&idt=1407&adxs=436%2C1091%2C1091&adys=440%2C666%2C950&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0&ucis=1%7C2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwheregoes.com%2Ftrace%2F20232483605%2F&frm=20&vis=1&psz=960x267%7C300x952%7C300x952&msz=960x90%7C300x250%7C300x600&fws=516%2C0%2C512&ohw=960%2C0%2C0&ga_vid=381769040.1685232358&ga_sid=1685232358&ga_hid=84779145&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQYvZ-0_YUxSABSAghkEhsKDGlkNS1zeW5jLmNvbRiqobT9hTFIAFICCGoSGQoKcHViY2lkLm9yZxjzoLT9hTFIAFICCGoSHQoOZXNwLmNyaXRlby5jb20YvZ-0_YUxSABSAghkEhkKCnVpZGFwaS5jb20YvZ-0_YUxSABSAghk

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305230101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a6a3bb54c20503e069b1d80078da9a75bb05d304a3e62c3e7d8d052bc49f0c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 00:05:57 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15621
x-xss-protection: 0
google-lineitem-id: 5936457974,5936457980,5936457977
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138383350381,138383349298,138383350378
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://wheregoes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 158ms
60ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202305230101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305230101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7685fccd2f24dbec595b598c95fe95607acc6d0c2a0c56683b2c0a8f63271eab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 00:05:57 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11265
x-xss-protection: 0

GET
H2 200 container.html Show response
b46f4489daff66e06603ea6e52980509.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 193F 6 KB
3 KB 171ms
46ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b46f4489daff66e06603ea6e52980509.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305230101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wheregoes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 28 May 2023 00:05:57 GMT
expires: Mon, 27 May 2024 00:05:57 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

sid Show response
mug.criteo.com/ Frame 04C4
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=wheregoes.com&sn=ChromeSyncframe&so=0&topUrl=wheregoes.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=QU3ym3x3UzZKcGN1NzljR2RwTkovVFJ3WEI1bkJ6QUhJL0NmaUp2YVI2b2dHZzF0SUw4LzdiZTlHdmNLM01QSlZ1d2hmbFNhclNWc1h2UUFSVWQ4dGE0YjFQODYzcS81RGpySmo0ei9tQi9NbWpDaFRsOVdMS1hTTDVFeG...

428 B
650 B

51ms
15ms

Fetch
application/json

178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=QU3ym3x3UzZKcGN1NzljR2RwTkovVFJ3WEI1bkJ6QUhJL0NmaUp2YVI2b2dHZzF0SUw4LzdiZTlHdmNLM01QSlZ1d2hmbFNhclNWc1h2UUFSVWQ4dGE0YjFQODYzcS81RGpySmo0ei9tQi9NbWpDaFRsOVdMS1hTTDVFeGxyYVphOGZBTC9aK2NidDlvTkxBSzV3bk4rcU5qZElGTjJneDVjMDZlT0RWZUtDZGt2TUh0ZXI2MXJZbjZsTWR0dE45Vmx1ZVlEK0hCMlFzekJyZGQycWFjTGpyWXEvY3V2WFZDaDh6T3N5ZzlMYlpvRlAxRUtQY09vNnYwWWl3ZzFFOFJwdWkyU3QwU2grdWtaSS9pQXEzK2tnVFRWUT09fA&cppv=2

Protocol

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

52011324b0771e7d5f71e7740b2f32a08298df5ad0ad69645cdf314404cb2d0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 May 2023 00:05:57 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1345688
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 28 May 2023 00:05:57 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=QU3ym3x3UzZKcGN1NzljR2RwTkovVFJ3WEI1bkJ6QUhJL0NmaUp2YVI2b2dHZzF0SUw4LzdiZTlHdmNLM01QSlZ1d2hmbFNhclNWc1h2UUFSVWQ4dGE0YjFQODYzcS81RGpySmo0ei9tQi9NbWpDaFRsOVdMS1hTTDVFeGxyYVphOGZBTC9aK2NidDlvTkxBSzV3bk4rcU5qZElGTjJneDVjMDZlT0RWZUtDZGt2TUh0ZXI2MXJZbjZsTWR0dE45Vmx1ZVlEK0hCMlFzekJyZGQycWFjTGpyWXEvY3V2WFZDaDh6T3N5ZzlMYlpvRlAxRUtQY09vNnYwWWl3ZzFFOFJwdWkyU3QwU2grdWtaSS9pQXEzK2tnVFRWUT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 288348
content-length: 0
expires: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9346 0
0 78ms
78ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstYiPXNHWi7b9YT2D8WATqHbJGpXhJLVnYMGt3PF5Uh_Emj-IkVZP-fpeOm13umGKRJpU4O4sxDqm13ipJRsb40Nw7lokNJG6kkeM7-_OFol8quVxp1dp3YxCcvaDsT30XSVAqY6gzfxWkKF2D-OhH5dU4fMaUYVwVhybYVghH9KV102wLWpG6I5nFMG9lZqFKC1i3b9RIS80BTNdLJ027WcPVOkOa3XIF0x3wfBtVaAbW_teWR2NrCKDugv6ricjXBq-dygcDGmbyX62iERFtRfqHic8TMMpr1Qo9GByaASOLt2hvdMZw6sKqjP8TbHWv3CN8HpVAze6iQVjAkCUi9DsAF9w&sai=AMfl-YSHtltn08UenGPnM6M8qVeUJLXhx7wq0dSqQatw9WkguKXrB7C1ix-rXUffPKW6JUoju3lI36mo8NI5PMnUMIa2p3DYVVBd6ooxmuYGjlReg9L35avuD9fQ8UVQ9Tua77QFekmqMLrpeEEtYHA&sig=Cg0ArKJSzKgy40gy_6WPEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: wheregoes.com
URL: https://wheregoes.com/trace/20232483605/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 00:05:57 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 28 May 2023 00:05:57 GMT

GET
H2 200 prebid-universal-creative.js Show response
cdn4.buysellads.net/pub/ Frame 9346 26 KB
9 KB 18ms
18ms Script
application/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn4.buysellads.net/pub/prebid-universal-creative.js?1.13.0
Requested by: Host: wheregoes.com
URL: https://wheregoes.com/trace/20232483605/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: AmazonS3 /
Resource Hash: 3077c047c7210f4e52a637ba10a8d5346ed72d4e29956c96aaa8f8aac58d440c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 00:05:57 GMT
content-encoding: gzip
last-modified: Fri, 26 May 2023 19:09:39 GMT
server: AmazonS3
x-amz-request-id: RS1MK8PZ65FMB49S
etag: "6247b34aaaa023705aa5146179ffd119"
x-amz-server-side-encryption: AES256
x-hw: 1685232357.cds281.am5.hn,1685232357.cds259.am5.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
content-length: 8892
x-amz-id-2: oSrzyvzsOMYnUHrSIXwGMeorVEyf8ZwOUFStoHZTVLFTTOcd36Lrw+E+hawn0zxcihIomFYT0xs=

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9346 171 KB
53 KB 51ms
50ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305230101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c3e04a3f536b4a6300aeee8ee1dbbfddaacaf29d9f44dadff76b136fab44e38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 00:05:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54244
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684927996807358"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 May 2023 00:05:57 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7140 0
0 94ms
94ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstwdMTHQOjfxzvkFbJmtxw3GnfX2JhhoLZ_ZNd6cZp_f66tU0wkS5l_q2kFAsmOs8gUJYxybkCa28Uy0eoo2_I0v2nTgeX1Og9adNYrK6CnCaz43FmpdASCUOXl3J1DSJE2XFLlM97tnOznD5KmsZCdZaensQzrk39KFUrTV_QCOyDQ86nxlr5CM8dKCpQJe5pRc8UCmIWVOJjLwsdcMNr4GuEd-GlHD0NL2Me8VE7aU7Ur83VC9uRDN-wzMgqXmgjpvUqVIyRgCKzxm2LVQmRVUyYBJeRxHNCzfXUUQ4ExnqGJPJyiBGqjiv3SguBA5L2olfr7jWLTI1jKkwIHFS0jYg&sai=AMfl-YSYYilpPCaZ44gmx4pSltqbFFYRZe5_1GfMZCj9Akk70gDQXejk2XQc5LSl2H7c_B_h99whfdG13RvP2W7IhTMYvdpA1hDkNwgL5H6RDS9hMUuasqn9FA_VvH3s4gd6a42onwh-fTNyPAsNYEg&sig=Cg0ArKJSzAteJZXbDeZ9EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: wheregoes.com
URL: https://wheregoes.com/trace/20232483605/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 00:05:57 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 28 May 2023 00:05:57 GMT

GET
H2 200 prebid-universal-creative.js Show response
cdn4.buysellads.net/pub/ Frame 7140 26 KB
9 KB 18ms
18ms Script
application/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn4.buysellads.net/pub/prebid-universal-creative.js?1.13.0
Requested by: Host: wheregoes.com
URL: https://wheregoes.com/trace/20232483605/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: AmazonS3 /
Resource Hash: 3077c047c7210f4e52a637ba10a8d5346ed72d4e29956c96aaa8f8aac58d440c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 00:05:57 GMT
content-encoding: gzip
last-modified: Fri, 26 May 2023 19:09:39 GMT
server: AmazonS3
x-amz-request-id: RS1MK8PZ65FMB49S
etag: "6247b34aaaa023705aa5146179ffd119"
x-amz-server-side-encryption: AES256
x-hw: 1685232357.cds281.am5.hn,1685232357.cds259.am5.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
content-length: 8892
x-amz-id-2: oSrzyvzsOMYnUHrSIXwGMeorVEyf8ZwOUFStoHZTVLFTTOcd36Lrw+E+hawn0zxcihIomFYT0xs=

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7140 171 KB
53 KB 77ms
77ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305230101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c3e04a3f536b4a6300aeee8ee1dbbfddaacaf29d9f44dadff76b136fab44e38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 00:05:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54244
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684927996807358"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 May 2023 00:05:57 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame CCE2 0
0 217ms
217ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuDqnmIMya5K4aydwLJZwC8IPOtbNdwnnvZq-yUq7gPLGAzUpAPU69ioqmM6mt6qEbrwIcvwIw7fYo10jAVzSNqHW3103vN__KPYH68LVkzGJVUf2rOarHpFZ1WegcVWJi5dOGycomPZqfhZk9bok8zTryKNzau8jG7AQlOMOgg0RlAaBddqSypgnAQSn6zc1YwzAHMgAYkAClcx1MFfTtnXghYTl5KnIwYjuMZoOh4AT_5VPFa4McpQLgOVY28-32_bL4vlf1S9wLnz3asTfXFskkVRxVwQLy1pqTFarZE5iTuZWTkd0_6O9IfrTesRq5tyj2gjJRtVk8LP0Z2StknkQOwT-7b5Ug&sai=AMfl-YQCQbca1NGw7zd3EtG-5oF_dJkggO017WqF0uDkRK-bedHUIa7uWRniFIq60nOGmhubm6u-8jg1ugzT7htl79-WxGoCpevG5KhhpcAxDGT9uJDSM2ExI0Iv-G2ePBXh7UX-yhs-FhQAz3x-dZY&sig=Cg0ArKJSzGREM7a6zqTvEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: wheregoes.com
URL: https://wheregoes.com/trace/20232483605/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 00:05:58 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 28 May 2023 00:05:58 GMT

GET
H2 200 prebid-universal-creative.js Show response
cdn4.buysellads.net/pub/ Frame CCE2 26 KB
9 KB 17ms
16ms Script
application/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn4.buysellads.net/pub/prebid-universal-creative.js?1.13.0
Requested by: Host: wheregoes.com
URL: https://wheregoes.com/trace/20232483605/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: AmazonS3 /
Resource Hash: 3077c047c7210f4e52a637ba10a8d5346ed72d4e29956c96aaa8f8aac58d440c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 00:05:57 GMT
content-encoding: gzip
last-modified: Fri, 26 May 2023 19:09:39 GMT
server: AmazonS3
x-amz-request-id: RS1MK8PZ65FMB49S
etag: "6247b34aaaa023705aa5146179ffd119"
x-amz-server-side-encryption: AES256
x-hw: 1685232357.cds281.am5.hn,1685232357.cds259.am5.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
content-length: 8892
x-amz-id-2: oSrzyvzsOMYnUHrSIXwGMeorVEyf8ZwOUFStoHZTVLFTTOcd36Lrw+E+hawn0zxcihIomFYT0xs=

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CCE2 171 KB
53 KB 93ms
93ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305230101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c3e04a3f536b4a6300aeee8ee1dbbfddaacaf29d9f44dadff76b136fab44e38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 00:05:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54244
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684927996807358"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 May 2023 00:05:57 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 160ms
49ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305230101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 00:05:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 28 May 2023 00:05:58 GMT

GET
H/1.1 200
OK knsinarql37c Show response
hal9000.redintelligence.net/zone/ Frame 9346 10 KB
3 KB 52ms
18ms Script
text/html 138.201.64.38
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/knsinarql37c?subid=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&rnd=6428149483004828102&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:apn&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D6428149483004828102%26mt_id%3D6622405%26mt_adid%3D216536%26redirect%3D
Requested by: Host: wheregoes.com
URL: https://wheregoes.com/trace/20232483605/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.64.38 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.38.64.201.138.clients.your-server.de
Software: Apache /
Resource Hash: b719f2c49c49fa2193af6e91f00ddb7e279b89c3681ff481c8998f4fec3f866d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sun, 28 May 2023 00:05:57 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 2800
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H/1.1

200
OK

ck-confirm
tags.mathtag.com/ Frame 9346
Redirect Chain

https://tags.mathtag.com/notify/img?exch=apn&s_exch=apn&id=5aW95q2jLzIzLyAvTW1RMFpUY3hNbUl0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzY0MjgxNDk0ODMwMDQ4MjgxMDIvNjYyMjQwNS80NTYyMzEyLzEzL3BsWj...
https://tags.mathtag.com/ck-confirm?bid_id=6428149483004828102&node_id=3304&exch_id=13

49 B
329 B

35ms
34ms

Image
image/gif

185.29.132.242
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/ck-confirm?bid_id=6428149483004828102&node_id=3304&exch_id=13
Requested by: Host: wheregoes.com
URL: https://wheregoes.com/trace/20232483605/
Protocol: HTTP/1.1
Server: 185.29.132.242 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.389.1 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sun, 28 May 2023 00:05:57 GMT
Server: MMBD/3.389.1
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: zrh-router-x71, cdg-bidder-x65
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Sun, 28 May 2023 00:05:56 GMT

Redirect headers

Date: Sun, 28 May 2023 00:05:57 GMT
x-mm-nodeid: 3304
x-mm-bid-request-time: 1685232357
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Connection: keep-alive
Content-Length: 86
x-mm-handled-by-owner: true
Last-Modified: Sun, 28 May 2023 00:05:57 GMT
Server: MMBD/3.389.1
x-mm-latency: 11 (0)
Content-Type: text/html; charset=utf-8
Location: https://tags.mathtag.com/ck-confirm?bid_id=6428149483004828102&node_id=3304&exch_id=13
x-mm-dbg: NotCount
Cache-Control: no-cache
x-mm-host: zrh-router-x80, cdg-bidder-x65
Keep-Alive: timeout=360
x-mm-lag: 0
Expires: Sun, 28 May 2023 00:05:56 GMT

GET
H/1.1 200
OK img
pixel.mathtag.com/event/ Frame 9346 43 B
562 B 42ms
18ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=13&v2=6428149483004828102&v3=651871&v4=4562312&v5=6622405&mt_nsync=1&no_attr=1
Requested by: Host: wheregoes.com
URL: https://wheregoes.com/trace/20232483605/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 851 9bd98ae master cdg-pixel-x14 config_version:"unknown" /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sun, 28 May 2023 00:05:57 GMT
Server: MT3 851 9bd98ae master cdg-pixel-x14 config_version:"unknown"
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 43
Expires: Sun, 28 May 2023 00:05:56 GMT

GET
H/1.1 200
OK img
tags.mathtag.com/event/ Frame 9346 49 B
329 B 100ms
67ms Image
image/gif 185.29.132.242
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/event/img?type=mmImpTrack&exch=apn&bid=6428149483004828102&st=4562312&time=[IMP_ATTR.time]&nodeid=3304
Requested by: Host: wheregoes.com
URL: https://wheregoes.com/trace/20232483605/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.132.242 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.389.1 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sun, 28 May 2023 00:05:57 GMT
Server: MMBD/3.389.1
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: zrh-router-x72, cdg-bidder-x65
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Sun, 28 May 2023 00:05:56 GMT

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/233/ Frame 9346 80 KB
27 KB 45ms
11ms Script
application/x-javascript 23.35.236.188
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/233/trk.js
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1685232000000
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-188.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 096ef6644ebed2ac191e5a20c7c5bf31a24d8739912e2142003fdaa469a13aa5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sun, 28 May 2023 00:05:57 GMT
Content-Encoding: gzip
Last-Modified: Tue, 23 May 2023 13:36:07 GMT
Server: AkamaiNetStorage
ETag: "9016354863c2896e70daab6e27775aa5:1684848967.582788"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27646
Expires: Mon, 27 May 2024 00:05:57 GMT

GET
H/1.1 200
OK it
ams3-ib.adnxs.com/ Frame 9346 0
935 B 52ms
14ms Image
text/html 185.89.210.101
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fwheregoes.com%252Ftrace%252F20232483605%252F&e=wqT_3QLpCuhpBQAAAwDWAAUBCOW1yqMGEKrfqOLK8KyrQhgAKjYJVyO70jJSnz8RgVoMHqZ9lz8ZAAAA4HoU5j8hgQ0SACkRJMgxAAAAQOF6pD8w9e2zCzjKQUAdSAhQ_o27tgFYmNVSYABokfdreKb2BYABAYoBA1VTRJIFBvRsBJgBygegAVqoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAgDgAp_wP-oCKGh0dHBzOi8vd2hlcmVnb2VzLmNvbS90cmFjZS8yMDIzMjQ4MzYwNS-AAwCIAwGQAwCYAxegAwGqA9YGCo0GaHR0cDovL3RhZ3MubWF0aHRhZy5jb20vbm90aWZ5L2ltZz9leGNoPWFwbiZzX2V4Y2g9YXBuJmlkPTVhVzk1cTJqTHpJekx5QXZUVzFSTUZwVVkzaE5iVWwwVFVSQmQwMURNSGROUkVGM1RGUkJkMDFFUVhSTlJFRjNUVVJCZDAxRVFYZE5SRUYzTHpZME1qZ3hORGswT0RNd01EUTRNamd4TURJdk5qWXlNalF3TlM4ME5UWXlNekV5THpFekwzQnNXamhXUjNWcmJucHBjbFJMUmtoVE1FZElXRVZKTlZwYVpFcEZiRk54UlZSbFVXVmFaa3RUUVZVdk1TOHhNeTh3THpBdk9UVTJPREF6THpNeE1UYzNPRE01TkRrdk1qRTJOVE0yTHpZMU1UZzNNUzh4THpBdk1DOU5SRUYzVFVSQmQwMUVRWFJOUkVGM1RVTXdkMDFFUVhkTVZFRjNUVVJCZEUxRVFYZE5SRUYzVFVSQmQwMUVRWGN2TUM4d0x6QXZNQzh3THpZME1qZ3hORGswT0RNd01EUTRNamd4TURJdllXMXpMekF2TXpFdk9TODVPVGt2TVRZeUx6RTROUzR5TVRNdU1UVTFMakF2TUM0d01EQXZNVFk0TlRJek1qTTFOeTh4TmpnMU1qUTBPVFUzTHpFekx6RXdOekF4TkRFdi9sSC1FLWhhalNqX19vd2tzVXlTMEdFZVBuT1Umbm9kZWlkPTMzMDQmZ3JvdXA9Y2RnJmF1Y3Rpb25pZD02NDI4MTQ5NDgzMDA0ODI4MTAyJnBic19hdWN0aW9uaWQ9NjQyODE0OTQ4MzAwNDgyODEwMiZzaGFyZGtleT02NDI4MTQ5NDgzMDA0ODI4MTAyJnByaWNlPSR7QVVDVElPTl9QUklDRX0mYnA9YV9hZGFmaWgmbmZ5X2FjdD1MRDV3ZjNVJmJmaXA9MTg1LjI5LjEzNC4yMjgmc2lkPTQ1NjIzMTImY2lkPTY2MjI0MDUmc3JjPWFwaSZ0eXBlPW51cmwmY2xpZW50PXMycxITNjQyODE0OTQ4MzAwNDgyODEwMhoTNDc4MDIwNTQzNjkwNzk1ODE4NiIJMzgyNjUwMTEwKgYxMDE5MzY6BzY2MjI0MDXAA6wCyAMA2AMA4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDzE4NS4yMTMuMTU1LjE0MagEALIEDwgAEAEY2AUgWigAMAA4ArgEAMAEAMgEANoEAggB4AQB8AT-jbu2AYgFAZgFAKAFwICxoci32flOwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFi-tL-gUECAAQAJAGAJgGALgGAMEGCSMs8D_QBvmrAdoGFgoQCRIZAZgQABgA4AYB8gYCCACABwGIBwCgBwGqBwY2NTE4NzHIB6b2BdIHDQkRMQEvDNoHBggFCWjgBwDqBwIIAPAHuckCiggCEACVCAAAgD-YCAE.&s=db57ab409514156807a71421231990a311f9fb78

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1685232000000

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 May 2023 00:05:57 GMT
AN-X-Request-Uuid: 33ae94a5-f9e4-4550-bd0c-41c50f358734
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 185.213.155.141; 185.213.155.141; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 1A5D 157 KB
48 KB 104ms
70ms Document
text/html 2a02:2638:d::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=12F10575BFC817E0&u=%7CIC%2BrATLYZKtX74gq%2Bc6p7MAvdOBtpvYX%2FKAaG4Gt7Fg%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU870gEAOzIR7LKk_mcvZ6vJsCmbh3GlMA9xW1E4e--yQkBCvTujtwhnkE7UomXZXVswmsA17itRYAOZTALqbApMURvT7YOOlW8h4Ff092eqbn5GMzzBI6oDeC_0xN36VuITFfOwr01f1af3xuK7kBWMr-W95x53I2tRwxXnzLNNS8LmEP5V0uI5h3Bh10fOb1XMr9et9vWHrTGyCWd5nwafsIRe287TBrLM9YhJJDBWWWxMtKZcZsGv0ZiQk7YIzTtDkM32cDgUZxNlJvgE55QQIhFKG19mxXdq0p2Z3OaHSiFnTuKIy_2kIhNjbRo2dmYeUCRCm1uX6hS1fBYgld2shpTZuz3jBNG2-Kk9bjeRDgx0CJFrLf7kBFSOUTvx71IlpxPVUYLpn4VMphT-ORR3ZYeOceQVzVz91mohGgpXdbtdiZ30Elj6A-wLVCWVzsgVktR550cEi54UgT3MbaBOlF89fJxsvCALd_OyMr-Kt9tSoEpmrTAAW7Lt3u40en2S9Rc0LAh7nz7ss9BIduJlwVvYIpdEYmcO0zK3YhLhBIVPmoYLpg3tcDwsUtGh5SIJzMVnipbsJPWBOf3SD_85AaxjTfQGMg_BW_qtnXTYE0o0YkFZP_57eS3Li-LAbxCXf2F49IsVYj4

Requested by

Host: wheregoes.com
URL: https://wheregoes.com/trace/20232483605/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

cd336cdb075c8c61a776a9239837fe679b747b292e906aa9b2aa171fc30aed69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://wheregoes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Sun, 28 May 2023 00:05:57 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=ec8s4A8RtmAPtjM5m8kFefULf_SF9vlYCUkU7taTqoOIY8I3TYFqCQANgBxDipFPpcbbL802p-98k6DGlwb4wZkyAltXAtTV9L4MKSEqVrRDW7GWlnROm2BqgU2xnS84ce9un_5FdT8_QQvR2WtMJKTcjZZZOLdg7rsKWvuP3iVBTjbcY1dJmazq8L-2rrS_VnDwUJuiwufDNvFvNMrMPX8lYL69nus47UMHPIWYpQ3IOSmjh4N5FdqWATW1zqHvKWv3Vw"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 52834785
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 8E6B 281 B
554 B 45ms
8ms Document
text/html 23.56.202.187
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by: Host: wheregoes.com
URL: https://wheregoes.com/trace/20232483605/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.56.202.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-56-202-187.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://wheregoes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sun, 28 May 2023 00:05:57 GMT
ETag: "40010-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 d899f6a6-7391-48f3-a0ed-7800962af27b
beacon-ams3.rubiconproject.com/beacon/d/ Frame 7140 43 B
227 B 100ms
16ms Image
image/avif 2602:803:c003:200::27
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beacon-ams3.rubiconproject.com/beacon/d/d899f6a6-7391-48f3-a0ed-7800962af27b?oo=0&accountId=18812&siteId=405332&zoneId=2271886&sizeId=15&e=6A1E40E384DA563B7760648F53B9727663E3FF628029FB31C773B0682D05FE00CFCE4556E181324E2EC7ABE9276DE3617A3220A15E3EC91DF2216BA21D18B6B18CA755AB59DD1291E12BB6BA04C926BC85480D01CD81A0D2167CA67CF7A568B70CEF83E142054C94496CA02359E6713A2B24F42459EF0EC015A1DE28F4F587FCE64F0E2ECB6FC2856D877C98F354CE945D3188164E4B73293157DDB021C17C9A3D14E0FF425A058237C953A475CEAEC224556944B4E177C297AF0405B0FAFA132059E12C534697A92211D40BDE5D149D946CAC0BD223298840C1A33D0F6EDAB1424E75F93CAB940C67FE2FA54D5E6DFB978A9A58A751D5C0A65648DF60EDBB3513CD045AE30AA12D4ECE569683FE438FDCCA0558901DB435F6CBFB1C6206AB3EBE1FD790BE976F62E03F43B36C958EAF963B02F67D7F894B8E39227113A046C1CA68535F7351B3C4F00063EBEE9994BB17AD3A7F0B34DC6BBEC1D7BE0AA9B32A961A738B95441E65EC98E0345D797CDF50E8E925C331E331570CE0526ACE5EF2FCC997546625F86102F04048D1EEA6CA63AAD2A8EC9F82A70475BA3B741F60212E2884769C3E2D4CD00A53ABC94249F42F54E7A1B26D23B97065B8A11F3DF09AC4B8B7D6019B54EB9FF2E8EA54EA80AE5902F3709B33147C2C8EA90DB011AB25564D87EFD80EC9A26F5CF24CAD1123E85D2F8EDF4232D7F14472C5A87CDDAA725EEF744842F4F165B198037659D7B1439D9A89DEB458B9C9478ED7E89D52E0D33EF573FD5CD5E99E689FFA140E144A5913299293B2FE2755BC4E0581B1520B0A1ECDA959158F46F3185F080A46FEB0514730DF7508C4E65DA99547755B72153910B3FEEE690A4616BA72AC4A3AFF9D293083C3B480C94AB715D471E39698E60488FB82D9BE4981CB58EC914D9CD08FF37F3020DA3CC24A046334DFB09D4278094C7FB35B2E47ACC5D6926499397667751A445605E9EC7F4CC72124E6C4594ACBCC976E6DA4F12F1235D57EC444E1FA09A8901DCB177D330F40CCB7C6A04EAC2B6D983679EB0B13C61E5C861122DEA00A57ECC70F11F9A81FB5318DAA2F839E757CD1FDAA4928CBAEB36F1EBFD1CFFECF5DDAB75E6EE1C8B741FF9A3FAF75111314E1CF13EF6C13C180C33F6B005A96090F0FC46EAC7D40B62C6C2112AF0690099DDF5220CA85ED0C542509B6705D1C99CDA10306204D320B

Requested by

Host: wheregoes.com
URL: https://wheregoes.com/trace/20232483605/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2602:803:c003:200::27 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),

Reverse DNS

Software

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 May 2023 00:05:56 GMT
x-content-type-options: nosniff
x-frame-options: DENY
content-type: image/avif
cache-control: private, max-age=0, no-cache
content-length: 43
x-xss-protection: 1; mode=block
expires: 01 Jan 1970 10:00:00 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame F0B0 273 B
703 B 154ms
53ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMmp1wIQ19vYAhjU3vPiATAB&v=APEucNVOB5P1ZWIRCR-GRP-TjeZuLws2dDXlG_o7UxYyMgvAoyy8hLksKgs_yP-x10sjQ4ElpWEsLtrd3g7vVHatz8xUf07aPFJoQtkSdDRqxiE4b7Fq-RmQDA3KVbCuwvTTMQVfA60GiKyvG3FtLYnVhuSSyIfqSFLa-FlqP_g4vrFZC81HdNpmqh37vhU1x6VU0glj_j91jAOnLVJ-OXWWZp_GX1ezhI2pBNlenxdalge_kp6V7Mc

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1685232000000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f9069e765fbe398f997add12a68cb2a29757379a4419198ef6fc3f627a06011f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wheregoes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 101
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 28 May 2023 00:05:58 GMT
expires: Sun, 28 May 2023 00:05:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame CCE2 78 KB
27 KB 131ms
57ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1685232000000

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 00:05:58 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28042
x-xss-protection: 0
server: cafe
etag: 3261498652431352696
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sun, 28 May 2023 00:05:58 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame CCE2 42 B
63 B 153ms
80ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BmZhlnJ1nRqXZJIekynVoSBrf9dF7a31Pj-IGRWt21T0KlEbdBfpSL4iO5xU46OYz5qSZqiS2q_YQew768i2RkZop6ROd3_UUtLC7C26-R3xHQmDE

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1685232000000

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 May 2023 00:05:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CCE2 0
20 B 155ms
83ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=7856757008322429958&x=10&ct=119

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1685232000000

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 May 2023 00:05:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/233/ Frame CCE2 80 KB
27 KB 30ms
11ms Script
application/x-javascript 23.35.236.188
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/233/trk.js
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1685232000000
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-188.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 096ef6644ebed2ac191e5a20c7c5bf31a24d8739912e2142003fdaa469a13aa5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sun, 28 May 2023 00:05:57 GMT
Content-Encoding: gzip
Last-Modified: Tue, 23 May 2023 13:36:07 GMT
Server: AkamaiNetStorage
ETag: "9016354863c2896e70daab6e27775aa5:1684848967.582788"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27646
Expires: Mon, 27 May 2024 00:05:57 GMT

GET
H/1.1 200
OK it
ams3-ib.adnxs.com/ Frame CCE2 0
935 B 42ms
14ms Image
text/html 185.89.210.101
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fwheregoes.com%252Ftrace%252F20232483605%252F&e=wqT_3QLhCuhhBQAAAwDWAAUBCOW1yqMGEIf0zIO9-PS7exgAKjYJo8haQ6m9qD8RehaE8j6Ooj8ZAAAA4HoU5j8heg0SACkRJNAxAAAAQOF6pD8w9e2zCzjKQUC8CUhlUI2y8MkBWJjVUmAAaJH3a3im9gWAAQGKAQNVU0SSAQEG9NwEmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAgDgAp_wP-oCKGh0dHBzOi8vd2hlcmVnb2VzLmNvbS90cmFjZS8yMDIzMjQ4MzYwNS-AAwCIAwGQAwCYAxegAwGqA8YGCo8GaHR0cHM6Ly9hZHguZy5kb3VibGVjbGljay5uZXQvcGFnZWFkL2Fkdmlldz9haT1DTTBWbTVacHlaS1hMSVpMaTdnT095TGVZQm9DUDF1Vnd4cC0zbHE4Ui1DNFFBU0RtbDlZbFlKWGlrSUtnQjZBQnZOZTB3Z0xJQVFtcEFtX1RmWUplX2JFLXFBTUJ5QU9iQktvRXhnRlAwQ3RCZmlvOUdndWhLRHQzWjRLOUJPUjUzc1pULWtwZVNSUUI3MDR1WHFSemUwZlUxUUdJTWZLTzZlNFBtNmxCNm42UU80S3pEM0E5WG1IV0QtRjd6R2dkYVlnNlpQS1VvX0xIN1NBLXN5NHV0VnZKSjJjaUt1b0ZKbzZKYk5vWFpvLVRUNWwzeXphbHBKd085czVNYnpPVnhyZVNwc1AtMEZ3cGdoMC1NQy16VnFhM0Z1MEltNFhXUTBNUktLREd3SFlySWJPR1VwVXZsWlJNUGllWnNUVU9TNWdDUU12VjVYbEVuY3QxYzlHUmJEYndaNXBjYW5kS1l3VjJlYi11NmE4OWVUdkFCTnJxMzgtc0JPQUVBNGdGbTUtOW5VcVNCUVlJSFJBRUdBR1NCUVlJSFJBQkdBR1NCUVlJSGhBQkdBR1FCZ0dnQm5lQUI2eW95NzBCcUFlT3podW9CNVBZRzZnSDdwYXhBcWdIX3A2eEFxZ0hwS094QXFnSDFja2JxQWVtdmh2WUJ3RHlCd29Rd3ZrQ0dOVGU4LUlCMGdnV0NJRGhnQkFRQVJoZk1nS3FBam9DZ0VCSXZmM0JPdklJRG1KcFpHUmxjaTB6TURVMk5EUTNnQW9FeUFzQnNCUGcxY0lUeUJPMnFKVGlBOUFUQU5nVEVOZ1VBZEFWQVlBWEFiSVhDQW9HQ0FBU0FCZ0Emc2lnaD1seHlwYXByVXExcyZ1YWNoX209W1VBQ0hdJmNpZD1DQVFTR3dCeWdRaUR5NnpXTkhpc2lqeVBWOFpRSkJqajhlYkttcVRubVJnQiZwcj0xMDoke0FVQ1RJT05fUFJJQ0V9GhM4ODk2ODEyNDI2ODYzMDAwMDcxIgk0MjMzNjg5NzMqBzU2MjUwMzM6CTQ3NTg1MjYyOMADrALIAwDYAwDgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQPMTg1LjIxMy4xNTUuMTQxqAQAsgQQCAAQARisAiD6ASgAMAA4ArgEAMAEAMgEANoEAggB4AQB8ASNsvDJAYgFAZgFAKAF0Yv8uYX9i9NxwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFjKAU-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBsKLAdoGFgoQAAAAAAAAAAAAAAAAAAAAABAAGADgBgHyBgIIAIAHAYgHAKAHAaoHCzE5OTI2MDQ0NTcxyAem9gXSBw0JAAAAAAAAAAAQABgA2gcGCAAQABgA4AcA6gcCCADwB7nJAooIAhAAlQgAAIA_mAgB&s=84a2f200b24d0de920116a384d9ade3e55eb4651

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1685232000000

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 May 2023 00:05:57 GMT
AN-X-Request-Uuid: 39c5796d-d805-4cf1-933e-b5e8280ae95d
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 185.213.155.141; 185.213.155.141; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 8E6B 34 KB
10 KB 8ms
7ms Script
text/html 23.56.202.187
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.56.202.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-56-202-187.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 056697ed15e390bb5d6013a6bae699c5cbe364bf06b2c957c8c7d3c8d84b8355

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sun, 28 May 2023 00:05:57 GMT
Content-Encoding: gzip
Last-Modified: Sat, 27 May 2023 11:40:38 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=41700
Connection: keep-alive
Content-Length: 10084
Expires: Sun, 28 May 2023 11:40:57 GMT

GET
H/1.1

200
OK

request.php Show response
hal900029.redintelligence.net/ Frame 9346
Redirect Chain

https://hal900029.redintelligence.net/request.php?zone=knsinarql37c&nw=20&renderingType=javascript&namespace=354454591c&subid=&uid=29f0c7c5f293d076&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900029.redintelligence.net/request.php?zone=knsinarql37c&nw=20&renderingType=javascript&namespace=354454591c&subid=&uid=29f0c7c5f293d076&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

3 KB
2 KB

132ms
108ms

Script
application/x-javascript

88.99.219.174
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900029.redintelligence.net/request.php?zone=knsinarql37c&nw=20&renderingType=javascript&namespace=354454591c&subid=&uid=29f0c7c5f293d076&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aapn&envData=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&ud=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D6428149483004828102%26mt_id%3D6622405%26mt_adid%3D216536%26redirect%3D&documentReferer=https%3A%2F%2Fwheregoes.com%2Ftrace%2F20232483605%2F&ancestorOrigins=https%3A%2F%2Fwheregoes.com&random=6818593416005&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: wheregoes.com
URL: https://wheregoes.com/trace/20232483605/
Protocol: HTTP/1.1
Server: 88.99.219.174 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.174.219.99.88.clients.your-server.de
Software: Apache /
Resource Hash: 8d11c66d7f310f9aca74196892947d94e222f2ae0b36298d168002bf2431b5ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 May 2023 00:05:58 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 97383300005799400951443012338029
Connection: close
Content-Length: 1117
Expires: Sun, 28 May 2023 01:05:58 +0200

Redirect headers

Pragma: no-cache
Date: Sun, 28 May 2023 00:05:58 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=knsinarql37c&nw=20&renderingType=javascript&namespace=354454591c&subid=&uid=29f0c7c5f293d076&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aapn&envData=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&ud=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D6428149483004828102%26mt_id%3D6622405%26mt_adid%3D216536%26redirect%3D&documentReferer=https%3A%2F%2Fwheregoes.com%2Ftrace%2F20232483605%2F&ancestorOrigins=https%3A%2F%2Fwheregoes.com&random=6818593416005&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 0
Expires: Sun, 28 May 2023 01:05:58 +0200

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7140 0
0 78ms
77ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstmOJWRecub6vyRQDZKuMlT3MUl3DxDeAFMyrUM9pjV5G_QHbvuPFaQ3xfS6Lo5NWOsbVS5EyCwHqUHFNKBrASty_7s3VurCXiogQO4Oe6inIX1JJPGdIB38PpSRvt31Pg3a0EpmGWYj2NW0DhAz0PRbIfOIlPiwzx5E4ORwe8Rebl-YN5y27Cj-ec6VexMFfATE3okZcqKVcyrdO_ZolHGGVEV-Kwss8A5dvmz5WQ1FnhMyNgCeEXjegfp_LprR13Id26oixwXiV4i3M0S2e2y0mvGpwtv3_sUB_65igxvtvc6gnA8veTTVecsviQmbR8h1r0HgbflkjVnq--zmW6uAg27&sai=AMfl-YSxyMkSVVsn8wFaQv-aBM7cHoHB55SjFnoya1G0rN7TNnHkA_1unD8LU9oZP1MuwXnUy1smgPfGRQngKZIS3fDC_d2oVTsHa1rQ9tAmRjbQNcyjhwThmcFsR8LTEXfkizk8hd8cQC36L7o8qjc&sig=Cg0ArKJSzJNIn1HwOc2gEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 00:05:58 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 28 May 2023 00:05:58 GMT

GET
DATA 200
OK truncated
/ Frame 7140 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1510a77dfa07f5bc82c8c9fe3ca8ec9cfc3824145bc3f911f81907f81bc0ef40

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 1A5D 2 KB
1 KB 14ms
14ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=12F10575BFC817E0&u=%7CIC%2BrATLYZKtX74gq%2Bc6p7MAvdOBtpvYX%2FKAaG4Gt7Fg%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU870gEAOzIR7LKk_mcvZ6vJsCmbh3GlMA9xW1E4e--yQkBCvTujtwhnkE7UomXZXVswmsA17itRYAOZTALqbApMURvT7YOOlW8h4Ff092eqbn5GMzzBI6oDeC_0xN36VuITFfOwr01f1af3xuK7kBWMr-W95x53I2tRwxXnzLNNS8LmEP5V0uI5h3Bh10fOb1XMr9et9vWHrTGyCWd5nwafsIRe287TBrLM9YhJJDBWWWxMtKZcZsGv0ZiQk7YIzTtDkM32cDgUZxNlJvgE55QQIhFKG19mxXdq0p2Z3OaHSiFnTuKIy_2kIhNjbRo2dmYeUCRCm1uX6hS1fBYgld2shpTZuz3jBNG2-Kk9bjeRDgx0CJFrLf7kBFSOUTvx71IlpxPVUYLpn4VMphT-ORR3ZYeOceQVzVz91mohGgpXdbtdiZ30Elj6A-wLVCWVzsgVktR550cEi54UgT3MbaBOlF89fJxsvCALd_OyMr-Kt9tSoEpmrTAAW7Lt3u40en2S9Rc0LAh7nz7ss9BIduJlwVvYIpdEYmcO0zK3YhLhBIVPmoYLpg3tcDwsUtGh5SIJzMVnipbsJPWBOf3SD_85AaxjTfQGMg_BW_qtnXTYE0o0YkFZP_57eS3Li-LAbxCXf2F49IsVYj4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 00:05:58 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 22 May 2024 00:05:58 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 1A5D 2 KB
1 KB 14ms
14ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 00:05:58 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 22 May 2024 00:05:58 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 1A5D 308 B
636 B 15ms
14ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 00:05:58 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Wed, 22 May 2024 00:05:58 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 1A5D 293 B
621 B 15ms
15ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 00:05:58 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Wed, 22 May 2024 00:05:58 GMT

GET
H2 200 lg.php
cat.fr3.eu.criteo.com/delivery/ Frame 1A5D 43 B
348 B 58ms
19ms Image
image/gif 178.250.7.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.fr3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=D7aGa6IrIpzt9KJcSSfVyTE1Xx-ph9A87Y8g-y4kn6Zm33qPixIahZEPBb-1zHQfFW_RgtqsAPi2UTukKaEmQ9d509ZujYDuydRzrr5gUWGgCWcLzhYXhpAKF4uF0kFUv9xl9g4FiBW6qZAy2CspilkZFoG6PMD3AXeqqDKNdVePsfZgzNK8mJLvj8FKlT1fFLlBc00cf0pPtY_9_cMwQtn9cwpMHmE_3EeTFz4ElSJju-GFsL15wgpRaneL_cfoBr1ltz4sCeH3_4ILhL5KoSQdIQ1CzhUDs0_EETZzN6806A3XzMiK8y-hYDiDKVeqK09zrrvlHap3olArnP6NalsStID_gpgMd7DEx0poyxQ1T-vDqUFFV2K7iQQGA1WxtyLmlQxKujytpb-OxyxRn4j4qrxTjG3c51TwIXLbp49_2lim

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 May 2023 00:05:57 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3216356
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 dis.aspx Show response
widget.fr3.eu.criteo.com/dis/ Frame 22F4 6 KB
3 KB 65ms
18ms Document
text/html 178.250.7.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.fr3.eu.criteo.com/dis/dis.aspx?pu=7944&cb=64729ae59959583edf155df17aca1587&r=https%3a%2f%2fwheregoes.com%2f&crossorigin=false

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

3ec5b19f92b121ae88d7dabc653ade87d85778cac8dd422ae698e419dee8c969

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
content-encoding: gzip
content-type: text/html
date: Sun, 28 May 2023 00:05:57 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 2129100
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
vary: Accept-Encoding

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 1A5D 12 KB
5 KB 55ms
24ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 00:05:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 720512
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zv%2BYZ2J2hjxykPjusgFeByUaJ%2FO3Qqp2jxh1Poc2MH9y%2F3DrH9qAA0V8s5BBMnJahuPIWympFodCVIWH8KZkJaUA7H1eh8L6SRrcWnsnHO67EogF9j6H4QV8al7LkrnDCWbnV1Sn4txLxV7jntxMAfbK"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7ce23fbdfea81bcf-FRA
expires: Fri, 17 May 2024 00:05:58 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 1A5D 12 KB
6 KB 16ms
16ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 00:05:58 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 22 May 2024 00:05:58 GMT

GET
H2 200 57fc69cc3cca4b89ade9c41d08bf92a7_brandon_grotesque-bld.woff
static.criteo.net/design/dt/ Frame 1A5D 43 KB
43 KB 59ms
25ms Font
application/octet-stream 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/57fc69cc3cca4b89ade9c41d08bf92a7_brandon_grotesque-bld.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

57043935a3503c7aff7dd3ee5f28f037147ca3f81cc4876f67a33ca14ac45dcb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 00:05:58 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 16 Dec 2021 16:35:44 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"61bb6ae0-ac58"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 22 May 2024 00:05:58 GMT

GET
H2 200 77148dee27c54153bf1c442788a31deb_brandon-grotesque-light-58a8a4b38001d.woff
static.criteo.net/design/dt/ Frame 1A5D 42 KB
42 KB 66ms
32ms Font
application/octet-stream 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/77148dee27c54153bf1c442788a31deb_brandon-grotesque-light-58a8a4b38001d.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

ff9203317e7c9fbb07a67ce6a0965a5643e0f2c8153992ab783813cfa3890b39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 00:05:58 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Mon, 19 Jul 2021 14:25:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60f58b58-a808"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 22 May 2024 00:05:58 GMT

GET
H2 200 3154164d2c5c401690a32afc5ebce507_brandon-grotesque-bold-italic-58a8a48221563.woff
static.criteo.net/design/dt/ Frame 1A5D 41 KB
41 KB 67ms
34ms Font
application/octet-stream 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/3154164d2c5c401690a32afc5ebce507_brandon-grotesque-bold-italic-58a8a48221563.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

2d9fb017af918459b599da7e62b718250c644cba54ac9c18282a724b0482362b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 00:05:58 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Mon, 19 Jul 2021 14:25:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60f58b58-a344"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 22 May 2024 00:05:58 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 1A5D 11 KB
11 KB 55ms
21ms Image
image/png 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=76&m=0&partner=100874&q=80&r=0&u=http%3A%2F%2Fstatic.fr3.eu.criteo.net%2Fdesign%2Fdt%2F100874%2F230110%2F2878dd0724264ff78370d5dc5586ae8a_logohorizontal.png&v=3&w=596&s=nRfF1mApZTsubhTEbF8vhRVR

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

50d658a8866f2060310848c16218d1e6be2ad7323f7200403f4a26ef21a5b436

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 00:05:57 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
content-length: 10971
expires: Tue, 30 Apr 2024 08:30:18 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 1A5D 17 KB
17 KB 80ms
45ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=100874&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0278%2F0391%2F0197%2Fproducts%2FOC-08-S4AA_b5d508ca-6c58-49d3-b289-2379994233af.jpg%3Fv%3D1684137665&v=3&w=400&s=1-QTwd4gt304zdhsRO5FVCow&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

2c6242acef44a222fe1696540cee8f34d2f39b7d90c5957b24931e2578eb722a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 00:05:57 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 17214
expires: Wed, 15 May 2024 00:15:02 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 1A5D 16 KB
16 KB 74ms
40ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=100874&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0278%2F0391%2F0197%2Fproducts%2FOC-08-I6AA.jpg%3Fv%3D1684137366&v=3&w=400&s=rN3PEu0qX03cAs-1093G7oaX&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

a40825f19dae4b870f5a3c411942fd8d5ab9e075cc99983b74f139fd4c856c4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 00:05:57 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 16528
expires: Tue, 14 May 2024 03:16:58 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 1A5D 12 KB
12 KB 66ms
32ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=100874&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0278%2F0391%2F0197%2Fproducts%2FOC-06-L6AA.jpg%3Fv%3D1684135881&v=3&w=400&s=aqp16aW9GmGtniwmT7bqsGjI&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

26c0852383ebdaa27c96e567badd91da836ccdd5cccf3ec937295c142c449e5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 00:05:57 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 12160
expires: Tue, 21 May 2024 20:55:32 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 1A5D 0
128 B 48ms
15ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=ec8s4A8RtmAPtjM5m8kFefULf_SF9vlYCUkU7taTqoOIY8I3TYFqCQANgBxDipFPpcbbL802p-98k6DGlwb4wZkyAltXAtTV9L4MKSEqVrRDW7GWlnROm2BqgU2xnS84ce9un_5FdT8_QQvR2WtMJKTcjZZZOLdg7rsKWvuP3iVBTjbcY1dJmazq8L-2rrS_VnDwUJuiwufDNvFvNMrMPX8lYL69nus47UMHPIWYpQ3IOSmjh4N5FdqWATW1zqHvKWv3Vw&sds=2&rev=86437&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 28 May 2023 00:05:57 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 1A5D 2 KB
1 KB 15ms
15ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 00:05:58 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 22 May 2024 00:05:58 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 1A5D 2 KB
1 KB 14ms
14ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 00:05:58 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 22 May 2024 00:05:58 GMT

GET
H2

200

generic
match.adsrvr.org/track/cmf/ Frame F0B0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=smartstreamtv_dbm&google_cm&google_dbm
https://ads.smartstream.tv/cm/?cmsrc=dcm&google_gid=CAESENG6wG-7rbdZRUVpPVwlREA&google_cver=1
https://cm.adsafety.net/?_cmsrc=dcm&testmidt=1&testdid=CAESENG6wG-7rbdZRUVpPVwlREA&idt=0&did=0&data[stv][midt]=100&data[stv][mdid]=37b5d98dbf86cd0dbc521231bccf8460&uid=37b5d98dbf86cd0dbc521231bccf8...
https://match.adsrvr.org/track/cmf/generic?ttd_pid=admans&ttd_tpi=1&gdpr=1&gdpr_consent=

70 B
264 B

33ms
32ms

Image
image/gif

3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=admans&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMmp1wIQ19vYAhjU3vPiATAB&v=APEucNVOB5P1ZWIRCR-GRP-TjeZuLws2dDXlG_o7UxYyMgvAoyy8hLksKgs_yP-x10sjQ4ElpWEsLtrd3g7vVHatz8xUf07aPFJoQtkSdDRqxiE4b7Fq-RmQDA3KVbCuwvTTMQVfA60GiKyvG3FtLYnVhuSSyIfqSFLa-FlqP_g4vrFZC81HdNpmqh37vhU1x6VU0glj_j91jAOnLVJ-OXWWZp_GX1ezhI2pBNlenxdalge_kp6V7Mc
Protocol: H2
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 28 May 2023 00:05:58 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

Pragma: no-cache
Date: Sun, 28 May 2023 00:05:58 GMT
Last-Modified: Sun, 28 May 2023 00:05:58 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=admans&ttd_tpi=1&gdpr=1&gdpr_consent=
Cache-Control: must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private
Connection: keep-alive
Expires: Mon, 28 Jul 1997 05:00:00 GMT

GET
H2

200

sync
ad.sxp.smartclip.net/ Frame F0B0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=smartclip_dbm&google_cm&google_dbm
https://ad.sxp.smartclip.net/sync?type=host&dsp=10&dspuuid=CAESEMUssBwJyInKUuD7ZSjswvI&google_cver=1
https://ad.sxp.smartclip.net/sync?type=host&dsp=10&dspuuid=CAESEMUssBwJyInKUuD7ZSjswvI&google_cver=1&ang_testid=1

42 B
445 B

23ms
23ms

Image
image/gif

35.186.194.101
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.sxp.smartclip.net/sync?type=host&dsp=10&dspuuid=CAESEMUssBwJyInKUuD7ZSjswvI&google_cver=1&ang_testid=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMmp1wIQ19vYAhjU3vPiATAB&v=APEucNVOB5P1ZWIRCR-GRP-TjeZuLws2dDXlG_o7UxYyMgvAoyy8hLksKgs_yP-x10sjQ4ElpWEsLtrd3g7vVHatz8xUf07aPFJoQtkSdDRqxiE4b7Fq-RmQDA3KVbCuwvTTMQVfA60GiKyvG3FtLYnVhuSSyIfqSFLa-FlqP_g4vrFZC81HdNpmqh37vhU1x6VU0glj_j91jAOnLVJ-OXWWZp_GX1ezhI2pBNlenxdalge_kp6V7Mc
Protocol: H2
Server: 35.186.194.101 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 101.194.186.35.bc.googleusercontent.com
Software: openresty/1.19.9.1 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 00:05:58 GMT
via: 1.1 google
server: openresty/1.19.9.1
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/gif
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

date: Sun, 28 May 2023 00:05:58 GMT
via: 1.1 google
server: openresty/1.19.9.1
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad.sxp.smartclip.net/sync?type=host&dsp=10&dspuuid=CAESEMUssBwJyInKUuD7ZSjswvI&google_cver=1&ang_testid=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 8E6B
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/e_y2fXTHHGdaVUktlqbVMw?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-UBMk1c5E2oJTcCdxQqVLhsg7zXPEHlwsEHOusw--~A

0
239 B

28ms
7ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-UBMk1c5E2oJTcCdxQqVLhsg7zXPEHlwsEHOusw--~A
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: e06182bf224d96e6550f4595601cdb0b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Sun, 28 May 2023 00:05:58 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-UBMk1c5E2oJTcCdxQqVLhsg7zXPEHlwsEHOusw--~A
content-length: 0

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 8E6B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEIgHqOMbUhTOTs5o61dIUIE&google_cver=1

0
239 B

7ms
7ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEIgHqOMbUhTOTs5o61dIUIE&google_cver=1
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: e06182bf224d96e6550f4595601cdb0b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Sun, 28 May 2023 00:05:58 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEIgHqOMbUhTOTs5o61dIUIE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 8E6B
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NDM1NTZlNzNiODUyMmFmNjFjZDYzZGE3ZGE1NWQxYjI2YzA0MmJhOA

170 B
243 B

83ms
47ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NDM1NTZlNzNiODUyMmFmNjFjZDYzZGE3ZGE1NWQxYjI2YzA0MmJhOA

Requested by

Host: wheregoes.com
URL: https://wheregoes.com/trace/20232483605/

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 May 2023 00:05:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NDM1NTZlNzNiODUyMmFmNjFjZDYzZGE3ZGE1NWQxYjI2YzA0MmJhOA
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: cc9654c54e9aa67bf2b10be1073297a8
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

setuid
px.ads.linkedin.com/ Frame 8E6B
Redirect Chain

https://token.rubiconproject.com/token?pid=36584
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LI6NU16A-25-XAT

0
648 B

143ms
106ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LI6NU16A-25-XAT
Requested by: Host: wheregoes.com
URL: https://wheregoes.com/trace/20232483605/
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 00:05:58 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 847681BEC519497D839BFF98B64F3278 Ref B: FRAEDGE1711 Ref C: 2023-05-28T00:05:58Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX8tbwUWQQDUk1aIAmsVw==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LI6NU16A-25-XAT
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: cc9654c54e9aa67bf2b10be1073297a8
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 8E6B
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=H2QIgw2EQ5yP10NV3EtfMA&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=H2QIgw2EQ5yP10NV3EtfMA

43 B
479 B

114ms
113ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=H2QIgw2EQ5yP10NV3EtfMA

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 May 2023 00:05:58 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: G2GK696ZB07BPEHTX5MD
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=H2QIgw2EQ5yP10NV3EtfMA
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: e06182bf224d96e6550f4595601cdb0b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame 8E6B 70 B
265 B 106ms
34ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon
Requested by: Host: wheregoes.com
URL: https://wheregoes.com/trace/20232483605/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 28 May 2023 00:05:58 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame 8E6B
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=aUCEJS0ZQAizp5WFZjWSMw&rk=usync-other
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=aUCEJS0ZQAizp5WFZjWSMw

43 B
479 B

39ms
38ms

Image
image/gif

67.220.226.233
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=aUCEJS0ZQAizp5WFZjWSMw

Protocol

HTTP/1.1

Server

67.220.226.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 May 2023 00:05:58 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: VNMM752HT154Z8QZP4ZQ
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=aUCEJS0ZQAizp5WFZjWSMw
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: e06182bf224d96e6550f4595601cdb0b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 8E6B
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEk2TlUxNkEtMjUtWEFU
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMi2M2VJB5z2qIf6Ln_LT6U&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEk2TlUxNkEtMjUtWEFU&google_push=

170 B
232 B

47ms
46ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEk2TlUxNkEtMjUtWEFU&google_push=

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 May 2023 00:05:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEk2TlUxNkEtMjUtWEFU&google_push=
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: e06182bf224d96e6550f4595601cdb0b
Expires: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CCE2 0
20 B 69ms
69ms Ping
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8047586605672&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 May 2023 00:05:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CCE2 0
20 B 69ms
69ms Ping
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8047586605672&version=m202301230201&ct=119&x=10&cor=7856757008322430000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 May 2023 00:05:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame CCE2 82 KB
35 KB 82ms
81ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ClZGkQ84RY_-TH0gGhJUCcvtohMBAHxtpPtOjlKPhmGROhinu2exiUhljc757Y1600S4cfj5yb094BG8UEA5GxFwHixoQTlsM_pxozivICMEjnZGUFLc_lmEzGGRQfxax3FdDrd2Ax0834L4CihBVEqnPv6SOhddSeHhGfwrAMh7ycPj8&cry=1&dbm_d=AKAmf-AUFX0egS9RrZ86iGetH9g_zhshsiKw6Y7i8G2zaPa80IEfa2-KOmNfKRFL7AqSNIR9lHtdY4-e41owlRJKRquDk3nT3VlAKDJlwEh5EDBIa6l2_ge5RUqZc5xdwMe4I0Y5dTJkUMwLucVrPYs164U609OhY_EVo3p337gOVmnHIOH2iQgUp5tzNnOn8rbnQtqb8FsN0q4KG6o021eP-qV5cQ1riF1dkuUb4gRVF0N1hVO8Ifs4V9hKFP_0zqnQOxojqsA13Le5liRiG9g8j_Pkcl5EbxjEzJgEBrl0QcglYqgnPYIrTV2Ws0TeCqH1TDdj2sxKjdaBBDWquJJftgPAsfzqPy0It9eUPi2TvsWRDeNRoykkbQLOmPo1Qn9oSffSusn7_z9fNbuJW7nWPr_-tiHaj1zlHph5csajjAhOaPXoLl0zYUKU70Wk6tvK3-atuSnn1XYjffhV_DSAv7OJ24D9VjZ6NUcjs7c8UcDIL88Vf6WmAypm0fHhrnhLAbEXje5F11tFVgWFlAV7SwQ3eUlL7LvZRZh_23RYhkq86rn_cYrhjrWOuv0YIKXKZlGVIlcVrnanLLnX5u-qB4bfx36zaWdmo8YoN2YPt5O-JsurbGzZRSkmmxkIoxY26kBFPTg-WfuV_j-nTjAAnI6bkwyRCgRfMjPd-ax8M7YqdpJc6SyBBMgBW_gtrBIVuhtMaYDx3cscq4Mnm7S92Mgtu6btKz6hNYqFxy2fhn6qUX83qdOpxcd3ydSzuG6FBXx5LCNS2ukRVjaxO0T0MwgVavrZbL9eOliNv1hLBtBFAPGoIzS0N05btIttWKSAFvb7KquxKzlRXOe3MNhtzD4vhnNv91EEuHIU9eS18tjIGjOqReKraSugKz7rK9p63CJbBb4hyUL418n7wG0bRYCh1Wr9NlghdMzjCXFvPS7CU-Um3MYx3dtehv8SYkOzEndxScNIr_9K5YJLpZd9Qs7d7XEC0LrljEaSXk-p6U8YlyUVH5ipaJ_7gZJaBFWjG5dxP0xIKNepC4LQAr9aJO3eMz9HyQOOfsDe1ke6OCpBf1Ik3m0QE35B2LRUiodkHM94eDw54BkvImaPBiX6kCE-DRFvz4InaXVxc6MHVXVeIBPnEG-ZrMCvblqXZaJWKhvX5h_VxwvumdzyQrea11vDf9XIyPe0lFxDqWUUNgkOjTOueH35B8NrwGn065QgOp42hAuW9m9Grj4UlxyHJ9WAYKbwc8AAtf1PjrrLpa_betya-lbWdcMkAwnnxgXCc8r7T5A06olX_0LesVZpGz3xf5F87R_YQmSmdxMOVNe-o0HIo2NFOhCNpzgCSsVXKr0cs_XYNp7WaMUM__f59f2BEZ6tz12dbi2qKW_LFZYIL7-B3ltZTLTFOaNFRnqBOJzUIBkznKMdTjL5cLZkwBXDmlJHE1bVL9goa_MO1ZIC9ToOP9OzY0cwWL_UCQaYFrLkLdW1OojuvwtJab3m3Jqn_VwiRlJhsQuggoVySBKWM6a1YmX9SFJQYVK8Srysgr38YGOIzGGBsedJsNfIfgjco-jmBfLtuPf-keNDJBLqcs5i-ASacY7pZMaOfaCl1KAZAVoEDjuE6855l9MJi-iKSxbNE_H8Fbg4SJgq_faVoY7kBJftzerdIS649W2r_-IwCO5zLn4CF9NOgHhxqFBkcctfEdT3BQzkQR-d8GYBH07_h8I1MDP0D71uoJh5F3jlRjlagFcj0PtZCq3e_xDh5MfTlhbogdqsDvyyaBF8mc8OLO7e-syqKirpIanOGmyYc49Zsk2TO7lVCcaBWeJ6WDKmbu3b0KzSUELszGnt4_nSndraN2t0aA4xbETdAnbwF2ajvdmgJFykd9sKXHkaxMOidBrC6HQ5a3Oqg2Y5qhR5vqpDgsAiJr8jYXctekPwhCCOw-FBkw1POKxwsJyfF9KFYOeMx95_2IuFZ5k5IV09zUCoxcIZD5Hw62WCvmiNHQyiovdP0Xdxxk_EW9pPuIL6QvMjPSE5QrY4_rdDeHhzau_5zTl2EkgNxFXvRuOn3aR9R1n3mpiLn1ACRH3pl1ZLzr11SRHTgo2WyPO-n1gdrwq3U71dbye4cG42W68Cr4O0d-KkLkqgW0S8OIIXtVeaR9K6hKXkilR8fboGRhouYMETt-k7wWriYMs4wQGRoW85_44eU18VXUrlPv9giTfO5AQ-Xh1g1b-n18x5nlbUTPlSASQf_SpYRvHY5VEMnIrXQM8EHlu8I-N1nMlhB7ObTtiIqoW4A_nuESCXYtvPRlqVfpDsEMmUVJ5YqLxrBY3aA-mmhfhzlgnlCSRgXAf5Rw5PD2OxNtni48mYMqLsZDznMQ2ViZtMiFYSDTc_RSOQykCPcmU23y3inR35d16DORlYfhTUpT76QPyUwBQ0IXdQ3p1A5Oh4lF-a4VCzvb2dB2lwHmYMXIoE0HLQNiULfITAYEP95cI6UA2i1z3xIOjtFcCiW24mqThq1YmZScgT6bmfgJjHbjUBVDLdDJTKeVxUuIs_aJvBJ91ZG0BzkiOwxbiEUS4LoKeAywYJtYm_FKMq35Nf5wWvZ38FmEsnFv8e4sY9SsvaFRebiaNbsLxM7trSiDx0qwv4nDWRaJteb2i1dRZ_yNRwbeLfle3VjbtFuPp9aWu47wQb2-3JdpHPwH_MY5hi55ZSgck70RMejbuAabg9LEXRXhUye1ryEcLcT9bQQMDMtw1TTwk2Jn184EWVDw-HPpoU_aylgjLxArtqtAljPFDgsByez5z3j6cgBH3lzGC0fK8KqlLYynXXonWbwszTD62S8FvZDRGWbTGOqFnwBUdIeA7Jxf3VLg3UAu2hBBCcwLOUPyQvV49IOHCF5U-xnWUJLsCo1DHkqQ60ESrVF0qi0gI3BPcl3djoX1nf6bAKK1oxCFyAF-ixEjYwzDKWVxvDFgbvI83d9d3O918MqMUSfGE_ND0ihe-sJgW_hQ_60uO0CJW1_ZfvPcZnC-XUsA4OPnpOdakEb8Gvf_TOZNLpdlYAQLzyCxFlqhjrpAfm8XoWggu8uBBcjtW9gzYK7CFDRnens6lyIA00cbUdUCM6hh6psoCebLqay2RKpIe9bXqmlcH5esfLwEQFTjkS80PGRKpjBNskm2hTTW8qngm4xjATBrIwAglVJ3D0GllMMXVIy_hBRWscvUeh4lFfJsu2K8ubIGdXPhy744R8rvvnv2JQMrMhOCfqs8IcdP0wuZBZgDH_2PKTkaEFt2iY5C6s79xiUMIgrUjxBtGr6QQpsX-q9okVeB1FlqwFZx39zhM8VVySfSC7D_TEsLTW9_93UUZGRgjq9E4dWrDzPd684-udypei1w&cid=CAQSGwBygQiDy6zWNHisijyPV8ZQJBjj8ebKmqTnmRgB&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwheregoes.com%2Ftrace%2F20232483605%2F&ds=l&xdt=0&iif=1&cor=7856757008322430000&adk=909092568&idt=154&cac=0&dtd=22

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6f49c94c221791c04cf09954b71cac2bb35793279047560b502fa8ae189d0281

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 May 2023 00:05:58 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35213
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 735A 13 KB
5 KB 40ms
37ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wheregoes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 10773
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 27 May 2023 21:06:25 GMT
expires: Sun, 26 May 2024 21:06:25 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 07DE 783 B
1 KB 131ms
46ms Document
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c8f2cd96c961c0d7f46f9da788bafb8c5d328af34afe637d3ab462b60687be8e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-MfmDjuwJ1tBFTn_WoVVenw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://wheregoes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-MfmDjuwJ1tBFTn_WoVVenw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 28 May 2023 00:05:58 GMT
expires: Sun, 28 May 2023 00:05:58 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2

200

sync
x.bidswitch.net/ul_cb/ Frame 9D51
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-ETEyNAfyAxJKbFc1RE-gSZrbp9BDwfL-OA2vVQ&expires=30
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-ETEyNAfyAxJKbFc1RE-gSZrbp9BDwfL-OA2vVQ&expires=30

43 B
345 B

11ms
10ms

Image
image/gif

3.68.180.113
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-ETEyNAfyAxJKbFc1RE-gSZrbp9BDwfL-OA2vVQ&expires=30
Protocol: H2
Server: 3.68.180.113 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-68-180-113.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 00:05:58 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

Redirect headers

location: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-ETEyNAfyAxJKbFc1RE-gSZrbp9BDwfL-OA2vVQ&expires=30
date: Sun, 28 May 2023 00:05:58 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame 9D51
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-ZA_blAfyAxJKbFc1RE-gSZrbp9CA0Mbc_odkBQ&google_cm&google_hm=ay1aQV9ibEFmeUF4SktiRmMxUkUtZ1NacmJwOUNBME1iY...
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-ZA_blAfyAxJKbFc1RE-gSZrbp9CA0Mbc_odkBQ&google_gid=CAESEB4wERfmyLTJ3ID5X-NL97o&google_cver=1&google_ula=913071,0

43 B
369 B

17ms
17ms

Image
image/gif

178.250.7.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-ZA_blAfyAxJKbFc1RE-gSZrbp9CA0Mbc_odkBQ&google_gid=CAESEB4wERfmyLTJ3ID5X-NL97o&google_cver=1&google_ula=913071,0

Protocol

Server

178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 May 2023 00:05:58 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 768049
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 28 May 2023 00:05:58 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-ZA_blAfyAxJKbFc1RE-gSZrbp9CA0Mbc_odkBQ&google_gid=CAESEB4wERfmyLTJ3ID5X-NL97o&google_cver=1&google_ula=913071,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 398
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame 9D51
Redirect Chain

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5406120377368137467

43 B
371 B

54ms
17ms

Image
image/gif

178.250.7.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5406120377368137467

Protocol

Server

178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 May 2023 00:05:57 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1801487
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Sun, 28 May 2023 00:05:58 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.213.155.141; 185.213.155.141; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: d77dd1cd-4501-49fa-9200-9e20229fe300
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5406120377368137467
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK setuid
secure.adnxs.com/ Frame 9D51 43 B
1 KB 48ms
13ms Image
image/gif 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/setuid?entity=52&code=k-I51QFgfyAxJKbFc1RE-gSZrbp9CXVKkQvIlKXg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 May 2023 00:05:58 GMT
AN-X-Request-Uuid: 4f5137f3-16e4-49a0-9feb-c391a7aa70bb
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.141; 185.213.155.141; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cksync.php
contextual.media.net/ Frame 9D51 61 B
803 B 79ms
44ms Image
image/gif 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-qQpafQfyAxJKbFc1RE-gSZrbp9CV23wBkQpUVQ

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Sun, 28 May 2023 00:05:58 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 61
x-mnet-hl2: E
expires: Sun, 28 May 2023 00:05:58 GMT

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame 9D51 0
239 B 35ms
7ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-QRZ9RwfyAxJKbFc1RE-gSZrbp9C0usWxc_f8Kw&expires=30
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=12F10575BFC817E0&u=%7CIC%2BrATLYZKtX74gq%2Bc6p7MAvdOBtpvYX%2FKAaG4Gt7Fg%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU870gEAOzIR7LKk_mcvZ6vJsCmbh3GlMA9xW1E4e--yQkBCvTujtwhnkE7UomXZXVswmsA17itRYAOZTALqbApMURvT7YOOlW8h4Ff092eqbn5GMzzBI6oDeC_0xN36VuITFfOwr01f1af3xuK7kBWMr-W95x53I2tRwxXnzLNNS8LmEP5V0uI5h3Bh10fOb1XMr9et9vWHrTGyCWd5nwafsIRe287TBrLM9YhJJDBWWWxMtKZcZsGv0ZiQk7YIzTtDkM32cDgUZxNlJvgE55QQIhFKG19mxXdq0p2Z3OaHSiFnTuKIy_2kIhNjbRo2dmYeUCRCm1uX6hS1fBYgld2shpTZuz3jBNG2-Kk9bjeRDgx0CJFrLf7kBFSOUTvx71IlpxPVUYLpn4VMphT-ORR3ZYeOceQVzVz91mohGgpXdbtdiZ30Elj6A-wLVCWVzsgVktR550cEi54UgT3MbaBOlF89fJxsvCALd_OyMr-Kt9tSoEpmrTAAW7Lt3u40en2S9Rc0LAh7nz7ss9BIduJlwVvYIpdEYmcO0zK3YhLhBIVPmoYLpg3tcDwsUtGh5SIJzMVnipbsJPWBOf3SD_85AaxjTfQGMg_BW_qtnXTYE0o0YkFZP_57eS3Li-LAbxCXf2F49IsVYj4
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: e06182bf224d96e6550f4595601cdb0b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 204 v1
match.sharethrough.com/sync/ Frame 9D51 0
364 B 42ms
7ms Image
text/plain 35.157.25.132
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-bnK-lAfyAxJKbFc1RE-gSZrbp9BVHLiZxYnD-Q
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=12F10575BFC817E0&u=%7CIC%2BrATLYZKtX74gq%2Bc6p7MAvdOBtpvYX%2FKAaG4Gt7Fg%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU870gEAOzIR7LKk_mcvZ6vJsCmbh3GlMA9xW1E4e--yQkBCvTujtwhnkE7UomXZXVswmsA17itRYAOZTALqbApMURvT7YOOlW8h4Ff092eqbn5GMzzBI6oDeC_0xN36VuITFfOwr01f1af3xuK7kBWMr-W95x53I2tRwxXnzLNNS8LmEP5V0uI5h3Bh10fOb1XMr9et9vWHrTGyCWd5nwafsIRe287TBrLM9YhJJDBWWWxMtKZcZsGv0ZiQk7YIzTtDkM32cDgUZxNlJvgE55QQIhFKG19mxXdq0p2Z3OaHSiFnTuKIy_2kIhNjbRo2dmYeUCRCm1uX6hS1fBYgld2shpTZuz3jBNG2-Kk9bjeRDgx0CJFrLf7kBFSOUTvx71IlpxPVUYLpn4VMphT-ORR3ZYeOceQVzVz91mohGgpXdbtdiZ30Elj6A-wLVCWVzsgVktR550cEi54UgT3MbaBOlF89fJxsvCALd_OyMr-Kt9tSoEpmrTAAW7Lt3u40en2S9Rc0LAh7nz7ss9BIduJlwVvYIpdEYmcO0zK3YhLhBIVPmoYLpg3tcDwsUtGh5SIJzMVnipbsJPWBOf3SD_85AaxjTfQGMg_BW_qtnXTYE0o0YkFZP_57eS3Li-LAbxCXf2F49IsVYj4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.25.132 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-25-132.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 00:05:58 GMT

GET
H2 200 /
rtb-csync.smartadserver.com/redir/ Frame 9D51 43 B
114 B 62ms
17ms Image
image/gif 185.86.139.93
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-TNRYggfyAxJKbFc1RE-gSZrbp9CYx0u6jDm9dA
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=12F10575BFC817E0&u=%7CIC%2BrATLYZKtX74gq%2Bc6p7MAvdOBtpvYX%2FKAaG4Gt7Fg%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU870gEAOzIR7LKk_mcvZ6vJsCmbh3GlMA9xW1E4e--yQkBCvTujtwhnkE7UomXZXVswmsA17itRYAOZTALqbApMURvT7YOOlW8h4Ff092eqbn5GMzzBI6oDeC_0xN36VuITFfOwr01f1af3xuK7kBWMr-W95x53I2tRwxXnzLNNS8LmEP5V0uI5h3Bh10fOb1XMr9et9vWHrTGyCWd5nwafsIRe287TBrLM9YhJJDBWWWxMtKZcZsGv0ZiQk7YIzTtDkM32cDgUZxNlJvgE55QQIhFKG19mxXdq0p2Z3OaHSiFnTuKIy_2kIhNjbRo2dmYeUCRCm1uX6hS1fBYgld2shpTZuz3jBNG2-Kk9bjeRDgx0CJFrLf7kBFSOUTvx71IlpxPVUYLpn4VMphT-ORR3ZYeOceQVzVz91mohGgpXdbtdiZ30Elj6A-wLVCWVzsgVktR550cEi54UgT3MbaBOlF89fJxsvCALd_OyMr-Kt9tSoEpmrTAAW7Lt3u40en2S9Rc0LAh7nz7ss9BIduJlwVvYIpdEYmcO0zK3YhLhBIVPmoYLpg3tcDwsUtGh5SIJzMVnipbsJPWBOf3SD_85AaxjTfQGMg_BW_qtnXTYE0o0YkFZP_57eS3Li-LAbxCXf2F49IsVYj4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.93 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 00:05:57 GMT
content-type: image/gif

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 9D51 0
99 B 62ms
15ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-IunG4wfyAxJKbFc1RE-gSZrbp9C2H8ZnwbEj4w
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=12F10575BFC817E0&u=%7CIC%2BrATLYZKtX74gq%2Bc6p7MAvdOBtpvYX%2FKAaG4Gt7Fg%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU870gEAOzIR7LKk_mcvZ6vJsCmbh3GlMA9xW1E4e--yQkBCvTujtwhnkE7UomXZXVswmsA17itRYAOZTALqbApMURvT7YOOlW8h4Ff092eqbn5GMzzBI6oDeC_0xN36VuITFfOwr01f1af3xuK7kBWMr-W95x53I2tRwxXnzLNNS8LmEP5V0uI5h3Bh10fOb1XMr9et9vWHrTGyCWd5nwafsIRe287TBrLM9YhJJDBWWWxMtKZcZsGv0ZiQk7YIzTtDkM32cDgUZxNlJvgE55QQIhFKG19mxXdq0p2Z3OaHSiFnTuKIy_2kIhNjbRo2dmYeUCRCm1uX6hS1fBYgld2shpTZuz3jBNG2-Kk9bjeRDgx0CJFrLf7kBFSOUTvx71IlpxPVUYLpn4VMphT-ORR3ZYeOceQVzVz91mohGgpXdbtdiZ30Elj6A-wLVCWVzsgVktR550cEi54UgT3MbaBOlF89fJxsvCALd_OyMr-Kt9tSoEpmrTAAW7Lt3u40en2S9Rc0LAh7nz7ss9BIduJlwVvYIpdEYmcO0zK3YhLhBIVPmoYLpg3tcDwsUtGh5SIJzMVnipbsJPWBOf3SD_85AaxjTfQGMg_BW_qtnXTYE0o0YkFZP_57eS3Li-LAbxCXf2F49IsVYj4
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 00:05:58 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13340

GET
H2 200 um
criteo-sync.teads.tv/ Frame 9D51 23 B
163 B 109ms
63ms Image
image/gif 104.111.217.42
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-1u74RgfyAxJKbFc1RE-gSZrbp9BknvrWzEq87A
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=12F10575BFC817E0&u=%7CIC%2BrATLYZKtX74gq%2Bc6p7MAvdOBtpvYX%2FKAaG4Gt7Fg%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU870gEAOzIR7LKk_mcvZ6vJsCmbh3GlMA9xW1E4e--yQkBCvTujtwhnkE7UomXZXVswmsA17itRYAOZTALqbApMURvT7YOOlW8h4Ff092eqbn5GMzzBI6oDeC_0xN36VuITFfOwr01f1af3xuK7kBWMr-W95x53I2tRwxXnzLNNS8LmEP5V0uI5h3Bh10fOb1XMr9et9vWHrTGyCWd5nwafsIRe287TBrLM9YhJJDBWWWxMtKZcZsGv0ZiQk7YIzTtDkM32cDgUZxNlJvgE55QQIhFKG19mxXdq0p2Z3OaHSiFnTuKIy_2kIhNjbRo2dmYeUCRCm1uX6hS1fBYgld2shpTZuz3jBNG2-Kk9bjeRDgx0CJFrLf7kBFSOUTvx71IlpxPVUYLpn4VMphT-ORR3ZYeOceQVzVz91mohGgpXdbtdiZ30Elj6A-wLVCWVzsgVktR550cEi54UgT3MbaBOlF89fJxsvCALd_OyMr-Kt9tSoEpmrTAAW7Lt3u40en2S9Rc0LAh7nz7ss9BIduJlwVvYIpdEYmcO0zK3YhLhBIVPmoYLpg3tcDwsUtGh5SIJzMVnipbsJPWBOf3SD_85AaxjTfQGMg_BW_qtnXTYE0o0YkFZP_57eS3Li-LAbxCXf2F49IsVYj4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.217.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-217-42.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

expires: Sun, 28 May 2023 00:05:58 GMT
pragma: no-cache
date: Sun, 28 May 2023 00:05:58 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

GET
H2 200 xuid
eb2.3lift.com/ Frame 9D51 37 B
140 B 38ms
8ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2711&xuid=k-3g44bgfyAxJKbFc1RE-gSZrbp9Dydxrewj3JPQ&dongle=013b
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=12F10575BFC817E0&u=%7CIC%2BrATLYZKtX74gq%2Bc6p7MAvdOBtpvYX%2FKAaG4Gt7Fg%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU870gEAOzIR7LKk_mcvZ6vJsCmbh3GlMA9xW1E4e--yQkBCvTujtwhnkE7UomXZXVswmsA17itRYAOZTALqbApMURvT7YOOlW8h4Ff092eqbn5GMzzBI6oDeC_0xN36VuITFfOwr01f1af3xuK7kBWMr-W95x53I2tRwxXnzLNNS8LmEP5V0uI5h3Bh10fOb1XMr9et9vWHrTGyCWd5nwafsIRe287TBrLM9YhJJDBWWWxMtKZcZsGv0ZiQk7YIzTtDkM32cDgUZxNlJvgE55QQIhFKG19mxXdq0p2Z3OaHSiFnTuKIy_2kIhNjbRo2dmYeUCRCm1uX6hS1fBYgld2shpTZuz3jBNG2-Kk9bjeRDgx0CJFrLf7kBFSOUTvx71IlpxPVUYLpn4VMphT-ORR3ZYeOceQVzVz91mohGgpXdbtdiZ30Elj6A-wLVCWVzsgVktR550cEi54UgT3MbaBOlF89fJxsvCALd_OyMr-Kt9tSoEpmrTAAW7Lt3u40en2S9Rc0LAh7nz7ss9BIduJlwVvYIpdEYmcO0zK3YhLhBIVPmoYLpg3tcDwsUtGh5SIJzMVnipbsJPWBOf3SD_85AaxjTfQGMg_BW_qtnXTYE0o0YkFZP_57eS3Li-LAbxCXf2F49IsVYj4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 00:05:58 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2

204

sync
ups.analytics.yahoo.com/ups/58301/ Frame 9D51
Redirect Chain

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-9UpKrgfyAxJKbFc1RE-gSZrbp9DiPDMetJoDkw
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-9UpKrgfyAxJKbFc1RE-gSZrbp9DiPDMetJoDkw&verify=true

0
288 B

12ms
12ms

Image
text/plain

3.71.149.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-9UpKrgfyAxJKbFc1RE-gSZrbp9DiPDMetJoDkw&verify=true

Protocol

Server

3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.57 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 00:05:58 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.57
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-9UpKrgfyAxJKbFc1RE-gSZrbp9DiPDMetJoDkw&verify=true
date: Sun, 28 May 2023 00:05:58 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.57
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 pixel
cm.adform.net/ Frame 9D51 43 B
164 B 72ms
20ms Image
image/gif 37.157.6.237
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-2Rhh7wfyAxJKbFc1RE-gSZrbp9BIS1Iw4ul-_Q
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=12F10575BFC817E0&u=%7CIC%2BrATLYZKtX74gq%2Bc6p7MAvdOBtpvYX%2FKAaG4Gt7Fg%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU870gEAOzIR7LKk_mcvZ6vJsCmbh3GlMA9xW1E4e--yQkBCvTujtwhnkE7UomXZXVswmsA17itRYAOZTALqbApMURvT7YOOlW8h4Ff092eqbn5GMzzBI6oDeC_0xN36VuITFfOwr01f1af3xuK7kBWMr-W95x53I2tRwxXnzLNNS8LmEP5V0uI5h3Bh10fOb1XMr9et9vWHrTGyCWd5nwafsIRe287TBrLM9YhJJDBWWWxMtKZcZsGv0ZiQk7YIzTtDkM32cDgUZxNlJvgE55QQIhFKG19mxXdq0p2Z3OaHSiFnTuKIy_2kIhNjbRo2dmYeUCRCm1uX6hS1fBYgld2shpTZuz3jBNG2-Kk9bjeRDgx0CJFrLf7kBFSOUTvx71IlpxPVUYLpn4VMphT-ORR3ZYeOceQVzVz91mohGgpXdbtdiZ30Elj6A-wLVCWVzsgVktR550cEi54UgT3MbaBOlF89fJxsvCALd_OyMr-Kt9tSoEpmrTAAW7Lt3u40en2S9Rc0LAh7nz7ss9BIduJlwVvYIpdEYmcO0zK3YhLhBIVPmoYLpg3tcDwsUtGh5SIJzMVnipbsJPWBOf3SD_85AaxjTfQGMg_BW_qtnXTYE0o0YkFZP_57eS3Li-LAbxCXf2F49IsVYj4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.237 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 00:05:58 GMT
last-modified: Thu, 11 May 2023 07:59:59 GMT
server: nginx
accept-ranges: bytes
etag: "645ca07f-2b"
content-length: 43
content-type: image/gif

GET
H2 200 sync
visitor.omnitagjs.com/visitor/ Frame 9D51 49 B
235 B 57ms
17ms Image
image/gif 185.255.84.152
IGUANE-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-fR-9egfyAxJKbFc1RE-gSZrbp9DYb37vmwnyOQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.152 , France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 May 2023 00:05:58 GMT
x-content-type-options: nosniff
server: ayl-lb-fra02
vary: Accept-Encoding
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 2
content-length: 49
expires: 0

GET
H/1.1

200
OK

rum
r.casalemedia.com/ Frame 9D51
Redirect Chain

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-3clGMQfyAxJKbFc1RE-gSZrbp9BJi20PbVTCxA
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-3clGMQfyAxJKbFc1RE-gSZrbp9BJi20PbVTCxA&C=1

43 B
766 B

7ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-3clGMQfyAxJKbFc1RE-gSZrbp9BJi20PbVTCxA&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 May 2023 00:05:58 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Sun, 28 May 2023 00:05:58 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=20&external_user_id=k-3clGMQfyAxJKbFc1RE-gSZrbp9BJi20PbVTCxA&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame 9D51
Redirect Chain

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=01TB7S78NQvUN_PexiXAClCBYbyC8S0y
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=01TB7S78NQvUN_PexiXAClCBYbyC8S0y

42 B
942 B

32ms
32ms

Image
image/gif

34.251.115.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=01TB7S78NQvUN_PexiXAClCBYbyC8S0y

Protocol

HTTP/1.1

Server

34.251.115.24 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-251-115-24.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v048-09053e61f.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: Aa7bKtP8RrE=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-1-v048-0258e02a1.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: vYAUxTytR2U=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=01TB7S78NQvUN_PexiXAClCBYbyC8S0y
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1 200 9.gif
id5-sync.com/s/966/ Frame 9D51 43 B
1 KB 24ms
7ms Image
image/gif 141.95.33.111
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/s/966/9.gif?puid=k-nrStkAfyAxJKbFc1RE-gSZrbp9CGZaATmLyJaw

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.33.111 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ns3203177.ip-141-95-33.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Sun, 28 May 2023 00:05:58 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding: chunked
p3p: CP="CAO PSA OUR"

GET
H2

200

match
ad.360yield.com/ul_cb/ Frame 9D51
Redirect Chain

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-5kN9ZAfyAxJKbFc1RE-gSZrbp9DVQTizqjIjQA
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-5kN9ZAfyAxJKbFc1RE-gSZrbp9DVQTizqjIjQA

43 B
447 B

33ms
32ms

Image
image/gif

34.240.89.45
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-5kN9ZAfyAxJKbFc1RE-gSZrbp9DVQTizqjIjQA
Protocol: H2
Server: 34.240.89.45 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-240-89-45.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 28 May 2023 00:05:58 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-5kN9ZAfyAxJKbFc1RE-gSZrbp9DVQTizqjIjQA
access-control-allow-origin: *
date: Sun, 28 May 2023 00:05:58 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 sync
matching.ivitrack.com/ Frame 9D51 42 B
274 B 68ms
20ms Image
image/gif 34.117.157.22
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://matching.ivitrack.com/sync?realm=criteo&uid=k-pQik3wfyAxJKbFc1RE-gSZrbp9BEJm6CC-1asQ
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=12F10575BFC817E0&u=%7CIC%2BrATLYZKtX74gq%2Bc6p7MAvdOBtpvYX%2FKAaG4Gt7Fg%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU870gEAOzIR7LKk_mcvZ6vJsCmbh3GlMA9xW1E4e--yQkBCvTujtwhnkE7UomXZXVswmsA17itRYAOZTALqbApMURvT7YOOlW8h4Ff092eqbn5GMzzBI6oDeC_0xN36VuITFfOwr01f1af3xuK7kBWMr-W95x53I2tRwxXnzLNNS8LmEP5V0uI5h3Bh10fOb1XMr9et9vWHrTGyCWd5nwafsIRe287TBrLM9YhJJDBWWWxMtKZcZsGv0ZiQk7YIzTtDkM32cDgUZxNlJvgE55QQIhFKG19mxXdq0p2Z3OaHSiFnTuKIy_2kIhNjbRo2dmYeUCRCm1uX6hS1fBYgld2shpTZuz3jBNG2-Kk9bjeRDgx0CJFrLf7kBFSOUTvx71IlpxPVUYLpn4VMphT-ORR3ZYeOceQVzVz91mohGgpXdbtdiZ30Elj6A-wLVCWVzsgVktR550cEi54UgT3MbaBOlF89fJxsvCALd_OyMr-Kt9tSoEpmrTAAW7Lt3u40en2S9Rc0LAh7nz7ss9BIduJlwVvYIpdEYmcO0zK3YhLhBIVPmoYLpg3tcDwsUtGh5SIJzMVnipbsJPWBOf3SD_85AaxjTfQGMg_BW_qtnXTYE0o0YkFZP_57eS3Li-LAbxCXf2F49IsVYj4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 22.157.117.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 00:05:57 GMT
x-envoy-decorator-operation: tag-manager.programmatic.svc.cluster.local:3000/*
via: 1.1 google
server: istio-envoy
content-type: image/gif
cache-control: public, max-age=86400
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2 200 push
exchange.mediavine.com/usersync/ Frame 9D51 0
885 B 43ms
10ms Image
text/html 3.74.6.110
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-WNYZkQfyAxJKbFc1RE-gSZrbp9Di2a4veYORsw
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=12F10575BFC817E0&u=%7CIC%2BrATLYZKtX74gq%2Bc6p7MAvdOBtpvYX%2FKAaG4Gt7Fg%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU870gEAOzIR7LKk_mcvZ6vJsCmbh3GlMA9xW1E4e--yQkBCvTujtwhnkE7UomXZXVswmsA17itRYAOZTALqbApMURvT7YOOlW8h4Ff092eqbn5GMzzBI6oDeC_0xN36VuITFfOwr01f1af3xuK7kBWMr-W95x53I2tRwxXnzLNNS8LmEP5V0uI5h3Bh10fOb1XMr9et9vWHrTGyCWd5nwafsIRe287TBrLM9YhJJDBWWWxMtKZcZsGv0ZiQk7YIzTtDkM32cDgUZxNlJvgE55QQIhFKG19mxXdq0p2Z3OaHSiFnTuKIy_2kIhNjbRo2dmYeUCRCm1uX6hS1fBYgld2shpTZuz3jBNG2-Kk9bjeRDgx0CJFrLf7kBFSOUTvx71IlpxPVUYLpn4VMphT-ORR3ZYeOceQVzVz91mohGgpXdbtdiZ30Elj6A-wLVCWVzsgVktR550cEi54UgT3MbaBOlF89fJxsvCALd_OyMr-Kt9tSoEpmrTAAW7Lt3u40en2S9Rc0LAh7nz7ss9BIduJlwVvYIpdEYmcO0zK3YhLhBIVPmoYLpg3tcDwsUtGh5SIJzMVnipbsJPWBOf3SD_85AaxjTfQGMg_BW_qtnXTYE0o0YkFZP_57eS3Li-LAbxCXf2F49IsVYj4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.74.6.110 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-74-6-110.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 00:05:58 GMT
cache-control: private, no-cache
access-control-allow-credentials: true
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: text/html; charset=utf-8

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame 9D51 0
145 B 378ms
94ms Image
text/plain 70.42.32.223
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-_D-czQfyAxJKbFc1RE-gSZrbp9D76cE3YduxZQ&initiator=partner
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=12F10575BFC817E0&u=%7CIC%2BrATLYZKtX74gq%2Bc6p7MAvdOBtpvYX%2FKAaG4Gt7Fg%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU870gEAOzIR7LKk_mcvZ6vJsCmbh3GlMA9xW1E4e--yQkBCvTujtwhnkE7UomXZXVswmsA17itRYAOZTALqbApMURvT7YOOlW8h4Ff092eqbn5GMzzBI6oDeC_0xN36VuITFfOwr01f1af3xuK7kBWMr-W95x53I2tRwxXnzLNNS8LmEP5V0uI5h3Bh10fOb1XMr9et9vWHrTGyCWd5nwafsIRe287TBrLM9YhJJDBWWWxMtKZcZsGv0ZiQk7YIzTtDkM32cDgUZxNlJvgE55QQIhFKG19mxXdq0p2Z3OaHSiFnTuKIy_2kIhNjbRo2dmYeUCRCm1uX6hS1fBYgld2shpTZuz3jBNG2-Kk9bjeRDgx0CJFrLf7kBFSOUTvx71IlpxPVUYLpn4VMphT-ORR3ZYeOceQVzVz91mohGgpXdbtdiZ30Elj6A-wLVCWVzsgVktR550cEi54UgT3MbaBOlF89fJxsvCALd_OyMr-Kt9tSoEpmrTAAW7Lt3u40en2S9Rc0LAh7nz7ss9BIduJlwVvYIpdEYmcO0zK3YhLhBIVPmoYLpg3tcDwsUtGh5SIJzMVnipbsJPWBOf3SD_85AaxjTfQGMg_BW_qtnXTYE0o0YkFZP_57eS3Li-LAbxCXf2F49IsVYj4
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.223 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sun, 28 May 2023 00:05:58 GMT
Cache-Control: no-cache
X-TraceId: 88a1ec673c3b04e761e1874cbf3735aa
Content-Length: 0

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame 9D51 42 B
579 B 58ms
16ms Image
image/gif 185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-W25k2AfyAxJKbFc1RE-gSZrbp9BO-ll76F2JLQ
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=12F10575BFC817E0&u=%7CIC%2BrATLYZKtX74gq%2Bc6p7MAvdOBtpvYX%2FKAaG4Gt7Fg%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU870gEAOzIR7LKk_mcvZ6vJsCmbh3GlMA9xW1E4e--yQkBCvTujtwhnkE7UomXZXVswmsA17itRYAOZTALqbApMURvT7YOOlW8h4Ff092eqbn5GMzzBI6oDeC_0xN36VuITFfOwr01f1af3xuK7kBWMr-W95x53I2tRwxXnzLNNS8LmEP5V0uI5h3Bh10fOb1XMr9et9vWHrTGyCWd5nwafsIRe287TBrLM9YhJJDBWWWxMtKZcZsGv0ZiQk7YIzTtDkM32cDgUZxNlJvgE55QQIhFKG19mxXdq0p2Z3OaHSiFnTuKIy_2kIhNjbRo2dmYeUCRCm1uX6hS1fBYgld2shpTZuz3jBNG2-Kk9bjeRDgx0CJFrLf7kBFSOUTvx71IlpxPVUYLpn4VMphT-ORR3ZYeOceQVzVz91mohGgpXdbtdiZ30Elj6A-wLVCWVzsgVktR550cEi54UgT3MbaBOlF89fJxsvCALd_OyMr-Kt9tSoEpmrTAAW7Lt3u40en2S9Rc0LAh7nz7ss9BIduJlwVvYIpdEYmcO0zK3YhLhBIVPmoYLpg3tcDwsUtGh5SIJzMVnipbsJPWBOf3SD_85AaxjTfQGMg_BW_qtnXTYE0o0YkFZP_57eS3Li-LAbxCXf2F49IsVYj4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Sun, 28 May 2023 00:05:57 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 sync
criteo-partners.tremorhub.com/ Frame 9D51 43 B
399 B 310ms
100ms Image
image/gif 2600:1f18:612b:4200:92b3:de3:12af:b1c1
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-partners.tremorhub.com/sync?UICR=k-4fK3vwfyAxJKbFc1RE-gSZrbp9Cv2f2CL2E6_g
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=12F10575BFC817E0&u=%7CIC%2BrATLYZKtX74gq%2Bc6p7MAvdOBtpvYX%2FKAaG4Gt7Fg%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU870gEAOzIR7LKk_mcvZ6vJsCmbh3GlMA9xW1E4e--yQkBCvTujtwhnkE7UomXZXVswmsA17itRYAOZTALqbApMURvT7YOOlW8h4Ff092eqbn5GMzzBI6oDeC_0xN36VuITFfOwr01f1af3xuK7kBWMr-W95x53I2tRwxXnzLNNS8LmEP5V0uI5h3Bh10fOb1XMr9et9vWHrTGyCWd5nwafsIRe287TBrLM9YhJJDBWWWxMtKZcZsGv0ZiQk7YIzTtDkM32cDgUZxNlJvgE55QQIhFKG19mxXdq0p2Z3OaHSiFnTuKIy_2kIhNjbRo2dmYeUCRCm1uX6hS1fBYgld2shpTZuz3jBNG2-Kk9bjeRDgx0CJFrLf7kBFSOUTvx71IlpxPVUYLpn4VMphT-ORR3ZYeOceQVzVz91mohGgpXdbtdiZ30Elj6A-wLVCWVzsgVktR550cEi54UgT3MbaBOlF89fJxsvCALd_OyMr-Kt9tSoEpmrTAAW7Lt3u40en2S9Rc0LAh7nz7ss9BIduJlwVvYIpdEYmcO0zK3YhLhBIVPmoYLpg3tcDwsUtGh5SIJzMVnipbsJPWBOf3SD_85AaxjTfQGMg_BW_qtnXTYE0o0YkFZP_57eS3Li-LAbxCXf2F49IsVYj4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4200:92b3:de3:12af:b1c1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Sun, 28 May 2023 00:05:58 GMT
server: nginx
content-type: image/gif

GET
H2 200 getusermatch.php
a.twiago.com/rtb/ Frame 9D51 43 B
153 B 63ms
21ms Image
image/gif 85.215.5.31
CRONON-BERLIN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.twiago.com/rtb/getusermatch.php?dataid=6&external_user_id=k-XpIuIwfyAxJKbFc1RE-gSZrbp9Bnzis5fJ_v4Q
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=12F10575BFC817E0&u=%7CIC%2BrATLYZKtX74gq%2Bc6p7MAvdOBtpvYX%2FKAaG4Gt7Fg%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU870gEAOzIR7LKk_mcvZ6vJsCmbh3GlMA9xW1E4e--yQkBCvTujtwhnkE7UomXZXVswmsA17itRYAOZTALqbApMURvT7YOOlW8h4Ff092eqbn5GMzzBI6oDeC_0xN36VuITFfOwr01f1af3xuK7kBWMr-W95x53I2tRwxXnzLNNS8LmEP5V0uI5h3Bh10fOb1XMr9et9vWHrTGyCWd5nwafsIRe287TBrLM9YhJJDBWWWxMtKZcZsGv0ZiQk7YIzTtDkM32cDgUZxNlJvgE55QQIhFKG19mxXdq0p2Z3OaHSiFnTuKIy_2kIhNjbRo2dmYeUCRCm1uX6hS1fBYgld2shpTZuz3jBNG2-Kk9bjeRDgx0CJFrLf7kBFSOUTvx71IlpxPVUYLpn4VMphT-ORR3ZYeOceQVzVz91mohGgpXdbtdiZ30Elj6A-wLVCWVzsgVktR550cEi54UgT3MbaBOlF89fJxsvCALd_OyMr-Kt9tSoEpmrTAAW7Lt3u40en2S9Rc0LAh7nz7ss9BIduJlwVvYIpdEYmcO0zK3YhLhBIVPmoYLpg3tcDwsUtGh5SIJzMVnipbsJPWBOf3SD_85AaxjTfQGMg_BW_qtnXTYE0o0YkFZP_57eS3Li-LAbxCXf2F49IsVYj4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 85.215.5.31 Berlin, Germany, ASN6786 (CRONON-BERLIN-AS, DE),
Reverse DNS
Software: Apache / PHP/7.3.30
Resource Hash: 5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 28 May 2023 00:05:58 GMT
server: Apache
x-powered-by: PHP/7.3.30
content-length: 43
content-type: image/gif

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame 9D51 0
400 B 63ms
28ms Image
text/plain 23.45.237.121
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-Yd_rvwfyAxJKbFc1RE-gSZrbp9CXMvrriTZZZQ
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=12F10575BFC817E0&u=%7CIC%2BrATLYZKtX74gq%2Bc6p7MAvdOBtpvYX%2FKAaG4Gt7Fg%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU870gEAOzIR7LKk_mcvZ6vJsCmbh3GlMA9xW1E4e--yQkBCvTujtwhnkE7UomXZXVswmsA17itRYAOZTALqbApMURvT7YOOlW8h4Ff092eqbn5GMzzBI6oDeC_0xN36VuITFfOwr01f1af3xuK7kBWMr-W95x53I2tRwxXnzLNNS8LmEP5V0uI5h3Bh10fOb1XMr9et9vWHrTGyCWd5nwafsIRe287TBrLM9YhJJDBWWWxMtKZcZsGv0ZiQk7YIzTtDkM32cDgUZxNlJvgE55QQIhFKG19mxXdq0p2Z3OaHSiFnTuKIy_2kIhNjbRo2dmYeUCRCm1uX6hS1fBYgld2shpTZuz3jBNG2-Kk9bjeRDgx0CJFrLf7kBFSOUTvx71IlpxPVUYLpn4VMphT-ORR3ZYeOceQVzVz91mohGgpXdbtdiZ30Elj6A-wLVCWVzsgVktR550cEi54UgT3MbaBOlF89fJxsvCALd_OyMr-Kt9tSoEpmrTAAW7Lt3u40en2S9Rc0LAh7nz7ss9BIduJlwVvYIpdEYmcO0zK3YhLhBIVPmoYLpg3tcDwsUtGh5SIJzMVnipbsJPWBOf3SD_85AaxjTfQGMg_BW_qtnXTYE0o0YkFZP_57eS3Li-LAbxCXf2F49IsVYj4
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.45.237.121 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-45-237-121.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 May 2023 00:05:58 GMT
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
Expires: Sat, 27 May 2023 00:05:58 GMT

GET
H2 200 sync
sync-criteo.ads.yieldmo.com/ Frame 9D51 0
38 B 98ms
31ms Image
text/plain 34.241.64.103
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-criteo.ads.yieldmo.com/sync?id=k-fMmi_AfyAxJKbFc1RE-gSZrbp9AneCBjnzX8BA&pn_id=criteo&ext=1
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=12F10575BFC817E0&u=%7CIC%2BrATLYZKtX74gq%2Bc6p7MAvdOBtpvYX%2FKAaG4Gt7Fg%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU870gEAOzIR7LKk_mcvZ6vJsCmbh3GlMA9xW1E4e--yQkBCvTujtwhnkE7UomXZXVswmsA17itRYAOZTALqbApMURvT7YOOlW8h4Ff092eqbn5GMzzBI6oDeC_0xN36VuITFfOwr01f1af3xuK7kBWMr-W95x53I2tRwxXnzLNNS8LmEP5V0uI5h3Bh10fOb1XMr9et9vWHrTGyCWd5nwafsIRe287TBrLM9YhJJDBWWWxMtKZcZsGv0ZiQk7YIzTtDkM32cDgUZxNlJvgE55QQIhFKG19mxXdq0p2Z3OaHSiFnTuKIy_2kIhNjbRo2dmYeUCRCm1uX6hS1fBYgld2shpTZuz3jBNG2-Kk9bjeRDgx0CJFrLf7kBFSOUTvx71IlpxPVUYLpn4VMphT-ORR3ZYeOceQVzVz91mohGgpXdbtdiZ30Elj6A-wLVCWVzsgVktR550cEi54UgT3MbaBOlF89fJxsvCALd_OyMr-Kt9tSoEpmrTAAW7Lt3u40en2S9Rc0LAh7nz7ss9BIduJlwVvYIpdEYmcO0zK3YhLhBIVPmoYLpg3tcDwsUtGh5SIJzMVnipbsJPWBOf3SD_85AaxjTfQGMg_BW_qtnXTYE0o0YkFZP_57eS3Li-LAbxCXf2F49IsVYj4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.241.64.103 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-241-64-103.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 00:05:58 GMT
content-length: 0

GET
H2 200 / Show response
adv.office-partner.de/ Frame 0657 930 B
931 B 44ms
8ms Document
text/html 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by: Host: hal900029.redintelligence.net
URL: https://hal900029.redintelligence.net/request.php?zone=knsinarql37c&nw=20&renderingType=javascript&namespace=354454591c&subid=&uid=29f0c7c5f293d076&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aapn&envData=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&ud=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D6428149483004828102%26mt_id%3D6622405%26mt_adid%3D216536%26redirect%3D&documentReferer=https%3A%2F%2Fwheregoes.com%2Ftrace%2F20232483605%2F&ancestorOrigins=https%3A%2F%2Fwheregoes.com&random=6818593416005&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer: https://wheregoes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=604800
content-encoding: gzip
content-length: 552
content-type: text/html
date: Sun, 28 May 2023 00:05:58 GMT
etag: "3a2-5c1ab16b3be00-gzip"
expires: Sun, 04 Jun 2023 00:05:58 GMT
last-modified: Thu, 06 May 2021 15:37:28 GMT
link: <https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server: keycdn-engine
vary: Accept-Encoding
x-accel-version: 0.01
x-cache: HIT
x-edge-location: defr

GET
H2 200 link.html Show response
track.webgains.com/ Frame 9346 2 KB
2 KB 155ms
73ms Script
text/html 18.135.173.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=97383300005799400951443012338029&nw=1
Requested by: Host: wheregoes.com
URL: https://wheregoes.com/trace/20232483605/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.135.173.74 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-135-173-74.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 62ebe194116046467031ad535133f2e9e2294901d8d11714f4bf6d2904f1a1ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 00:05:58 GMT
last-modified: Sun, 28 May 2023 00:05:58 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Sun, 28 May 2023 00:06:58 GMT

GET
H/1.1 200
OK request_content.php Show response
hal900029.redintelligence.net/ Frame 4172 7 KB
2 KB 40ms
15ms Document
text/html 88.99.219.174
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900029.redintelligence.net/request_content.php?s=97383300005799400951443012338029&a=4718c103
Requested by: Host: hal900029.redintelligence.net
URL: https://hal900029.redintelligence.net/request.php?zone=knsinarql37c&nw=20&renderingType=javascript&namespace=354454591c&subid=&uid=29f0c7c5f293d076&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aapn&envData=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&ud=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D6428149483004828102%26mt_id%3D6622405%26mt_adid%3D216536%26redirect%3D&documentReferer=https%3A%2F%2Fwheregoes.com%2Ftrace%2F20232483605%2F&ancestorOrigins=https%3A%2F%2Fwheregoes.com&random=6818593416005&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.219.174 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.174.219.99.88.clients.your-server.de
Software: Apache /
Resource Hash: 044431b9339043174ed3912016b6747243a1528056bdfe7fca4f5b5f057d91fe

Request headers

Referer: https://wheregoes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2086
Content-Type: text/html; charset=utf-8
Date: Sun, 28 May 2023 00:05:58 GMT
Expires: Sun, 28 May 2023 01:05:58 +0200
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 9346 43 B
702 B 74ms
51ms Image
image/gif 23.56.205.163
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2519595&v=14098&q=379097&r=296283&pref1=97383300005799400951443012338029&pv=1

Requested by

Host: wheregoes.com
URL: https://wheregoes.com/trace/20232483605/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.56.205.163 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-56-205-163.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 May 2023 00:05:58 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H/1.1

200
OK

inv.gif
img.tradedoubler.com/images/ Frame 9346
Redirect Chain

https://impfr.tradedoubler.com/imp?type(inv)g(24495172)a(1565155)epi(97383300005799400951443012338029)613189095
https://img.tradedoubler.com/images/inv.gif

43 B
621 B

45ms
7ms

Image
image/gif

13.224.189.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.tradedoubler.com/images/inv.gif

Requested by

Host: wheregoes.com
URL: https://wheregoes.com/trace/20232483605/

Protocol

HTTP/1.1

Server

13.224.189.31 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-31.fra2.r.cloudfront.net

Software

Apache /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Date: Fri, 26 May 2023 08:15:43 GMT
Via: 1.1 0e7eb16f335fe24acf3f13c5dee19c88.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
X-Amz-Cf-Pop: FRA2-C1
Age: 239064
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Fri, 19 Nov 2004 15:35:04 GMT
Server: Apache
Content-Type: image/gif
Accept-Ranges: bytes
X-Amz-Cf-Id: pmV-LojR_aOvC-l91q_7HEikdxfedJgLdpYW-CUkxr7SPCkMsYn6lw==

Redirect headers

pragma: no-cache
date: Sun, 28 May 2023 00:05:57 GMT
via: 1.1 google
referrer-policy: origin
server: TXServerHttp
p3p: policyref="http://tracker.tradedoubler.com/w3c/p3p.xml",CP="NOI DSP COR NID CUR OUR NOR"
location: https://img.tradedoubler.com/images/inv.gif
access-control-allow-origin: *
content-type: text/html; charset=ISO-8859-1
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 248

GET
H/1.1 200
OK rd_log Show response
ams3-ib.adnxs.com/ Frame 9346 0
935 B 15ms
14ms Script
text/html 185.89.210.101
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fwheregoes.com%2Ftrace%2F20232483605%2F&e=wqT_3QKXEugXCQAAAwDWAAUBCOW1yqMGEKrfqOLK8KyrQhgAKjYJVyO70jJSnz8RgVoMHqZ9lz8ZAAAA4HoU5j8hgQ0SACkRJMgxAAAAQOF6pD8w9e2zCzjKQUAdSAhQ_o27tgFYmNVSYABokfdreKb2BYABAYoBA1VTRJIFBvQOAZgBygegAVqoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAgDgAp_wP-oCKGh0dHBzOi8vd2hlcmVnb2VzLmNvbS90cmFjZS8yMDIzMjQ4MzYwNS_yAhoKE1tCSURfQVRUUi5leGNoYW5nZV0SA2FwbvICJgoPW1JBTkRPTV9OVU1CRVJdEhM2NDI4MTQ5NDgzMDA0ODI4MTAy8gLNAQoaW1VORU5DT0RFRF9DTElDS19SRURJUkVDVF0SrgFodHRwczovL3BpeGVsLm1hdGh0YWcuY29tL2NsaWNrL2ltZz9leGNoX2FpZD01Njg5MDAyNjE0NjQ0ODE3OTg0Jm10X2FpZD02NDI4MTQ5NDgZfgEbJGlkPTY2MjI0MDUBDihhZGlkPTIxNjUzNgEPJHNpZD00NTYyMzEFLBhleGlkPTEzARoYaW5hcHA9MAELQG9zPSZyZWRpcmVjdD3yAhcKPRdEZ2Rwcl9zdHJdEgDyAhkKFFtCMTEFGkBmbGFnXRIBMPICHgoUW0FEXyVMMGFkdmVydGlzZXJdEgYJjRDyAh0KEhUhLGNyZWF0aXZlXRIHNgm8EPICKAoRGV0cYmlkX2lkXRJWcwHYyAoKEltOT1RJRklDQVRJT05fVVJJXRKxCjxpbWcgc3JjPWh0dHBzOi8vdGFncy5tYXRodGFnLkEIHG5vdGlmeS9pLXQkPWFwbiZzX2V4YwkL0GlkPTVhVzk1cTJqTHpJekx5QXZUVzFSTUZwVVkzaE5iVWwwVFVSQmQwMURNSGROUkVGM1RGBRAQRVFYUk4FEABVERAJIExMelkwTWpneE5EazBPRE13TURRNAEQ8KRNREl2TmpZeU1qUXdOUzgwTlRZeU16RXlMekV6TDNCc1dqaFdSM1ZyYm5wcGNsUkxSa2hUTUVkSVdFeGhUVGw1TTFneFNHeG9UMEpNWkhaRlVtdDJRMnN2TVM4eE15OHdMekF2T1RVMk9EQXpMek14TVRjM09ETTVORGt2TWpFMk5UTTJMelkxTVRnM01TOHhMekF2TUM5TlJFRjNUVVJCZDAxRVEV1ARNdwkQEGRNVkVGCSAARQH0CeQZ9BBjdk1DOAV8CQhm_AAQWVcxekwBdDR6RXZPUzg1T1Rrdk1UWSEAXDROUzR5TVRNdU1UVTFMakF2TUM0d01EQQEgYDROVEl6TWpNMU55OHhOamcxTWpRME9UVTMlOPBVekV3TnpBeE5ERXYvNnFXYUVKeGhsYzRLUFUxNzhTVFJ2ZUE4NGJ3Jm5vZGVpZD0zMzA0Jmdyb3VwPWNkZyZhdWN0aW9uaWQ9NjQyODE0OTQ4MzAwNDhl6hQmcGJzX2FyIgAcc2hhcmRrZXlSPwAuiwMEY2l5tTxicD1hX2FkYWZpaCZtaW5fQfsgd2luPSR7QVVDRd3wlU1JTl9UT19XSU59Jm5meV9hY3Q9TEQ1d2V3JmJmaXA9MTg1LjI5LjEzNC4yMjgmdHlwZT1pbXAmY2xpZW50PWMycyB3aWR0aD0xIGhlaWdodD0xPlx4M0NkaXYgd2lkdGg9JzEnIGhlaWdodD0nMScgc3R5bGU9J2Rpc3BsYXk6bm9uZTsgb3ZlcmZsb3c6aGlkZGVuJwVDZXAJLjRsZWZ0Oi0xMHB4O3RvcA0KECBwb3NpIVQkOmFic29sdXRlJ2WgBCdobaEMcGl4ZTYVBRBldmVudGWhBG10gd0YMTM2ODg3NYGpkd0UNzY0JnYxgckEdjJSbAEsdjM9NjUxODcxJnY0tQAIdjU9jW0BTEhuc3luYz0xJm5vX2F0dHI9MScgUgwBAC9W6AAAORHnAQmC5gAAdD6HBBnlJa4obW1JbXBUcmFjayaViwBiQSQANEaHAgRzdBXSIHRpbWU9W0lNUKl3AQ8AXS7bAnLTAPB5L2Rpdj6AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AMA4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDzE4NS4yMTMuMTU1LjE0MagEALIEDwgAEAEY2AUgWigAMAA4ArgEAMAEAMgEANoEAggB4AQB8ATl8ViIBQGYBQCgBcCAsaHIt9n5TsAFAMkFAAUBFPA_0gUJCQULfAAAANgFAeAFAfAFi-tL-gUECAAQAJAGAJgGALgGAMEGASE0AADwP9AG-asB2gYWChAJEhkBXBAAGADgBgHyBgIIAIAHAYgHAKAHAaoHBkkhHMgHpvYF0gcNFW4BLwjaBwYBZ3AYAOAHAOoHAggA8Ae5yQKKCAIQAJUIAACAP5gIAQ..&s=e3068cc0bdd9a424e475c20c878775354ae39e81&bdref=https%3A%2F%2Fwheregoes.com%2Ftrace%2F20232483605%2F&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fwheregoes.com%2Ftrace%2F20232483605%2F,https%3A%2F%2Fwheregoes.com%2Ftrace%2F20232483605%2F&

Requested by

Host: wheregoes.com
URL: https://wheregoes.com/trace/20232483605/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 May 2023 00:05:58 GMT
AN-X-Request-Uuid: 9e4a5fe1-26be-4766-bec5-1d278a81c092
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 185.213.155.141; 185.213.155.141; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 WucCaKvgDQ9fmljOI_WvgP1fjZ6LWmR4VZAfUyHL0jo.js Show response
pagead2.googlesyndication.com/bg/ Frame 735A 37 KB
14 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WucCaKvgDQ9fmljOI_WvgP1fjZ6LWmR4VZAfUyHL0jo.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ae70268abe00d0f5f9a58ce23f5af80fd5f8d9e8b5a647855901f5321cbd23a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 14:40:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 379517
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14660
x-xss-protection: 0
last-modified: Mon, 22 May 2023 09:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 22 May 2024 14:40:41 GMT

GET
DATA 200
OK truncated
/ Frame 9346 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0f91b09ca01c28183f575dceafc26ec1af32be2affb67054a60b3bd309258343

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/png

POST
H/1.1 200
OK vevent
ams3-ib.adnxs.com/ Frame 9346 0
955 B 14ms
14ms Ping
text/html 185.89.210.101
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwheregoes.com%2Ftrace%2F20232483605%2F&e=wqT_3QLpCuhpBQAAAwDWAAUBCOW1yqMGEKrfqOLK8KyrQhgAKjYJVyO70jJSnz8RgVoMHqZ9lz8ZAAAA4HoU5j8hgQ0SACkRJMgxAAAAQOF6pD8w9e2zCzjKQUAdSAhQ_o27tgFYmNVSYABokfdreKb2BYABAYoBA1VTRJIFBvRsBJgBygegAVqoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAgDgAp_wP-oCKGh0dHBzOi8vd2hlcmVnb2VzLmNvbS90cmFjZS8yMDIzMjQ4MzYwNS-AAwCIAwGQAwCYAxegAwGqA9YGCo0GaHR0cDovL3RhZ3MubWF0aHRhZy5jb20vbm90aWZ5L2ltZz9leGNoPWFwbiZzX2V4Y2g9YXBuJmlkPTVhVzk1cTJqTHpJekx5QXZUVzFSTUZwVVkzaE5iVWwwVFVSQmQwMURNSGROUkVGM1RGUkJkMDFFUVhSTlJFRjNUVVJCZDAxRVFYZE5SRUYzTHpZME1qZ3hORGswT0RNd01EUTRNamd4TURJdk5qWXlNalF3TlM4ME5UWXlNekV5THpFekwzQnNXamhXUjNWcmJucHBjbFJMUmtoVE1FZElXRVZKTlZwYVpFcEZiRk54UlZSbFVXVmFaa3RUUVZVdk1TOHhNeTh3THpBdk9UVTJPREF6THpNeE1UYzNPRE01TkRrdk1qRTJOVE0yTHpZMU1UZzNNUzh4THpBdk1DOU5SRUYzVFVSQmQwMUVRWFJOUkVGM1RVTXdkMDFFUVhkTVZFRjNUVVJCZEUxRVFYZE5SRUYzVFVSQmQwMUVRWGN2TUM4d0x6QXZNQzh3THpZME1qZ3hORGswT0RNd01EUTRNamd4TURJdllXMXpMekF2TXpFdk9TODVPVGt2TVRZeUx6RTROUzR5TVRNdU1UVTFMakF2TUM0d01EQXZNVFk0TlRJek1qTTFOeTh4TmpnMU1qUTBPVFUzTHpFekx6RXdOekF4TkRFdi9sSC1FLWhhalNqX19vd2tzVXlTMEdFZVBuT1Umbm9kZWlkPTMzMDQmZ3JvdXA9Y2RnJmF1Y3Rpb25pZD02NDI4MTQ5NDgzMDA0ODI4MTAyJnBic19hdWN0aW9uaWQ9NjQyODE0OTQ4MzAwNDgyODEwMiZzaGFyZGtleT02NDI4MTQ5NDgzMDA0ODI4MTAyJnByaWNlPSR7QVVDVElPTl9QUklDRX0mYnA9YV9hZGFmaWgmbmZ5X2FjdD1MRDV3ZjNVJmJmaXA9MTg1LjI5LjEzNC4yMjgmc2lkPTQ1NjIzMTImY2lkPTY2MjI0MDUmc3JjPWFwaSZ0eXBlPW51cmwmY2xpZW50PXMycxITNjQyODE0OTQ4MzAwNDgyODEwMhoTNDc4MDIwNTQzNjkwNzk1ODE4NiIJMzgyNjUwMTEwKgYxMDE5MzY6BzY2MjI0MDXAA6wCyAMA2AMA4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDzE4NS4yMTMuMTU1LjE0MagEALIEDwgAEAEY2AUgWigAMAA4ArgEAMAEAMgEANoEAggB4AQB8AT-jbu2AYgFAZgFAKAFwICxoci32flOwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFi-tL-gUECAAQAJAGAJgGALgGAMEGCSMs8D_QBvmrAdoGFgoQCRIZAZgQABgA4AYB8gYCCACABwGIBwCgBwGqBwY2NTE4NzHIB6b2BdIHDQkRMQEvDNoHBggFCWjgBwDqBwIIAPAHuckCiggCEACVCAAAgD-YCAE.&s=db57ab409514156807a71421231990a311f9fb78&type=nv&nvt=5&jm=1003&px=315&py=440&bw=970&bh=90&sid=1445168801889258914&vd=ct~0|rr~0&sv=233&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=23918325&sw=1600&sh=1200&pw=1600&ph=2226&ww=1600&wh=1200&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/233/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 May 2023 00:05:58 GMT
AN-X-Request-Uuid: 2cb0c0fc-19a2-46ef-8a6c-389a045a4e12
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://wheregoes.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 185.213.155.141; 185.213.155.141; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame CCE2 106 KB
37 KB 138ms
38ms Script
text/javascript 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: wheregoes.com
URL: https://wheregoes.com/trace/20232483605/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wheregoes.com/
Origin: https://wheregoes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 27 May 2023 09:27:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 52725
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 28 May 2023 09:27:13 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230523/r20110914/elements/html/ Frame CCE2 11 KB
4 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230523/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ClZGkQ84RY_-TH0gGhJUCcvtohMBAHxtpPtOjlKPhmGROhinu2exiUhljc757Y1600S4cfj5yb094BG8UEA5GxFwHixoQTlsM_pxozivICMEjnZGUFLc_lmEzGGRQfxax3FdDrd2Ax0834L4CihBVEqnPv6SOhddSeHhGfwrAMh7ycPj8&cry=1&dbm_d=AKAmf-AUFX0egS9RrZ86iGetH9g_zhshsiKw6Y7i8G2zaPa80IEfa2-KOmNfKRFL7AqSNIR9lHtdY4-e41owlRJKRquDk3nT3VlAKDJlwEh5EDBIa6l2_ge5RUqZc5xdwMe4I0Y5dTJkUMwLucVrPYs164U609OhY_EVo3p337gOVmnHIOH2iQgUp5tzNnOn8rbnQtqb8FsN0q4KG6o021eP-qV5cQ1riF1dkuUb4gRVF0N1hVO8Ifs4V9hKFP_0zqnQOxojqsA13Le5liRiG9g8j_Pkcl5EbxjEzJgEBrl0QcglYqgnPYIrTV2Ws0TeCqH1TDdj2sxKjdaBBDWquJJftgPAsfzqPy0It9eUPi2TvsWRDeNRoykkbQLOmPo1Qn9oSffSusn7_z9fNbuJW7nWPr_-tiHaj1zlHph5csajjAhOaPXoLl0zYUKU70Wk6tvK3-atuSnn1XYjffhV_DSAv7OJ24D9VjZ6NUcjs7c8UcDIL88Vf6WmAypm0fHhrnhLAbEXje5F11tFVgWFlAV7SwQ3eUlL7LvZRZh_23RYhkq86rn_cYrhjrWOuv0YIKXKZlGVIlcVrnanLLnX5u-qB4bfx36zaWdmo8YoN2YPt5O-JsurbGzZRSkmmxkIoxY26kBFPTg-WfuV_j-nTjAAnI6bkwyRCgRfMjPd-ax8M7YqdpJc6SyBBMgBW_gtrBIVuhtMaYDx3cscq4Mnm7S92Mgtu6btKz6hNYqFxy2fhn6qUX83qdOpxcd3ydSzuG6FBXx5LCNS2ukRVjaxO0T0MwgVavrZbL9eOliNv1hLBtBFAPGoIzS0N05btIttWKSAFvb7KquxKzlRXOe3MNhtzD4vhnNv91EEuHIU9eS18tjIGjOqReKraSugKz7rK9p63CJbBb4hyUL418n7wG0bRYCh1Wr9NlghdMzjCXFvPS7CU-Um3MYx3dtehv8SYkOzEndxScNIr_9K5YJLpZd9Qs7d7XEC0LrljEaSXk-p6U8YlyUVH5ipaJ_7gZJaBFWjG5dxP0xIKNepC4LQAr9aJO3eMz9HyQOOfsDe1ke6OCpBf1Ik3m0QE35B2LRUiodkHM94eDw54BkvImaPBiX6kCE-DRFvz4InaXVxc6MHVXVeIBPnEG-ZrMCvblqXZaJWKhvX5h_VxwvumdzyQrea11vDf9XIyPe0lFxDqWUUNgkOjTOueH35B8NrwGn065QgOp42hAuW9m9Grj4UlxyHJ9WAYKbwc8AAtf1PjrrLpa_betya-lbWdcMkAwnnxgXCc8r7T5A06olX_0LesVZpGz3xf5F87R_YQmSmdxMOVNe-o0HIo2NFOhCNpzgCSsVXKr0cs_XYNp7WaMUM__f59f2BEZ6tz12dbi2qKW_LFZYIL7-B3ltZTLTFOaNFRnqBOJzUIBkznKMdTjL5cLZkwBXDmlJHE1bVL9goa_MO1ZIC9ToOP9OzY0cwWL_UCQaYFrLkLdW1OojuvwtJab3m3Jqn_VwiRlJhsQuggoVySBKWM6a1YmX9SFJQYVK8Srysgr38YGOIzGGBsedJsNfIfgjco-jmBfLtuPf-keNDJBLqcs5i-ASacY7pZMaOfaCl1KAZAVoEDjuE6855l9MJi-iKSxbNE_H8Fbg4SJgq_faVoY7kBJftzerdIS649W2r_-IwCO5zLn4CF9NOgHhxqFBkcctfEdT3BQzkQR-d8GYBH07_h8I1MDP0D71uoJh5F3jlRjlagFcj0PtZCq3e_xDh5MfTlhbogdqsDvyyaBF8mc8OLO7e-syqKirpIanOGmyYc49Zsk2TO7lVCcaBWeJ6WDKmbu3b0KzSUELszGnt4_nSndraN2t0aA4xbETdAnbwF2ajvdmgJFykd9sKXHkaxMOidBrC6HQ5a3Oqg2Y5qhR5vqpDgsAiJr8jYXctekPwhCCOw-FBkw1POKxwsJyfF9KFYOeMx95_2IuFZ5k5IV09zUCoxcIZD5Hw62WCvmiNHQyiovdP0Xdxxk_EW9pPuIL6QvMjPSE5QrY4_rdDeHhzau_5zTl2EkgNxFXvRuOn3aR9R1n3mpiLn1ACRH3pl1ZLzr11SRHTgo2WyPO-n1gdrwq3U71dbye4cG42W68Cr4O0d-KkLkqgW0S8OIIXtVeaR9K6hKXkilR8fboGRhouYMETt-k7wWriYMs4wQGRoW85_44eU18VXUrlPv9giTfO5AQ-Xh1g1b-n18x5nlbUTPlSASQf_SpYRvHY5VEMnIrXQM8EHlu8I-N1nMlhB7ObTtiIqoW4A_nuESCXYtvPRlqVfpDsEMmUVJ5YqLxrBY3aA-mmhfhzlgnlCSRgXAf5Rw5PD2OxNtni48mYMqLsZDznMQ2ViZtMiFYSDTc_RSOQykCPcmU23y3inR35d16DORlYfhTUpT76QPyUwBQ0IXdQ3p1A5Oh4lF-a4VCzvb2dB2lwHmYMXIoE0HLQNiULfITAYEP95cI6UA2i1z3xIOjtFcCiW24mqThq1YmZScgT6bmfgJjHbjUBVDLdDJTKeVxUuIs_aJvBJ91ZG0BzkiOwxbiEUS4LoKeAywYJtYm_FKMq35Nf5wWvZ38FmEsnFv8e4sY9SsvaFRebiaNbsLxM7trSiDx0qwv4nDWRaJteb2i1dRZ_yNRwbeLfle3VjbtFuPp9aWu47wQb2-3JdpHPwH_MY5hi55ZSgck70RMejbuAabg9LEXRXhUye1ryEcLcT9bQQMDMtw1TTwk2Jn184EWVDw-HPpoU_aylgjLxArtqtAljPFDgsByez5z3j6cgBH3lzGC0fK8KqlLYynXXonWbwszTD62S8FvZDRGWbTGOqFnwBUdIeA7Jxf3VLg3UAu2hBBCcwLOUPyQvV49IOHCF5U-xnWUJLsCo1DHkqQ60ESrVF0qi0gI3BPcl3djoX1nf6bAKK1oxCFyAF-ixEjYwzDKWVxvDFgbvI83d9d3O918MqMUSfGE_ND0ihe-sJgW_hQ_60uO0CJW1_ZfvPcZnC-XUsA4OPnpOdakEb8Gvf_TOZNLpdlYAQLzyCxFlqhjrpAfm8XoWggu8uBBcjtW9gzYK7CFDRnens6lyIA00cbUdUCM6hh6psoCebLqay2RKpIe9bXqmlcH5esfLwEQFTjkS80PGRKpjBNskm2hTTW8qngm4xjATBrIwAglVJ3D0GllMMXVIy_hBRWscvUeh4lFfJsu2K8ubIGdXPhy744R8rvvnv2JQMrMhOCfqs8IcdP0wuZBZgDH_2PKTkaEFt2iY5C6s79xiUMIgrUjxBtGr6QQpsX-q9okVeB1FlqwFZx39zhM8VVySfSC7D_TEsLTW9_93UUZGRgjq9E4dWrDzPd684-udypei1w&cid=CAQSGwBygQiDy6zWNHisijyPV8ZQJBjj8ebKmqTnmRgB&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwheregoes.com%2Ftrace%2F20232483605%2F&ds=l&xdt=0&iif=1&cor=7856757008322430000&adk=909092568&idt=154&cac=0&dtd=22

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a9b847c681a24b03ba8acc0b4dcd8aab9acf8c4d3131be784d488e2402d57427

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 27 May 2023 14:18:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35243
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4122
x-xss-protection: 0
server: cafe
etag: 11429739870029468282
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Jun 2023 14:18:35 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230523/r20110914/ Frame CCE2 29 KB
11 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230523/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a91fca903f7f2a3d051f657b5b25baed4e99b6c1e51bfee63737f73ff54f2b7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 27 May 2023 16:58:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25649
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11027
x-xss-protection: 0
server: cafe
etag: 5492578185836041520
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Jun 2023 16:58:29 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 4172 5 KB
1 KB 132ms
48ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Requested by

Host: hal900029.redintelligence.net
URL: https://hal900029.redintelligence.net/request_content.php?s=97383300005799400951443012338029&a=4718c103

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

30ece5ac4e330eb0d7d2f0ff3096f914def5a156abfd9f6f0352d03bcf40311b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900029.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 28 May 2023 00:05:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 28 May 2023 00:00:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 28 May 2023 00:05:58 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 4172 14 KB
14 KB 38ms
13ms Image
image/png 138.201.64.38
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/23333/creativesup/WW-Native-1200x627.jpeg
Requested by: Host: hal900029.redintelligence.net
URL: https://hal900029.redintelligence.net/request_content.php?s=97383300005799400951443012338029&a=4718c103
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.64.38 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.38.64.201.138.clients.your-server.de
Software: Apache /
Resource Hash: ba747b154c136ed6792d43a15aea5dbcc4764666920d6b630231a12c98475547

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900029.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sun, 28 May 2023 00:05:58 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 14250
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 4172 17 KB
17 KB 40ms
17ms Image
image/png 138.201.64.38
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/3839/creativesup/father_daughter_1200x627.jpg
Requested by: Host: hal900029.redintelligence.net
URL: https://hal900029.redintelligence.net/request_content.php?s=97383300005799400951443012338029&a=4718c103
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.64.38 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.38.64.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 4cdebf6c612db7500d8ae8b16bad75f246c6edfc6438d077ab4d59137f70c6e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900029.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sun, 28 May 2023 00:05:58 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16837
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 4172 16 KB
16 KB 39ms
16ms Image
image/png 138.201.64.38
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by: Host: hal900029.redintelligence.net
URL: https://hal900029.redintelligence.net/request_content.php?s=97383300005799400951443012338029&a=4718c103
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.64.38 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.38.64.201.138.clients.your-server.de
Software: Apache /
Resource Hash: eb69b0bb2bbc43b47c868b9f2dfbeb06e0764dff683b447985a73d8b01b3e7db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900029.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sun, 28 May 2023 00:05:58 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16515
Vary: Accept-Encoding
Content-Type: image/png

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame 0657 110 KB
43 KB 134ms
49ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Requested by

Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

19f0fe2f41dbdc3c3b096e94c04e6d0b40ce1c4c84e51677dd00f8174ca97731

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 00:05:58 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 43320
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 28 May 2023 00:05:58 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame CCE2 41 KB
15 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: wheregoes.com
URL: https://wheregoes.com/trace/20232483605/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 07:39:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 404785
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 May 2024 07:39:33 GMT

GET
H/1.1 200
OK rd_log Show response
ams3-ib.adnxs.com/ Frame CCE2 0
935 B 111ms
110ms Script
text/html 185.89.210.101
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: wheregoes.com
URL: https://wheregoes.com/trace/20232483605/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 May 2023 00:05:58 GMT
AN-X-Request-Uuid: 78fb8e74-7f61-4fa2-a532-4f4b140795d4
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 185.213.155.141; 185.213.155.141; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 07DE 0
0 71ms
70ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202305230101&jk=1203818401506877&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9346 0
0 75ms
75ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsua-cDFTbgHKqtwYcFQpPUZsz-c4BCaipFxNyYGvTNoWKNeCwT5FvCo_LjHpk-e_rcJsAsqtMNPeKqSz1CSS0y62gcDLsyizbMhT1Y-h8tcijMJ_9m3_OKZU-W3SVU2k3zxfZhPdbEjimXbto32_fjbYvVhE-fzoNseG6j-lDYPHD64TIiFJwtMXwYGhCKaCQHLFs4HYoM7wHovnBCdgSHmsxs5jUJSB2ZU_FhNkK1B6nH8gUQsW1zRQCNlKfDkhwBtHXlAHwQ55GntCriwv6b97sRRMIDoBVfoR1A_9NRV19Ah1HYIT-YCY-ZFnqQsRWxrJYwZ1q1l6zG0cVGCmhuWaUCy4O4y&sai=AMfl-YS7u-lEmqBadF2M-ivAneek0n53mib38KNFxpjg4TF12Rv9Cadnobp7Dx9HGDJ9gp7ni8qea0GdrrQzfjlyaO_uIXEdFnk6dOlOjCRyxcjav1qrKR_xny-F4JqhMlgu9nzgVkQglKVaqAHzDC4&sig=Cg0ArKJSzJrFNVJAv4N_EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 00:05:58 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 28 May 2023 00:05:58 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 9346 85 KB
31 KB 56ms
8ms Script
text/javascript 18.66.147.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=97383300005799400951443012338029&nw=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-52.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 00c5621a3f56c052959f8f0591b65e893f132b49b1447fde20767966cacbfbfe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 27 May 2023 22:08:06 GMT
content-encoding: gzip
via: 1.1 8b360b28aeb67c1982fcc466a05eef02.cloudfront.net (CloudFront)
last-modified: Wed, 15 Mar 2023 17:26:29 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 7073
etag: W/"876c293e6c37046ecb0c11ce2e276942"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: 4ng-cRTAZsFicEKI6EJDrXNftPhfQo8m2IXdjaWwjC2-LrkIR9dF-A==

GET
H2 200 1x1.gif
cdn.track.production.webgains.team/7121/ Frame 9346 85 B
437 B 35ms
7ms Image
image/gif 99.86.4.53
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/7121/1x1.gif?Expires=1685232658&Signature=LMjAh7Eq0J81T~4IjoynsN3kbMBq64mzMub2DAqAZKMF9OshOc2XvN5NEZYcC-pMj9~y8AKuSfNamRzigjhuzvOwsIEIiR876VyMB3vQbqbDOM8r7WMQri~R3O5SlFgAYJCtagCIYwZ630ftInR53gPMRPxq6edQHsP8gWNOwF4BgRzxI41GE~4ZIIYku7ev-KLktXY0ZoJg1VBxWlRFYQq3Dr~fNyZhcR6thyl2-Swq~k~cMd-foWkAY11WolFc1bxOAEGOsxEe7yvIvm4OyVOzVO47EUsQZU3-71cdAHgVJxbBI5klf~YloJZI~ji7acQ-4GT5zZjz4x94zx2J0g__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: wheregoes.com
URL: https://wheregoes.com/trace/20232483605/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-53.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 08409d08d8d118c6c6d1c375e079bfce656ac367ff4d1dd9551fff110033c185

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id: null
date: Sat, 27 May 2023 03:12:19 GMT
via: 1.1 82e9051d8d41080bd3028731e0e8677e.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 11:40:06 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 75224
etag: "70af33d70b6810475aae19743c8c435b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/gif
accept-ranges: bytes
content-length: 85
x-amz-cf-id: msFUeZYuw4Ag8YP8zIr9n3vYaf7cCRw0oCmQk0lhYPZa7cww3OIOww==

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 9D51
Redirect Chain

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=Jui3NgiUKvHc1pal_T199Wlit-N2W0cB

0
338 B

96ms
29ms

Image
text/plain

34.243.48.125
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=Jui3NgiUKvHc1pal_T199Wlit-N2W0cB
Protocol: H2
Server: 34.243.48.125 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-243-48-125.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-served-by: beacon-n021-dub-prod.krxd.net
date: Sun, 28 May 2023 00:05:58 GMT
cache-control: private, no-cache, no-store
x-request-time: D=29 t=1685232358
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=Jui3NgiUKvHc1pal_T199Wlit-N2W0cB
date: Sun, 28 May 2023 00:05:58 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 1047093
content-length: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame BC9B 22 KB
8 KB 39ms
38ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wheregoes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 359167
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 23 May 2023 20:19:51 GMT
expires: Wed, 22 May 2024 20:19:51 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 735A 0
10 B 39ms
39ms Image
text/plain 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Cq2jTA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 00:05:58 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1 200
OK viewability Show response
hal900029.redintelligence.net/ Frame 4172 0
150 B 36ms
13ms Script
text/html 88.99.219.174
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900029.redintelligence.net/viewability?s=97383300005799400951443012338029&a=7e217d73&vb=m
Requested by: Host: hal900029.redintelligence.net
URL: https://hal900029.redintelligence.net/request_content.php?s=97383300005799400951443012338029&a=4718c103
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.219.174 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.174.219.99.88.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900029.redintelligence.net/request_content.php?s=97383300005799400951443012338029&a=4718c103
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sun, 28 May 2023 00:05:58 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame 4172 13 KB
13 KB 132ms
46ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal900029.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 03:23:58 GMT
x-content-type-options: nosniff
age: 160920
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13052
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:09:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 25 May 2024 03:23:58 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame 4172 13 KB
13 KB 124ms
38ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal900029.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 17:12:56 GMT
x-content-type-options: nosniff
age: 197582
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13036
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:04:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 May 2024 17:12:56 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/4158533142830104492/ Frame 1B2E 74 KB
20 KB 109ms
36ms Document
text/html 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/4158533142830104492/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aabdfafa681a7cab14a3ab3382de35f87fa91dcbc153d76a00e71ff17afa8cbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wheregoes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 22844
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 20182
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sat, 27 May 2023 17:45:14 GMT
expires: Sun, 26 May 2024 17:45:14 GMT
last-modified: Mon, 06 Mar 2023 17:49:00 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame CCE2 0
0 180ms
73ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvdvTjQL5new-zlh9NZPGnaC6gvt5gDHy7Up2WOFdTTcMJu4PQvEEeCbCAsWD2DasJrLByfJVlQqfvx8OVgnEVZh5jM_md4fUB0N9S8eHTEOQGv3FrnDt1s7l5SgpJJEOyBPkecjSAkE5BYwWmXn7xjKay8LlcA&sai=AMfl-YQb8X7n2IzxmcNcLSHNYIzdIWkmQmMOzlUL6ERq61_0lAj7MCZAgQsqEru7g5gWaRVsiHMPv1XoFhr3S8Enoe0V2kBpfpHpBWUVqg&sig=Cg0ArKJSzCBWbUGowpDbEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=221&cbvp=1&cstd=217&cisv=r20230523.26884&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: wheregoes.com
URL: https://wheregoes.com/trace/20232483605/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 00:05:58 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 28 May 2023 00:05:58 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame CCE2 0
0 76ms
76ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss3zEHJ-tWbvEFS0qWk-DU8Sk28iz5RT3kwyya0Zv0OG-x8wuZ0lHwgB_0_pQUyqXH7dLm_KO5w-yZhF2JRMoezLcKJcvnAXJNeUt1_-BZ8rLinwsLfskjIR3_lI15Zatcu2Hh9P6SGpN7Q0ZNTSSMYCtM6440556W95fwrCHk11s2SaGSwjm4kJZsYsvNxL5sXkbbWLfuH01lTS4Oa7jHj_vNMFzDYj6531ThcoqlrQLNni7ATcW6FmUAC28C5W0l3vZTKugv9r-Jdz37tO6L7cZfA-Ez9nn9FKrnnUZVXFu9GVBThvvGo_UEAe8k_ehAVcoX-dBNYDWYhZJNBUarcA4V8azj66Cxtyg&sai=AMfl-YR0uPkzOpNKE1_klo0SySEkz0X_vL4-SzTU1xMUIuC0F9cptVD6IeZ6zcxP9u--Bo028AFk1p3Y8ReIJH2sOyefpTeFuAiGNAksFqYw11jQTWRmv74jw0wlnf4deHkTZAvIpYfh3D1KvFpwUbU&sig=Cg0ArKJSzFes8sxd3Dg7EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 00:05:58 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 28 May 2023 00:05:58 GMT

GET
DATA 200
OK truncated
/ Frame CCE2 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 85587148ca3afbbd2674193918a547b451eed394970bfe7fa5dd1e5be2b2e0f4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 b4kQu0tD4hSA-hVARc1fzzODE0daF2Vy-bPLW9uau78.js Show response
pagead2.googlesyndication.com/bg/ Frame BC9B 37 KB
14 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/b4kQu0tD4hSA-hVARc1fzzODE0daF2Vy-bPLW9uau78.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f8910bb4b43e21480fa154045cd5fcf338313475a176572f9b3cb5bdb9abbbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 20:55:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 356999
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14738
x-xss-protection: 0
last-modified: Mon, 15 May 2023 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 22 May 2024 20:55:59 GMT

POST
H/1.1 200
OK vevent
ams3-ib.adnxs.com/ Frame CCE2 0
955 B 14ms
14ms Ping
text/html 185.89.210.101
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwheregoes.com%2Ftrace%2F20232483605%2F&e=wqT_3QLhCuhhBQAAAwDWAAUBCOW1yqMGEIf0zIO9-PS7exgAKjYJo8haQ6m9qD8RehaE8j6Ooj8ZAAAA4HoU5j8heg0SACkRJNAxAAAAQOF6pD8w9e2zCzjKQUC8CUhlUI2y8MkBWJjVUmAAaJH3a3im9gWAAQGKAQNVU0SSAQEG9NwEmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAgDgAp_wP-oCKGh0dHBzOi8vd2hlcmVnb2VzLmNvbS90cmFjZS8yMDIzMjQ4MzYwNS-AAwCIAwGQAwCYAxegAwGqA8YGCo8GaHR0cHM6Ly9hZHguZy5kb3VibGVjbGljay5uZXQvcGFnZWFkL2Fkdmlldz9haT1DTTBWbTVacHlaS1hMSVpMaTdnT095TGVZQm9DUDF1Vnd4cC0zbHE4Ui1DNFFBU0RtbDlZbFlKWGlrSUtnQjZBQnZOZTB3Z0xJQVFtcEFtX1RmWUplX2JFLXFBTUJ5QU9iQktvRXhnRlAwQ3RCZmlvOUdndWhLRHQzWjRLOUJPUjUzc1pULWtwZVNSUUI3MDR1WHFSemUwZlUxUUdJTWZLTzZlNFBtNmxCNm42UU80S3pEM0E5WG1IV0QtRjd6R2dkYVlnNlpQS1VvX0xIN1NBLXN5NHV0VnZKSjJjaUt1b0ZKbzZKYk5vWFpvLVRUNWwzeXphbHBKd085czVNYnpPVnhyZVNwc1AtMEZ3cGdoMC1NQy16VnFhM0Z1MEltNFhXUTBNUktLREd3SFlySWJPR1VwVXZsWlJNUGllWnNUVU9TNWdDUU12VjVYbEVuY3QxYzlHUmJEYndaNXBjYW5kS1l3VjJlYi11NmE4OWVUdkFCTnJxMzgtc0JPQUVBNGdGbTUtOW5VcVNCUVlJSFJBRUdBR1NCUVlJSFJBQkdBR1NCUVlJSGhBQkdBR1FCZ0dnQm5lQUI2eW95NzBCcUFlT3podW9CNVBZRzZnSDdwYXhBcWdIX3A2eEFxZ0hwS094QXFnSDFja2JxQWVtdmh2WUJ3RHlCd29Rd3ZrQ0dOVGU4LUlCMGdnV0NJRGhnQkFRQVJoZk1nS3FBam9DZ0VCSXZmM0JPdklJRG1KcFpHUmxjaTB6TURVMk5EUTNnQW9FeUFzQnNCUGcxY0lUeUJPMnFKVGlBOUFUQU5nVEVOZ1VBZEFWQVlBWEFiSVhDQW9HQ0FBU0FCZ0Emc2lnaD1seHlwYXByVXExcyZ1YWNoX209W1VBQ0hdJmNpZD1DQVFTR3dCeWdRaUR5NnpXTkhpc2lqeVBWOFpRSkJqajhlYkttcVRubVJnQiZwcj0xMDoke0FVQ1RJT05fUFJJQ0V9GhM4ODk2ODEyNDI2ODYzMDAwMDcxIgk0MjMzNjg5NzMqBzU2MjUwMzM6CTQ3NTg1MjYyOMADrALIAwDYAwDgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQPMTg1LjIxMy4xNTUuMTQxqAQAsgQQCAAQARisAiD6ASgAMAA4ArgEAMAEAMgEANoEAggB4AQB8ASNsvDJAYgFAZgFAKAF0Yv8uYX9i9NxwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFjKAU-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBsKLAdoGFgoQAAAAAAAAAAAAAAAAAAAAABAAGADgBgHyBgIIAIAHAYgHAKAHAaoHCzE5OTI2MDQ0NTcxyAem9gXSBw0JAAAAAAAAAAAQABgA2gcGCAAQABgA4AcA6gcCCADwB7nJAooIAhAAlQgAAIA_mAgB&s=84a2f200b24d0de920116a384d9ade3e55eb4651&type=nv&nvt=5&jm=1003&px=1091&py=950&bw=300&bh=250&sid=1445168801889258914&vd=ct~0|rr~0&sv=233&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=23918325&sw=1600&sh=1200&pw=1600&ph=2226&ww=1600&wh=1200&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/233/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 May 2023 00:05:58 GMT
AN-X-Request-Uuid: cbcf6b5c-6201-4886-b3c1-10efd5c52af0
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://wheregoes.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 185.213.155.141; 185.213.155.141; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

cs
s.thebrighttag.com/ Frame 9D51
Redirect Chain

https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=iRwRj2izv3dKmw6z7OPYfqh25HE0fIsK

35 B
268 B

350ms
111ms

Image
image/gif

52.15.58.80
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=iRwRj2izv3dKmw6z7OPYfqh25HE0fIsK
Protocol: H2
Server: 52.15.58.80 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-15-58-80.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 May 2023 00:05:58 GMT
x-bt-requestid: 6caee9f0-fceb-11ed-a712-0000ac17023c
server: nginx
content-type: image/gif
access-control-allow-origin
p3p: CP=NOI DSP COR NID
cache-control: private, must-revalidate
content-length: 35
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=iRwRj2izv3dKmw6z7OPYfqh25HE0fIsK
date: Sun, 28 May 2023 00:05:57 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 645919
content-length: 0

GET
H3 200 imagesj7cehnctjw8jxzd1jadm.png
s0.2mdn.net/sadbundle/4158533142830104492/ Frame 1B2E 5 KB
5 KB 36ms
36ms Image
image/png 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4158533142830104492/imagesj7cehnctjw8jxzd1jadm.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4158533142830104492/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2d02884af24c995359c68709e160d4989edbad8f69878e4aa9fe01c660a0e684

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4158533142830104492/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 27 May 2023 17:17:39 GMT
x-content-type-options: nosniff
age: 24499
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5185
x-xss-protection: 0
last-modified: Mon, 06 Mar 2023 17:49:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 26 May 2024 17:17:39 GMT

GET
H3 200 618e1e78a0fa3d101b41766f3a2d5a9f.jpg
s0.2mdn.net/sadbundle/4158533142830104492/ Frame 1B2E 20 KB
20 KB 37ms
37ms Image
image/jpeg 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4158533142830104492/618e1e78a0fa3d101b41766f3a2d5a9f.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4158533142830104492/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

558c8f12df464186445cf85c85961640703f0342be8b469eae1333939bf2d6b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4158533142830104492/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 27 May 2023 22:57:19 GMT
x-content-type-options: nosniff
age: 4119
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20885
x-xss-protection: 0
last-modified: Mon, 06 Mar 2023 17:49:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 26 May 2024 22:57:19 GMT

GET
H3 200 5c40126319cfcaffe67e2cf791cb47b3.jpg
s0.2mdn.net/sadbundle/4158533142830104492/ Frame 1B2E 17 KB
17 KB 64ms
64ms Image
image/jpeg 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4158533142830104492/5c40126319cfcaffe67e2cf791cb47b3.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4158533142830104492/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1631266409512c5da7856d313ba096200549201f4826c2bc89a2198b1b524db4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4158533142830104492/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 19:57:08 GMT
x-content-type-options: nosniff
age: 360530
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17731
x-xss-protection: 0
last-modified: Mon, 06 Mar 2023 17:49:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 22 May 2024 19:57:08 GMT

GET
H3 200 6403cd535e97bfcf003caf2cdb047021.jpg
s0.2mdn.net/sadbundle/4158533142830104492/ Frame 1B2E 15 KB
15 KB 52ms
52ms Image
image/jpeg 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4158533142830104492/6403cd535e97bfcf003caf2cdb047021.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4158533142830104492/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d0b038d49eadb39a5afb24f0d94ce74eccea9e23995d6c04c624304ea0d1318

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4158533142830104492/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 14:22:25 GMT
x-content-type-options: nosniff
age: 380613
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15455
x-xss-protection: 0
last-modified: Mon, 06 Mar 2023 17:49:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 22 May 2024 14:22:25 GMT

GET
H3 200 c7272a34910bfefa5c52b859eb305f39.jpg
s0.2mdn.net/sadbundle/4158533142830104492/ Frame 1B2E 9 KB
9 KB 77ms
77ms Image
image/jpeg 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4158533142830104492/c7272a34910bfefa5c52b859eb305f39.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4158533142830104492/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

056256f9cc39d668cd3ab7150c876cf203f2978466578fab3680be678a25cfaa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4158533142830104492/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 27 May 2023 09:47:53 GMT
x-content-type-options: nosniff
age: 51485
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9124
x-xss-protection: 0
last-modified: Mon, 06 Mar 2023 17:49:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 26 May 2024 09:47:53 GMT

GET
DATA 200
OK truncated
/ Frame 1B2E 8 KB
8 KB Font
font/truetype

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 269969fb552b8a45fe0deae2e349b06a28d64cfd197f5aa5c88802ae579e563b

Request headers

Referer
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: font/truetype;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 1B2E 7 KB
7 KB Font
font/truetype

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1a69e1d38e393467eb4d58721bf36ede10f384a11de8daddd46e53fbf9e699cb

Request headers

Referer
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: font/truetype;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 1B2E 5 KB
5 KB Font
font/truetype

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8438847ce24fd71ccfc90631fdf8349ba4ef5c9a715a033e0473f4d0853068b6

Request headers

Referer
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: font/truetype;charset=utf-8

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame BC9B 0
20 B 72ms
71ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BT8OE5ppyZNDVCpHz3wP5jZ7ADQAAAAA4AeAEAg&bg=!EBOlE0fNAAZ8_aWmXP07ADkAdvg8Wr7HlT7jWmTqfCkCbAT45f_FixybMQWqPzTBPMCq6zCTmVhlaZFiZpw-j6-SDdhmtD_GHCoCAAAAaFIAAAACaAEHmQKy1UOqbkNcXxVobK1x4T0vh-LI6DG5PMIJ5Ldy7J8b9RktEP02OEIhFW_l29kzf-34PRdb82uG4ly4IGz3e4oskHp_KFaZQjMKKsYCrswyZQgi5e4maDwtInjabn3L6dZpySF3lGIhjvY57CUePaXcE-3pn80W8WyUDj4PzdSul_ceBOTJEooOLyqnrEKquYwHS6SmaFdXdnovugej_Jk_9AEBuOd-mOu8znVdOoixzNpLgYSYkNO2KIw4nppTijvoLIx4clrExO36TZ4OkWHsDDycKrdc12TO6HZ47cvRnxDCcnSAG3OWuv6U4BA2MCpu9nY7CBbrjrX0dQ2EcpXCbzS288059i4O95cbnKCEC6MwRQn3qSiKDB5TrfKWiyzMs261d-x0zjQQj8_Lci7wIClJo_aQPZIIWma-n2-Mew28ZaBUYqRrawUROs7mOwd6M0XZOxzgyRKnO3awfWd5RgZRPZtO_xag0ZWhIqlvGxljsLOnKUzrjwhzpBm2L5vvClU_dwvW1hmv9EwJQIaa0G7R_xB1aOHuEef3AwLq1EdqICYELVCVTsZ_ZSE9LH9NTkswTLqThljLWb-78dq9l582gIFDerhtiiFOr4fHbobmwyvgIIjk-MFLu371QCiDUl5NP66v67CrkFVHe57VJbd0UHHLOQa_BViRiN8c3fxcCco4TqSGnJvollh_I9vk8jbFPzI7l_WpR6vXg6JFlxHyLctfB2D7FqMJJq-w9iD9Pmfwsi_CHZ2f5FwU101P2Auq_TDNnBm3sFPeex1SMHvYWWqOpzCpE8z-jv-y9dyPqrX1QA0c-rBK4gZq21_SK9kAljdNGFxrO0jp_uyI8sMHfuoVYAHWOsp6vOkPs7kOtqfnsT8WJ6zMImGuKetnldztxcgFnm22mSz1VPE8Z1wl

Requested by

Host: wheregoes.com
URL: https://wheregoes.com/trace/20232483605/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 May 2023 00:05:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame CCE2 0
0 73ms
73ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvdvTjQL5new-zlh9NZPGnaC6gvt5gDHy7Up2WOFdTTcMJu4PQvEEeCbCAsWD2DasJrLByfJVlQqfvx8OVgnEVZh5jM_md4fUB0N9S8eHTEOQGv3FrnDt1s7l5SgpJJEOyBPkecjSAkE5BYwWmXn7xjKay8LlcA&sai=AMfl-YQb8X7n2IzxmcNcLSHNYIzdIWkmQmMOzlUL6ERq61_0lAj7MCZAgQsqEru7g5gWaRVsiHMPv1XoFhr3S8Enoe0V2kBpfpHpBWUVqg&sig=Cg0ArKJSzCBWbUGowpDbEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=457&vt=11&dtpt=236&dett=3&cstd=217&cisv=r20230523.26884&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: wheregoes.com
URL: https://wheregoes.com/trace/20232483605/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 00:05:58 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 28 May 2023 00:05:58 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7140 42 B
174 B 73ms
73ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsviuPxo9OcG3yDCtZm5Jixgpf2ebo_KITMpsxUaINyJEz1C_TUajusaNJRr3JU3yHqdSxU3i-ZnF9ImWIxAj7wEXIWL-kmyGM4AhpMq8e9Ff3EPVyfh&sig=Cg0ArKJSzI5SlZWC5sQdEAE&id=lidar2&mcvt=1106&p=666,1091,920,1391&mtos=0,1106,1106,1106,1106&tos=0,1106,0,0,0&v=20230524&bin=7&avms=nio&bs=1600,1200&mc=0.98&vu=1&app=0&itpl=19&adk=2861055222&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1685232357857&rpt=154&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 May 2023 00:05:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 73ms
72ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202305230101&jk=1203818401506877&bg=!kZKlksbNAAZu7ficTu07ADkAdvg8WgJ-wC8bZ5Uqf4lw2QQSVSRsZzdhLgAEAWE8uKVom46ndlTBsqJKf00URcbB58hnaR43KwYCAAAAelIAAAACaAEHCgCbPPtGOgHhriyb96C3gluleTxDAE3ZA2Jau66dEqQ1kvtLwwDXwcOQeLudAzPPW1JRdvEFnZDrAyKzb8dB3xS-cZ2vrcldRZ6h008wzKiqTgcd1wf9fUJnnvdQFe_rOFmNtS5EoRfRXZG7iyCofpH5t5aQyA2wslnDByNlosx4v9cMkOmOkJMYZYOsbPjmFu-iha2WDtheEtQXupKZApd_3b2T5Itra8BWvvEcAgvVcSy-i5hp_3qhqmexcEBtmPw4mMOikiJS7ed1J1DUFI7-Yliws51nIo0dMJ7Q0uchhgzs7bPuvTTh8YNzazun1eULwRR1hCBwpJytOC30UrnhvkajyYrScdaHUB7yiLe_SPi1CMsP73E6zx9f33AdZR_-bGfYZy_-aoAOMvW9BAmZcSq4r68qyEh4P-y1BoljFRbqULZhH-fO1UGSNcONTzo3Tfn0W3EB4FkVA5mFw6a96Nc0cP7gmzT5sO-4k1GIWVEZ9HcaCUtSVWYcEgMN9aJxGlDHBhR9ftjjYor_FwVYHNYDRKi3FEa8URqnXoVFUgK0Qlk6dbfZgtdEB83D8qnB9PXJvjdg94eMLOTYfWRMaoMRhZEuGqerp_yJ91ZENFlG7kXc9fBORe6z4xLGMrrebwSrdmvxr7QpuPB_MhpRrqpkcTWV0hFjZ5oBhQl4Gkf0l5JtiIy3Bj5lsuNZNkzDL8Lq_fWQqJWnAYD0NdnlNX0Z-mMi4amHHpCu1fkHPJzvr4gz384W1pxOWz0dLWCkN9JYK9bd3Gats_7YorqtuI0yGUFFYHN_8BwJ15Kid8ImMh0QdGcoc7sls-KCGdOL_q5cTeHjC58JTJdIe1Hpnfh8NUroD7TZgnVCSYCZ0gXF_T02tAQ8L96Ck4rqb8kHP5ypEaquDnsWeg_sj45KQ1HxA6dDGv1RVm9SnhineWNmivQpLDGAa7ut0XZSkktByUIdrDsPU8Go2Wemvbu3V8rxJInOU8HOyLLvQwivRKTA7mzlAAud8tbHULcdeSmDyog8YezrXusd_7TTdyDOi5YYS3PaRDAocQRyYjtOGSbuIX6CmAch5IXt0fU_1BsUvF6H6xg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

POST
H2 200 all
csm.eu.criteo.net/ Frame 1A5D 0
127 B 15ms
15ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 28 May 2023 00:05:59 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 9346 16 B
232 B 155ms
154ms Fetch
application/json 18.130.160.192
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.130.160.192 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-130-160-192.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/8.1.14

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://wheregoes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 28 May 2023 00:05:59 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/8.1.14
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 88ms
20ms Preflight 18.130.160.192
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.130.160.192 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-130-160-192.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://wheregoes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Sun, 28 May 2023 00:05:59 GMT
server: nginx

POST
H/1.1 200
OK vevent
ams3-ib.adnxs.com/ Frame 9346 0
955 B 15ms
14ms Ping
text/html 185.89.210.101
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwheregoes.com%2Ftrace%2F20232483605%2F&e=wqT_3QLpCuhpBQAAAwDWAAUBCOW1yqMGEKrfqOLK8KyrQhgAKjYJVyO70jJSnz8RgVoMHqZ9lz8ZAAAA4HoU5j8hgQ0SACkRJMgxAAAAQOF6pD8w9e2zCzjKQUAdSAhQ_o27tgFYmNVSYABokfdreKb2BYABAYoBA1VTRJIFBvRsBJgBygegAVqoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAgDgAp_wP-oCKGh0dHBzOi8vd2hlcmVnb2VzLmNvbS90cmFjZS8yMDIzMjQ4MzYwNS-AAwCIAwGQAwCYAxegAwGqA9YGCo0GaHR0cDovL3RhZ3MubWF0aHRhZy5jb20vbm90aWZ5L2ltZz9leGNoPWFwbiZzX2V4Y2g9YXBuJmlkPTVhVzk1cTJqTHpJekx5QXZUVzFSTUZwVVkzaE5iVWwwVFVSQmQwMURNSGROUkVGM1RGUkJkMDFFUVhSTlJFRjNUVVJCZDAxRVFYZE5SRUYzTHpZME1qZ3hORGswT0RNd01EUTRNamd4TURJdk5qWXlNalF3TlM4ME5UWXlNekV5THpFekwzQnNXamhXUjNWcmJucHBjbFJMUmtoVE1FZElXRVZKTlZwYVpFcEZiRk54UlZSbFVXVmFaa3RUUVZVdk1TOHhNeTh3THpBdk9UVTJPREF6THpNeE1UYzNPRE01TkRrdk1qRTJOVE0yTHpZMU1UZzNNUzh4THpBdk1DOU5SRUYzVFVSQmQwMUVRWFJOUkVGM1RVTXdkMDFFUVhkTVZFRjNUVVJCZEUxRVFYZE5SRUYzVFVSQmQwMUVRWGN2TUM4d0x6QXZNQzh3THpZME1qZ3hORGswT0RNd01EUTRNamd4TURJdllXMXpMekF2TXpFdk9TODVPVGt2TVRZeUx6RTROUzR5TVRNdU1UVTFMakF2TUM0d01EQXZNVFk0TlRJek1qTTFOeTh4TmpnMU1qUTBPVFUzTHpFekx6RXdOekF4TkRFdi9sSC1FLWhhalNqX19vd2tzVXlTMEdFZVBuT1Umbm9kZWlkPTMzMDQmZ3JvdXA9Y2RnJmF1Y3Rpb25pZD02NDI4MTQ5NDgzMDA0ODI4MTAyJnBic19hdWN0aW9uaWQ9NjQyODE0OTQ4MzAwNDgyODEwMiZzaGFyZGtleT02NDI4MTQ5NDgzMDA0ODI4MTAyJnByaWNlPSR7QVVDVElPTl9QUklDRX0mYnA9YV9hZGFmaWgmbmZ5X2FjdD1MRDV3ZjNVJmJmaXA9MTg1LjI5LjEzNC4yMjgmc2lkPTQ1NjIzMTImY2lkPTY2MjI0MDUmc3JjPWFwaSZ0eXBlPW51cmwmY2xpZW50PXMycxITNjQyODE0OTQ4MzAwNDgyODEwMhoTNDc4MDIwNTQzNjkwNzk1ODE4NiIJMzgyNjUwMTEwKgYxMDE5MzY6BzY2MjI0MDXAA6wCyAMA2AMA4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDzE4NS4yMTMuMTU1LjE0MagEALIEDwgAEAEY2AUgWigAMAA4ArgEAMAEAMgEANoEAggB4AQB8AT-jbu2AYgFAZgFAKAFwICxoci32flOwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFi-tL-gUECAAQAJAGAJgGALgGAMEGCSMs8D_QBvmrAdoGFgoQCRIZAZgQABgA4AYB8gYCCACABwGIBwCgBwGqBwY2NTE4NzHIB6b2BdIHDQkRMQEvDNoHBggFCWjgBwDqBwIIAPAHuckCiggCEACVCAAAgD-YCAE.&s=db57ab409514156807a71421231990a311f9fb78&type=pv&jm=1003&px=315&py=440&bw=970&bh=90&sf=1&sid=1445168801889258914&vd=ct~0|rr~5&sv=233&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=23918325&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/233/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 May 2023 00:05:59 GMT
AN-X-Request-Uuid: ab8ff806-8ac6-46e4-b2d0-5337661bd862
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://wheregoes.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 185.213.155.141; 185.213.155.141; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK viewability Show response
hal900029.redintelligence.net/ Frame 4172 0
150 B 36ms
12ms Script
text/html 88.99.219.174
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900029.redintelligence.net/viewability?s=97383300005799400951443012338029&a=7e217d73&vb=v
Requested by: Host: hal900029.redintelligence.net
URL: https://hal900029.redintelligence.net/request_content.php?s=97383300005799400951443012338029&a=4718c103
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.219.174 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.174.219.99.88.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900029.redintelligence.net/request_content.php?s=97383300005799400951443012338029&a=4718c103
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sun, 28 May 2023 00:05:59 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame CCE2 42 B
64 B 74ms
73ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvafJAZ5Aw059kYR2wwy8K1_FnGIlow1q4UKYu3FhpJozIaETLQPXMXC3d7qkCBD21gO0-lSlxsPdVkbNllk27aKMFHbYGc8gc&sig=Cg0ArKJSzEesUz42X-k0EAE&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230524&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=34&adk=909092568&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1685232357867&rpt=709&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 May 2023 00:05:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame CCE2 42 B
64 B 74ms
73ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssiUY_AC8bPPoY7VKTIkjXmzEQcTNT1ErbIdow7aNv95TP4ywxJn6qK8VMDhN4UfyggulpSrxk_qD5eBgIAIbxzHCrIj7ynMdCK_ps5zwSXcVvnvoEy&sig=Cg0ArKJSzEJb0ThV51HEEAE&id=lidar2&mcvt=1005&p=950,1091,1200,1391&mtos=1005,1005,1005,1005,1005&tos=1005,0,0,0,0&v=20230524&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=3809685794&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1685232357867&rpt=704&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 May 2023 00:05:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK vevent
ams3-ib.adnxs.com/ Frame CCE2 0
955 B 15ms
15ms Ping
text/html 185.89.210.101
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwheregoes.com%2Ftrace%2F20232483605%2F&e=wqT_3QLhCuhhBQAAAwDWAAUBCOW1yqMGEIf0zIO9-PS7exgAKjYJo8haQ6m9qD8RehaE8j6Ooj8ZAAAA4HoU5j8heg0SACkRJNAxAAAAQOF6pD8w9e2zCzjKQUC8CUhlUI2y8MkBWJjVUmAAaJH3a3im9gWAAQGKAQNVU0SSAQEG9NwEmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAgDgAp_wP-oCKGh0dHBzOi8vd2hlcmVnb2VzLmNvbS90cmFjZS8yMDIzMjQ4MzYwNS-AAwCIAwGQAwCYAxegAwGqA8YGCo8GaHR0cHM6Ly9hZHguZy5kb3VibGVjbGljay5uZXQvcGFnZWFkL2Fkdmlldz9haT1DTTBWbTVacHlaS1hMSVpMaTdnT095TGVZQm9DUDF1Vnd4cC0zbHE4Ui1DNFFBU0RtbDlZbFlKWGlrSUtnQjZBQnZOZTB3Z0xJQVFtcEFtX1RmWUplX2JFLXFBTUJ5QU9iQktvRXhnRlAwQ3RCZmlvOUdndWhLRHQzWjRLOUJPUjUzc1pULWtwZVNSUUI3MDR1WHFSemUwZlUxUUdJTWZLTzZlNFBtNmxCNm42UU80S3pEM0E5WG1IV0QtRjd6R2dkYVlnNlpQS1VvX0xIN1NBLXN5NHV0VnZKSjJjaUt1b0ZKbzZKYk5vWFpvLVRUNWwzeXphbHBKd085czVNYnpPVnhyZVNwc1AtMEZ3cGdoMC1NQy16VnFhM0Z1MEltNFhXUTBNUktLREd3SFlySWJPR1VwVXZsWlJNUGllWnNUVU9TNWdDUU12VjVYbEVuY3QxYzlHUmJEYndaNXBjYW5kS1l3VjJlYi11NmE4OWVUdkFCTnJxMzgtc0JPQUVBNGdGbTUtOW5VcVNCUVlJSFJBRUdBR1NCUVlJSFJBQkdBR1NCUVlJSGhBQkdBR1FCZ0dnQm5lQUI2eW95NzBCcUFlT3podW9CNVBZRzZnSDdwYXhBcWdIX3A2eEFxZ0hwS094QXFnSDFja2JxQWVtdmh2WUJ3RHlCd29Rd3ZrQ0dOVGU4LUlCMGdnV0NJRGhnQkFRQVJoZk1nS3FBam9DZ0VCSXZmM0JPdklJRG1KcFpHUmxjaTB6TURVMk5EUTNnQW9FeUFzQnNCUGcxY0lUeUJPMnFKVGlBOUFUQU5nVEVOZ1VBZEFWQVlBWEFiSVhDQW9HQ0FBU0FCZ0Emc2lnaD1seHlwYXByVXExcyZ1YWNoX209W1VBQ0hdJmNpZD1DQVFTR3dCeWdRaUR5NnpXTkhpc2lqeVBWOFpRSkJqajhlYkttcVRubVJnQiZwcj0xMDoke0FVQ1RJT05fUFJJQ0V9GhM4ODk2ODEyNDI2ODYzMDAwMDcxIgk0MjMzNjg5NzMqBzU2MjUwMzM6CTQ3NTg1MjYyOMADrALIAwDYAwDgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQPMTg1LjIxMy4xNTUuMTQxqAQAsgQQCAAQARisAiD6ASgAMAA4ArgEAMAEAMgEANoEAggB4AQB8ASNsvDJAYgFAZgFAKAF0Yv8uYX9i9NxwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFjKAU-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBsKLAdoGFgoQAAAAAAAAAAAAAAAAAAAAABAAGADgBgHyBgIIAIAHAYgHAKAHAaoHCzE5OTI2MDQ0NTcxyAem9gXSBw0JAAAAAAAAAAAQABgA2gcGCAAQABgA4AcA6gcCCADwB7nJAooIAhAAlQgAAIA_mAgB&s=84a2f200b24d0de920116a384d9ade3e55eb4651&type=pv&jm=1003&px=1091&py=950&bw=300&bh=250&sf=1&sid=1445168801889258914&vd=ct~0|rr~5&sv=233&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=23918325&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/233/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 May 2023 00:05:59 GMT
AN-X-Request-Uuid: 1348ad29-12f0-4506-8696-6a9a95e3d2f9
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://wheregoes.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 185.213.155.141; 185.213.155.141; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CCE2 0
20 B 70ms
69ms Ping
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=8047586605672&version=m202301230201&ct=119&x=10&cor=7856757008322430000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 May 2023 00:05:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 publishertag.prebid.135.js Show response
static.criteo.net/js/ld/ 89 KB
29 KB 21ms
20ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.135.js

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1685232000000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 00:05:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 24 Feb 2023 07:57:32 GMT
server: nginx
etag: W/"63f86dec-16386"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 29 May 2023 00:05:59 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 727F 15 KB
6 KB 19ms
18ms Document
text/html 2a02:2638:d::d
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=wheregoes.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

645709dcb09b2700fd5a5938dbdf783ac90a88334e5104041db53302441f33e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://wheregoes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 28 May 2023 00:05:59 GMT
server: Kestrel
server-processing-duration-in-ticks: 656381
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 93 KB
30 KB 16ms
16ms XHR
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

0c1ce1aa8e07e9cd49cd881147c0495b5c636dab10ab1c30ceb935b74a8c0ecd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 00:05:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 19 May 2023 17:15:21 GMT
server: nginx
etag: W/"6467aea9-175c4"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 29 May 2023 00:05:59 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 727F
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=wheregoes.com&sn=ChromeSyncframe&so=3&topUrl=wheregoes.com&bundle=W9rR9F9scEZ2JTJCJTJGTU4zNVdybTZNZWRubXlKWkdVcm51R3ppYUt5MU8zQWpNZ1JrZHB4...
https://mug.criteo.com/sid?cpp=EbnBQnx3eHZwajY1WFlOcGxVcDdFWE5Sc2dlbndJVUFncHZlUDZROXdqTnloYXBpSHI3d3ZBeTlCSGtOdXoyd3VmSkU2MmNMcG1BVXJtWW9MZXdHOHVNTTN5Y0ZDQ0JkK0tmVjBubkJrQys3RGxxemI5cVhxS0N5ajNMQX...

441 B
671 B

16ms
16ms

Fetch
application/json

178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=EbnBQnx3eHZwajY1WFlOcGxVcDdFWE5Sc2dlbndJVUFncHZlUDZROXdqTnloYXBpSHI3d3ZBeTlCSGtOdXoyd3VmSkU2MmNMcG1BVXJtWW9MZXdHOHVNTTN5Y0ZDQ0JkK0tmVjBubkJrQys3RGxxemI5cVhxS0N5ajNMQXpvN3NkeW9vWEN0STFKTWl4cXJkYTZ6enF2NE1rYTF2ZE5aU2RTdURhV01uZWVWMFBuZDFpZnBlNFYvUUVhYWF0SWdvdUc3OVVISWpLT25KeUZLMEtPRkF2MWk4Mm81cmwraEpWT0QvK0VJdllHaXhrZ1hSZnE4NERXdVV5NnlYb3NpUWhqL3k3QzNLL084S001UkxWeEYwa0YycitxeWhuSDFhQ293bGNoWWl4WEM4a29DTT18&cppv=2

Protocol

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

01b7b998e99b05601d73ef8ebfb320a8325552ecd5a0a90cc0189a2ed1e14e53

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 May 2023 00:05:59 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 900340
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 28 May 2023 00:05:59 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=EbnBQnx3eHZwajY1WFlOcGxVcDdFWE5Sc2dlbndJVUFncHZlUDZROXdqTnloYXBpSHI3d3ZBeTlCSGtOdXoyd3VmSkU2MmNMcG1BVXJtWW9MZXdHOHVNTTN5Y0ZDQ0JkK0tmVjBubkJrQys3RGxxemI5cVhxS0N5ajNMQXpvN3NkeW9vWEN0STFKTWl4cXJkYTZ6enF2NE1rYTF2ZE5aU2RTdURhV01uZWVWMFBuZDFpZnBlNFYvUUVhYWF0SWdvdUc3OVVISWpLT25KeUZLMEtPRkF2MWk4Mm81cmwraEpWT0QvK0VJdllHaXhrZ1hSZnE4NERXdVV5NnlYb3NpUWhqL3k3QzNLL084S001UkxWeEYwa0YycitxeWhuSDFhQ293bGNoWWl4WEM4a29DTT18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 288010
content-length: 0
expires: 0

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame EB85 24 KB
8 KB 22ms
22ms Document
text/html 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU18831I&prvid=2034%2C2033%2C2031%2C2030%2C273%2C233%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C359%2C437%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C244%2C201%2C3007%2C246%2C4%2C203%2C446%2C9%2C407%2C2011%2C2055%2C3022%2C3020%2C173%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C336%2C3014%2C337%2C338%2C459%2C339%2C70%2C77%2C38%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1685232000000

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

bc4e9b14ba8f9e349071e9d19faab1a0465dc797d1d401babd1dc2aa2e054eaa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://wheregoes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=172800
content-encoding: gzip
content-length: 8479
content-type: text/html; charset=UTF-8
date: Sun, 28 May 2023 00:06:00 GMT
expires: Tue, 30 May 2023 00:06:00 GMT
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-mnet-hl2: E

GET
H2 204 /
onetag-sys.com/usync/ Frame 9470 0
0 7ms
7ms Document
text/plain 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1685232357327

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1685232000000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://wheregoes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 11D5 52 KB
17 KB 39ms
7ms Document
text/html 23.35.236.188
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1685232000000
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-188.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://wheregoes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sun, 28 May 2023 00:06:00 GMT
ETag: "623de86a-cf34"
Expires: Mon, 29 May 2023 00:06:02 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 2732 281 B
554 B 7ms
7ms Document
text/html 23.56.202.187
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1685232000000
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.56.202.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-56-202-187.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://wheregoes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sun, 28 May 2023 00:06:00 GMT
ETag: "40010-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 sync.html Show response
public.servenobid.com/ Frame 3B9E 9 KB
4 KB 34ms
7ms Document
text/html 13.32.99.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://public.servenobid.com/sync.html
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1685232000000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-30.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b24b19152e92ee2240cdf53444b33a1b8ec286e9a44072890c5490c9d8ddfa3d

Request headers

Referer: https://wheregoes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 85610
cache-control: max-age=86400
content-encoding: gzip
content-type: text/html
date: Sat, 27 May 2023 00:19:11 GMT
etag: W/"fd0102e5847015626666169917857ba8"
last-modified: Wed, 12 Apr 2023 16:16:50 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
x-amz-cf-id: aEO8kcj6aHX6wl8YiH87MUB1GQOmrzwRUvr3va0zTjPl2CJs5cmsKQ==
x-amz-cf-pop: FRA60-P3
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:b4af218c-2bc9-4531-9210-521693d9d5d7
x-amz-meta-codebuild-content-md5: 9cec9a15b660da7393081e2fc6c34731
x-amz-meta-codebuild-content-sha256: 8e6d48a695640d90e0623cd4e573f94721be8c1becd249758c7df42fcffde7be
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 2732 34 KB
10 KB 8ms
7ms Script
text/html 23.56.202.187
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.56.202.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-56-202-187.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 056697ed15e390bb5d6013a6bae699c5cbe364bf06b2c957c8c7d3c8d84b8355

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sun, 28 May 2023 00:06:00 GMT
Content-Encoding: gzip
Last-Modified: Sat, 27 May 2023 11:40:38 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=41697
Connection: keep-alive
Content-Length: 10084
Expires: Sun, 28 May 2023 11:40:57 GMT

GET
H/1.1 200
OK log
c21lg-d.media.net/ Frame EB85 35 B
296 B 211ms
166ms Image
image/gif 23.35.228.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c21lg-d.media.net/log?logid=kfk&evtid=cs&del=2&vsid=3282339588394923000V10&origin=1&flt=0
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU18831I&prvid=2034%2C2033%2C2031%2C2030%2C273%2C233%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C359%2C437%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C244%2C201%2C3007%2C246%2C4%2C203%2C446%2C9%2C407%2C2011%2C2055%2C3022%2C3020%2C173%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C336%2C3014%2C337%2C338%2C459%2C339%2C70%2C77%2C38%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-228-23.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 May 2023 00:06:00 GMT
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 35
Expires: Sun, 28 May 2023 00:06:00 GMT

GET
H2 200 13926 Show response
g2.gumgum.com/usync/ Frame 186F 4 KB
2 KB 108ms
32ms Document
text/html 52.209.74.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.209.74.61 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-209-74-61.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: bcefbbc0f8a1f61939edab637716178780fe29f93670393af33ea757bcef5224

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Sun, 28 May 2023 00:06:00 GMT
etag: W/"0a9ead79e6215a6618a4b79cce9e811c3"
server: nginx
timing-allow-origin: *

GET
H2 204 /
onetag-sys.com/usync/ Frame 71B1 0
0 8ms
7ms Document
text/plain 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D

Requested by

Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H/1.1 200
OK sync Show response
ssbsync.smartadserver.com/api/ Frame EC2F 716 B
966 B 97ms
18ms Document
text/html 185.86.138.152
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.152 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 883204807e945d6a19f8b9928edcb5a4433606979adcf31f843feed5d65514d5

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 716
content-type: text/html
date: Sun, 28 May 2023 00:06:00 GMT

GET
H/1.1 200
OK usermatch Show response
ssum-sec.casalemedia.com/ Frame 1123 2 KB
2 KB 36ms
11ms Document
text/html 185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: 22b9fc54e8c82c294b4513f3e007e9bde6ea413a113e1698c173f791e83fba6b

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache
Connection: Keep-Alive
Content-Length: 1819
Content-Type: text/html
Date: Sun, 28 May 2023 00:06:00 GMT
Expires: 0
Keep-Alive: timeout=1, max=500
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma: no-cache
Server: Apache

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame C73C
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east

281 B
554 B

8ms
7ms

Document
text/html

23.56.202.187
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.56.202.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-56-202-187.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sun, 28 May 2023 00:06:00 GMT
ETag: "40010-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Sun, 28 May 2023 00:06:00 GMT
location: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
server: AkamaiGHost

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 20F8 16 KB
6 KB 32ms
7ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=94680
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Sun, 28 May 2023 00:06:00 GMT
expires: Mon, 29 May 2023 02:24:00 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 sync-iframe Show response
cs-rtb.minutemedia-prebid.com/ Frame 3734 0
486 B 148ms
100ms Document
text/html 2600:9000:223f:3600:1f:4c18:bd40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:3600:1f:4c18:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://public.servenobid.com/
content-length: 0
content-type: text/html
date: Sun, 28 May 2023 00:06:00 GMT
via: 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront)
x-amz-cf-id: BJ9dyBIDncZjPjh2TlaluECmdbpQG0gVuwddQPhd8qvJdIUvxUOQag==
x-amz-cf-pop: FRA56-P5
x-cache: Miss from cloudfront
x-reason: could not perform CS due to GDPR policy: gdpr is not applied

GET
H/1.1 200
OK user-sync Show response
sync.adkernel.com/ Frame C152 0
160 B 53ms
14ms Document
text/plain 77.245.57.72
WEBAIR-INTERNET-MTL

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Age: 0
Cache-Control: no-store
Connection: close
Content-Length: 0
Date: Sun, 28 May 2023 00:06:00 GMT
Pragma: no-cache
Server: nginx

GET
H2 200 sync-iframe Show response
cs-server-s2s.yellowblue.io/ Frame B12F 0
329 B 322ms
102ms Document
text/html 3.229.221.86
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.229.221.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-229-221-86.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://public.servenobid.com/
content-length: 0
content-type: text/html
date: Sun, 28 May 2023 00:06:01 GMT
x-reason: could not perform CS due to GDPR policy: gdpr is not applied

GET
H2

200

sync
ads.servenobid.com/ Frame 3B9E
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
https://ads.servenobid.com/sync?pid=312&uid=5406120377368137467

0
344 B

31ms
29ms

Image
image/avif

63.33.85.96
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=312&uid=5406120377368137467
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 63.33.85.96 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-33-85-96.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 00:06:00 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

Date: Sun, 28 May 2023 00:06:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.213.155.141; 185.213.155.141; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 6ddaa55e-b428-481e-8cb1-941107a929f4
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://ads.servenobid.com/sync?pid=312&uid=5406120377368137467
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

sync
ads.servenobid.com/ Frame 3B9E
Redirect Chain

https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1
https://ads.servenobid.com/sync?pid=310&uid=Gt9mrRZHp55ytvBjTP2xY7Cm

0
350 B

29ms
29ms

Image
image/avif

63.33.85.96
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=310&uid=Gt9mrRZHp55ytvBjTP2xY7Cm
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 63.33.85.96 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-33-85-96.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 00:06:00 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

Pragma: no-cache
Date: Sun, 28 May 2023 00:06:00 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Location: https://ads.servenobid.com/sync?pid=310&uid=Gt9mrRZHp55ytvBjTP2xY7Cm
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap3ams1
Content-Length: 0
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H/1.1 204
No Content pixel
ap.lijit.com/ Frame 3B9E 0
277 B 18ms
14ms Image
text/plain 216.52.2.6
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.6 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 28 May 2023 00:06:00 GMT
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, PUT

GET
H2

200

sync
ads.servenobid.com/ Frame 3B9E
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1685232360808
https://ad.turn.com/r/cs?pid=45&rndcb=1734776722
https://sync.1rx.io/usersync/turn/8652146884359079182?dspret=1&gdpr=&gdpr_consent=&us_privacy=
https://sync.targeting.unrulymedia.com/csync/RX-381267b1-276a-4dca-8eb3-7ab83a4ca641-003?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-381267b1-276a-4dca-8eb3-7ab83a4ca641-003
https://ads.servenobid.com/sync?pid=321&uid=RX-381267b1-276a-4dca-8eb3-7ab83a4ca641-003

0
361 B

30ms
29ms

Image
image/avif

63.33.85.96
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=321&uid=RX-381267b1-276a-4dca-8eb3-7ab83a4ca641-003
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 63.33.85.96 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-33-85-96.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 00:06:01 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

location: https://ads.servenobid.com/sync?pid=321&uid=RX-381267b1-276a-4dca-8eb3-7ab83a4ca641-003
date: Sun, 28 May 2023 00:06:01 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX381267b1276a4dca8eb37ab83a4ca641003
content-type: text/html

GET
H2

200

sync
ads.servenobid.com/ Frame 3B9E
Redirect Chain

https://p.rfihub.com/cm?pub=44007&in=1
https://ads.servenobid.com/sync?pid=324&uid=5134455419384659236

0
345 B

30ms
29ms

Image
image/avif

63.33.85.96
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=324&uid=5134455419384659236
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 63.33.85.96 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-33-85-96.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 00:06:00 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

Location: https://ads.servenobid.com/sync?pid=324&uid=5134455419384659236
Date: Sun, 28 May 2023 00:06:00 GMT
Server: Jetty(9.4.51.v20230217)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK usa
sync.go.sonobi.com/ Frame 3B9E 0
500 B 395ms
93ms Image
text/plain 69.166.1.10
AS-XFERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D

Requested by

Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

69.166.1.10 , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 May 2023 00:06:01 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: go-iad-2-5-139
Content-Type: text/plain; charset=utf8
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 204 0
prebid.a-mo.net/cchain/ Frame 3B9E 0
109 B 78ms
14ms Image
text/plain 147.75.84.158
PACKET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.84.158 North Holland, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 00:06:00 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 0
server: envoy
vary: Accept-Encoding

GET
H2

200

sync
ads.servenobid.com/ Frame 3B9E
Redirect Chain

https://ups.analytics.yahoo.com/ups/58559/occ
https://ads.servenobid.com/sync?pid=337&uid=y-vTmGZ5pE2uEpmmG1o0mGKs4Fic_OrrDmvN5MaMM-~A

0
366 B

29ms
29ms

Image
image/avif

63.33.85.96
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=337&uid=y-vTmGZ5pE2uEpmmG1o0mGKs4Fic_OrrDmvN5MaMM-~A
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 63.33.85.96 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-33-85-96.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 00:06:00 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

location: https://ads.servenobid.com/sync?pid=337&uid=y-vTmGZ5pE2uEpmmG1o0mGKs4Fic_OrrDmvN5MaMM-~A
date: Sun, 28 May 2023 00:06:00 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.57
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

sync
ads.servenobid.com/ Frame 3B9E
Redirect Chain

https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID
https://ads.servenobid.com/sync?pid=346&uid=ua-7b38cc84-a6a0-3b71-9039-70e214cc36c1

0
358 B

29ms
29ms

Image
image/avif

63.33.85.96
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=346&uid=ua-7b38cc84-a6a0-3b71-9039-70e214cc36c1
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 63.33.85.96 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-33-85-96.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 00:06:01 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

location: https://ads.servenobid.com/sync?pid=346&uid=ua-7b38cc84-a6a0-3b71-9039-70e214cc36c1
pragma: no-cache
date: Sun, 28 May 2023 00:06:01 GMT
cache-control: no-store
content-length: 0
expires: 0

GET
H2

200

sync
ads.servenobid.com/ Frame 3B9E
Redirect Chain

https://ups.analytics.yahoo.com/ups/58632/occ
https://ads.servenobid.com/sync?pid=339&uid=y-vTmGZ5pE2uEpmmG1o0mGKs4Fic_OrrDmvN5MaMM-~A

0
366 B

30ms
29ms

Image
image/avif

63.33.85.96
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=339&uid=y-vTmGZ5pE2uEpmmG1o0mGKs4Fic_OrrDmvN5MaMM-~A
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 63.33.85.96 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-33-85-96.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 00:06:00 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

location: https://ads.servenobid.com/sync?pid=339&uid=y-vTmGZ5pE2uEpmmG1o0mGKs4Fic_OrrDmvN5MaMM-~A
date: Sun, 28 May 2023 00:06:00 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.57
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 204 v1
match.sharethrough.com/universal/ Frame 3B9E 0
359 B 10ms
7ms Image
text/plain 35.157.25.132
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/universal/v1?supply_id=KW3eSFMR&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.25.132 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-25-132.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 00:06:00 GMT

GET
H2

200

sync
ads.servenobid.com/ Frame 3B9E
Redirect Chain

https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%3E
https://ads.servenobid.com/sync?pid=353&uid=0000EEA

0
336 B

29ms
29ms

Image
image/avif

63.33.85.96
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=353&uid=0000EEA
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 63.33.85.96 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-33-85-96.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 00:06:00 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=86400 ; includeSubDomains, max-age=604800
date: Sun, 28 May 2023 00:06:00 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location: https://ads.servenobid.com/sync?pid=353&uid=0000EEA
content-type: text/html
cache-control: max-age=0, no-cache, no-store
content-length: 154
x-mnet-hl2: E
expires: Sun, 28 May 2023 00:06:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 11D5 0
863 B 21ms
14ms Script
text/html 185.89.210.122
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 May 2023 00:06:00 GMT
AN-X-Request-Uuid: c9f95514-d3e1-47fe-88cd-639c1525b0a9
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.141; 185.213.155.141; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 20F8 3 KB
3 KB 67ms
15ms Script
text/html 198.47.127.19
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=54177539&p=162412&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: c08f660a95b1cc8521a6366708ed88e3774985c10939c2cf35f32e534de8304b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
date: Sun, 28 May 2023 00:06:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 1123
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZHKa5tzRYLZfjMtOWmTNwAAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMlik9lDL_7IDS29bE9Cyck&google_cver=1

43 B
632 B

18ms
9ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMlik9lDL_7IDS29bE9Cyck&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 May 2023 00:06:00 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sun, 28 May 2023 00:06:00 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMlik9lDL_7IDS29bE9Cyck&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dcm
s.amazon-adsystem.com/ Frame 1123 43 B
855 B 109ms
108ms Image
image/gif 52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZHKa5tzRYLZfjMtOWmTNwAAADNYAAAAB&gpp=&gpp_sid=

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 May 2023 00:06:00 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: MJQAC20CS7P42K1C3NX1
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 1123 70 B
264 B 36ms
33ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 28 May 2023 00:06:00 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame 1123
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZHKa5tzRYLZfjMtOWmTNwAAADNYAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEEw3jQaLU6hU-hKncVH0fhg&google_cver=1

43 B
632 B

19ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEEw3jQaLU6hU-hKncVH0fhg&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 May 2023 00:06:00 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sun, 28 May 2023 00:06:00 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEEw3jQaLU6hU-hKncVH0fhg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 364
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK sync
ssbsync.smartadserver.com/api/ Frame 1123 0
75 B 52ms
17ms Image
text/plain 185.86.138.152
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=82&gdpr=$%7bGDPR%7d&gdpr_consent=$%7bGDPR_CONSENT%7d
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.152 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 00:06:00 GMT
content-length: 0

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 1123
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=e7026472-9ae5-4401-9cbe-7a98e6149dc1

43 B
632 B

20ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=e7026472-9ae5-4401-9cbe-7a98e6149dc1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 May 2023 00:06:00 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Date: Sun, 28 May 2023 00:06:00 GMT
Server: MT3 851 9bd98ae master zrh-pixel-x4 config_version:"unknown"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=e7026472-9ae5-4401-9cbe-7a98e6149dc1
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sun, 28 May 2023 00:05:59 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 1123
Redirect Chain

https://p.rfihub.com/cm?in=1&pub=2079
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5141210825224141390

43 B
632 B

19ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5141210825224141390
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 May 2023 00:06:00 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5141210825224141390
Date: Sun, 28 May 2023 00:06:00 GMT
Server: Jetty(9.4.51.v20230217)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 ZHKa5tzRYLZfjMtOWmTNwAAADNYAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 1123 43 B
600 B 36ms
33ms Image
image/gif 2a05:d018:d29:3601:cc5:dc1b:2834:9d22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/ZHKa5tzRYLZfjMtOWmTNwAAADNYAAAAB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3601:cc5:dc1b:2834:9d22 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 00:06:00 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2 200 sync
ads.servenobid.com/ Frame 1123 0
357 B 30ms
29ms Image
image/avif 63.33.85.96
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=333&uid=ZHKa5tzRYLZfjMtOWmTNwAAADNYAAAAB
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.33.85.96 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-33-85-96.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 00:06:00 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame C73C 34 KB
10 KB 8ms
7ms Script
text/html 23.56.202.187
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.56.202.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-56-202-187.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 056697ed15e390bb5d6013a6bae699c5cbe364bf06b2c957c8c7d3c8d84b8355

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sun, 28 May 2023 00:06:00 GMT
Content-Encoding: gzip
Last-Modified: Sat, 27 May 2023 11:40:38 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=41697
Connection: keep-alive
Content-Length: 10084
Expires: Sun, 28 May 2023 11:40:57 GMT

GET
H2 200 sync
ads.servenobid.com/ Frame EC2F 0
344 B 32ms
29ms Image
image/avif 63.33.85.96
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=317&uid=4049060541653575330&gdpr=0&gdpr_consent=
Requested by: Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.33.85.96 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-33-85-96.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 00:06:00 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame EC2F
Redirect Chain

https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=135&partneruserid=TAM_OK&redirurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fdcm%3Fpid%3D72348060-38ad-4586-8e4f-f1e2a8e789b3%26id%3DSMART_USE...
https://s.amazon-adsystem.com/dcm?pid=72348060-38ad-4586-8e4f-f1e2a8e789b3&id=4049060541653575330&gdpr=0&gdpr_consent=

43 B
855 B

149ms
106ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=72348060-38ad-4586-8e4f-f1e2a8e789b3&id=4049060541653575330&gdpr=0&gdpr_consent=

Requested by

Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 May 2023 00:06:00 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: F8422KQEP8Z79E6QAQFM
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/dcm?pid=72348060-38ad-4586-8e4f-f1e2a8e789b3&id=4049060541653575330&gdpr=0&gdpr_consent=
pragma: no-cache
date: Sun, 28 May 2023 00:06:00 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H/1.1 200 9.gif
id5-sync.com/i/102/ Frame EC2F 43 B
1 KB 9ms
7ms Image
image/gif 141.95.33.111
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/i/102/9.gif?gdpr=0&gdpr_consent=

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.33.111 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ns3203177.ip-141-95-33.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Sun, 28 May 2023 00:06:00 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding: chunked
p3p: CP="CAO PSA OUR"

GET
H2

200

/
rtb-csync.smartadserver.com/redir/ Frame EC2F
Redirect Chain

https://cms.quantserve.com/pixel/p-EtBqU4Lj3YbAv.gif?idmatch=0&gdpr=0&gdpr_consent=
https://rtb-csync.smartadserver.com/redir/?partnerid=80&&partneruserid=uij8X7V9rlWheKhcuS_mD-4lqAihKfoLvS31zyrV

43 B
113 B

25ms
19ms

Image
image/gif

185.86.139.93
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=80&&partneruserid=uij8X7V9rlWheKhcuS_mD-4lqAihKfoLvS31zyrV
Requested by: Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol: H2
Server: 185.86.139.93 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 00:06:00 GMT
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sun, 28 May 2023 00:06:00 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://rtb-csync.smartadserver.com/redir/?partnerid=80&&partneruserid=uij8X7V9rlWheKhcuS_mD-4lqAihKfoLvS31zyrV
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

p
a.audrte.com/ Frame EC2F
Redirect Chain

https://a.audrte.com/get?p=M501991648&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D141%26partneruserid%3D$UID&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=MDFmQzZKZVloNXlTdUMtRmlUdXlqb29tQQ==&google_redir=http%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZH...
https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1MDAzZDAxZkM2SmVZaDV5U3VDLUZp...
https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx...
https://a.audrte.com/a?adform_uid=2307736630812145290&r=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1M...
https://rtb-csync.smartadserver.com/redir/?partnerid=141&partneruserid=01fHTUp1NO6ROK5GmdECwwf7g&gdpr=0&gdpr_consent=&redirurl=http%3A%2F%2Fa.audrte.com%2Fmatch%3Fuid%3DSMART_USER_ID%26p%3DM5019916...
https://a.audrte.com/match?uid=4049060541653575330&p=M501991648&r=http%3A%2F%2Fa.audrte.com%2Fp%3F&gdpr=0&gdpr_consent=
https://a.audrte.com/p?

68 B
463 B

191ms
190ms

Image
image/png

18.66.97.115
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.audrte.com/p?
Requested by: Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol: H2
Server: 18.66.97.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-115.fra56.r.cloudfront.net
Software: nginx/1.18.0 /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 00:06:01 GMT
via: 1.1 3a3c1dcacd115187f53f40028ae4bd24.cloudfront.net (CloudFront)
server: nginx/1.18.0
x-amz-cf-pop: FRA56-P2
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
x-cache: Miss from cloudfront
access-control-allow-credentials: true
content-length: 68
x-amz-cf-id: NFdInxiYbcB8lZja8tOKvGEmV-05UqNmwT90LVqa1BoRduPRgd0HbQ==

Redirect headers

date: Sun, 28 May 2023 00:06:01 GMT
via: 1.1 3a3c1dcacd115187f53f40028ae4bd24.cloudfront.net (CloudFront)
server: nginx/1.18.0
x-amz-cf-pop: FRA56-P2
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST, GET, OPTIONS
x-cache: Miss from cloudfront
location: http://a.audrte.com/p?
access-control-allow-origin: *
access-control-allow-credentials: true
content-length: 0
x-amz-cf-id: P36neLxm1RXlkt0g6XLRnq3FV6G1yPru-jBrO9WU-c3DLB1aXSJjlQ==

GET
H/1.1 204
No Content sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame C73C 0
239 B 418ms
97ms Image
image/gif 69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media&khaos=LI6NU16A-25-XAT
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: c1df09169f58a071f2a391dff1b3307b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 186F
Redirect Chain

https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
https://usersync.gumgum.com/usersync?b=apn&i=5406120377368137467

35 B
250 B

143ms
34ms

Image
image/gif

34.247.205.196
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=apn&i=5406120377368137467
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Sun, 28 May 2023 00:06:01 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

Date: Sun, 28 May 2023 00:06:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.213.155.141; 185.213.155.141; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 4b06eca9-b122-40dd-9977-e2be6383cc52
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://usersync.gumgum.com/usersync?b=apn&i=5406120377368137467
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 186F
Redirect Chain

https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_307050ea-315e-41b2-8ee1-3a31bc5ad775&gdpr=0&gdpr_consent=&us_privacy=1---
https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=7a9a65ad-ae90-414e-9142-8941316d6ef1&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=1---
https://x.bidswitch.net/sync?dsp_id=283&user_id=e1e5e2d3-6a69-46dc-b7fa-23a73277d789&expires=1&user_group=5&ssp=gumgum2&bsw_param=7a9a65ad-ae90-414e-9142-8941316d6ef1&gdpr=0&gdpr_consent=&gdpr_pd=
https://usersync.gumgum.com/usersync?b=bsw&i=7a9a65ad-ae90-414e-9142-8941316d6ef1&gdpr=0&gdpr_consent=&us_privacy=

35 B
250 B

77ms
28ms

Image
image/gif

34.247.205.196
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=bsw&i=7a9a65ad-ae90-414e-9142-8941316d6ef1&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Sun, 28 May 2023 00:06:01 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

location: //usersync.gumgum.com/usersync?b=bsw&i=7a9a65ad-ae90-414e-9142-8941316d6ef1&gdpr=0&gdpr_consent=&us_privacy=
date: Sun, 28 May 2023 00:06:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 186F
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
https://usersync.gumgum.com/usersync?b=sta&i=0-e3e1ac07-27ef-526c-5716-b5256910c2dc$ip$185.213.155.141

35 B
250 B

34ms
33ms

Image
image/gif

34.247.205.196
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=sta&i=0-e3e1ac07-27ef-526c-5716-b5256910c2dc$ip$185.213.155.141
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Sun, 28 May 2023 00:06:01 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

Location: https://usersync.gumgum.com/usersync?b=sta&i=0-e3e1ac07-27ef-526c-5716-b5256910c2dc$ip$185.213.155.141
Date: Sun, 28 May 2023 00:06:01 GMT
Connection: keep-alive
Content-Length: 129
Content-Type: text/html; charset=utf-8

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 186F
Redirect Chain

https://b1sync.zemanta.com/usersync/gumgum/?puid=e_307050ea-315e-41b2-8ee1-3a31bc5ad775&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
https://stags.bluekai.com/site/23178?id=yZQYHMNNKy1XU0Tbly95&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LO...
https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT26K2KFMUQTKOJZFXSMKYKUYFIYTMPE4TK...
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=yZQYHMNNKy1XU0Tbly95&us_privacy=1---

35 B
250 B

33ms
33ms

Image
image/gif

34.247.205.196
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=yZQYHMNNKy1XU0Tbly95&us_privacy=1---
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Sun, 28 May 2023 00:06:01 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

Pragma: no-cache
Date: Sun, 28 May 2023 00:06:01 GMT
Content-Type: text/html; charset=utf-8
Location: https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=yZQYHMNNKy1XU0Tbly95&us_privacy=1---
P3p: CP="We do not support P3P header."
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 123
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 186F
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
https://usersync.gumgum.com/usersync?b=pln&i=mkmFGVWhP4WL&ev=1&pid=558355

35 B
250 B

33ms
33ms

Image
image/gif

34.247.205.196
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=pln&i=mkmFGVWhP4WL&ev=1&pid=558355
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Sun, 28 May 2023 00:06:01 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

strict-transport-security: max-age=15768000
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server: Jetty(10.0.14)
content-language: de-DE
location: https://usersync.gumgum.com/usersync?b=pln&i=mkmFGVWhP4WL&ev=1&pid=558355
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-5c88bf657c-tblm2
expires: -1

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/ Frame 186F
Redirect Chain

https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobR...
https://usersync.gumgum.com/usersync?b=obn&i=ENC%28x_HQ64PTiqKFUu31EKyD9utag-fEZDQHbG3JGp8O5bh2byM2ZLtTQgGyGuO2iEGl%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_307050ea-315e-41b2-8ee1-3a31bc5ad775&obuid=ENC(x_HQ64PTiqKFUu31EKyD9utag-fEZDQHbG3JGp8O5bh2byM2ZLtTQgGyGuO2iEGl...
https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0
https://creativecdn.com/cm-notify?pi=outbrain&obUid=x_HQ64PTiqKFUu31EKyD9utag-fEZDQHbG3JGp8O5bh2byM2ZLtTQgGyGuO2iEGl&gdpr=0&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&initiator=platform
https://sync.outbrain.com/cookie-sync?p=rtbhouse&uid=zWmv2AMEIKjLEuWMpWa2&pi=outbrain&obUid=x_HQ64PTiqKFUu31EKyD9utag-fEZDQHbG3JGp8O5bh2byM2ZLtTQgGyGuO2iEGl&gdpr=0&gdpr_consent=%24CONSNT_STRING&us_...

0
145 B

91ms
90ms

Image
text/plain

70.42.32.223
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=rtbhouse&uid=zWmv2AMEIKjLEuWMpWa2&pi=outbrain&obUid=x_HQ64PTiqKFUu31EKyD9utag-fEZDQHbG3JGp8O5bh2byM2ZLtTQgGyGuO2iEGl&gdpr=0&gdpr_consent=%24CONSNT_STRING&us_privacy=%24CCPA&initiator=platform
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 70.42.32.223 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sun, 28 May 2023 00:06:01 GMT
Cache-Control: no-cache
X-TraceId: dc9e502b9a9fd3631292a307def4e6a1
Content-Length: 0

Redirect headers

location: https://sync.outbrain.com/cookie-sync?p=rtbhouse&uid=zWmv2AMEIKjLEuWMpWa2&pi=outbrain&obUid=x_HQ64PTiqKFUu31EKyD9utag-fEZDQHbG3JGp8O5bh2byM2ZLtTQgGyGuO2iEGl&gdpr=0&gdpr_consent=%24CONSNT_STRING&us_privacy=%24CCPA&initiator=platform
pragma: no-cache
date: Sun, 28 May 2023 00:06:01 GMT, Sun, 28 May 2023 00:06:01 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 186F
Redirect Chain

https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
https://usersync.gumgum.com/usersync?b=opx&i=41811d45-0e71-4714-992f-444807679486

35 B
250 B

85ms
33ms

Image
image/gif

34.247.205.196
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=opx&i=41811d45-0e71-4714-992f-444807679486
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Sun, 28 May 2023 00:06:01 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

date: Sun, 28 May 2023 00:06:00 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
location: https://usersync.gumgum.com/usersync?b=opx&i=41811d45-0e71-4714-992f-444807679486
p3p: CP="CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 186F
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
https://usersync.gumgum.com/usersync?b=oth&i=y-ZB7R30pE2pe80y581.T2fhf_ELWJLD3DHzZ6~A

35 B
250 B

83ms
28ms

Image
image/gif

34.247.205.196
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=oth&i=y-ZB7R30pE2pe80y581.T2fhf_ELWJLD3DHzZ6~A
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Sun, 28 May 2023 00:06:01 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

date: Sun, 28 May 2023 00:06:00 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://usersync.gumgum.com/usersync?b=oth&i=y-ZB7R30pE2pe80y581.T2fhf_ELWJLD3DHzZ6~A
content-length: 0

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 186F
Redirect Chain

https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fuser...
https://usersync.gumgum.com/usersync?b=vnt&i=b18dea77-a6d3-4127-b677-ba77b6c8a675

35 B
250 B

29ms
28ms

Image
image/gif

34.247.205.196
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=vnt&i=b18dea77-a6d3-4127-b677-ba77b6c8a675
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Sun, 28 May 2023 00:06:01 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

Location: https://usersync.gumgum.com/usersync?b=vnt&i=b18dea77-a6d3-4127-b677-ba77b6c8a675
Date: Sun, 28 May 2023 00:06:01 GMT
Connection: keep-alive
X-CI-RTID: 0521c853-1684-415f-baff-68ac9a498267
Content-Length: 108
Content-Type: text/html; charset=utf-8

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 186F
Redirect Chain

https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
https://usersync.gumgum.com/usersync?b=snc&i=GDPR

35 B
250 B

35ms
34ms

Image
image/gif

34.247.205.196
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=snc&i=GDPR
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Sun, 28 May 2023 00:06:01 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

date: Sun, 28 May 2023 00:06:01 GMT
via: 1.1 varnish
server: nginx
age: 0
access-control-allow-methods: POST,GET,HEAD,OPTIONS
x-varnish: 794626875
location: https://usersync.gumgum.com/usersync?b=snc&i=GDPR
access-control-allow-origin: https://g2.gumgum.com/
access-control-allow-credentials: true
content-length: 0

GET
H2 200 142
match.deepintent.com/usersync/ Frame 186F 0
44 B 305ms
94ms Image
text/plain 169.197.150.8
DEEPINTENT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 169.197.150.8 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS: g.deepintent.com
Software: b /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 00:06:00 GMT
content-length: 0
server: b

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 186F
Redirect Chain

https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
https://usersync.gumgum.com/usersync?b=idi&i=ec5c77f9-dc7d-48ef-a716-f8faa0f01c90

35 B
250 B

93ms
32ms

Image
image/gif

34.247.205.196
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=idi&i=ec5c77f9-dc7d-48ef-a716-f8faa0f01c90
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Sun, 28 May 2023 00:06:01 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

location: https://usersync.gumgum.com/usersync?b=idi&i=ec5c77f9-dc7d-48ef-a716-f8faa0f01c90
access-control-allow-origin: *
date: Sun, 28 May 2023 00:06:00 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 186F
Redirect Chain

https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
https://usersync.gumgum.com/usersync?b=sad&i=4049060541653575330

35 B
250 B

101ms
28ms

Image
image/gif

34.247.205.196
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=sad&i=4049060541653575330
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Sun, 28 May 2023 00:06:01 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

location: https://usersync.gumgum.com/usersync?b=sad&i=4049060541653575330
date: Sun, 28 May 2023 00:06:00 GMT
content-length: 0

GET
H2 200 sync
ads.servenobid.com/ Frame 186F 0
357 B 45ms
29ms Image
image/avif 63.33.85.96
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=309&uid=e_307050ea-315e-41b2-8ee1-3a31bc5ad775
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.33.85.96 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-33-85-96.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 00:06:00 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

GET
H/1.1 400
Bad Request user-sync Show response
sync.adkernel.com/ Frame 9999 22 B
192 B 66ms
14ms Document
text/plain 77.245.57.72
WEBAIR-INTERNET-MTL

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adkernel.com/user-sync?zone=181093&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dmdp%26i%3D%5BUID%5D&gdpr=0&gdpr_consent=&ccpa=1---
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software: nginx /
Resource Hash: 4ca18c247df52dd22650bd7f72f71d7c98102243b0ec474f683c6a279ad3a668

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Age: 0
Cache-Control: no-store
Connection: close
Content-Length: 22
Date: Sun, 28 May 2023 00:06:00 GMT
Pragma: no-cache
Server: nginx

GET e9d4ff858b5e32317e843f5ed11b2659.gif
cs.iqzone.com/ Frame D1C9 0
0

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 2A87 16 KB
6 KB 17ms
6ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=94680
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Sun, 28 May 2023 00:06:00 GMT
expires: Mon, 29 May 2023 02:24:00 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 generic Show response
match.adsrvr.org/track/cmf/ Frame 1771 70 B
264 B 42ms
32ms Document
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-length: 70
content-type: image/gif
date: Sun, 28 May 2023 00:06:00 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame EE61
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
https://usersync.gumgum.com/usersync?b=mmh&i=e7026472-9ae5-4401-9cbe-7a98e6149dc1&gdpr=0&gdpr_consent=

35 B
250 B

76ms
29ms

Document
image/gif

34.247.205.196
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=mmh&i=e7026472-9ae5-4401-9cbe-7a98e6149dc1&gdpr=0&gdpr_consent=
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Sun, 28 May 2023 00:06:00 GMT
Expires: 0
Pragma: no-cache

Redirect headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Content-Type: image/gif
Date: Sun, 28 May 2023 00:06:00 GMT
Expires: Sun, 28 May 2023 00:05:59 GMT
Keep-Alive: timeout=360
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: MT3 851 9bd98ae master zrh-pixel-x31 config_version:"unknown"
location: https://usersync.gumgum.com/usersync?b=mmh&i=e7026472-9ae5-4401-9cbe-7a98e6149dc1&gdpr=0&gdpr_consent=

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame 10E8
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=ZHKa6AANZFcxZQBa
https://usersync.gumgum.com/usersync?b=atm&i=ZHKa6AANZFcxZQBa&gdpr=0&gdpr_consent=&_test=ZHKa6AANZFcxZQBa

35 B
250 B

28ms
28ms

Document
image/gif

34.247.205.196
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=atm&i=ZHKa6AANZFcxZQBa&gdpr=0&gdpr_consent=&_test=ZHKa6AANZFcxZQBa
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Sun, 28 May 2023 00:06:01 GMT
Expires: 0
Pragma: no-cache

Redirect headers

accept-ranges: bytes
cache-control: no-cache
content-length: 0
date: Sun, 28 May 2023 00:06:01 GMT
location: https://usersync.gumgum.com/usersync?b=atm&i=ZHKa6AANZFcxZQBa&gdpr=0&gdpr_consent=&_test=ZHKa6AANZFcxZQBa
pragma: no-cache
retry-after: 0
server: Varnish
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 0
x-served-by: cache-fra-eddf8230135-FRA
x-timer: S1685232361.039667,VS0,VE0

GET
H3 200 pixel Show response
cm.g.doubleclick.net/ Frame 0A5D 170 B
188 B 50ms
46ms Document
image/png 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV8zMDcwNTBlYS0zMTVlLTQxYjItOGVlMS0zYTMxYmM1YWQ3NzU=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv

Requested by

Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 170
content-type: image/png
cross-origin-resource-policy: cross-origin
date: Sun, 28 May 2023 00:06:00 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: HTTP server (unknown)
x-xss-protection: 0

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame F420
Redirect Chain

https://tg.socdm.com/aux/idsync?proto=gumgum
https://usersync.gumgum.com/usersync?b=sus&i=ZHKa6cCo5ssAAKe8xJAAAAAA

35 B
250 B

33ms
33ms

Document
image/gif

34.247.205.196
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=sus&i=ZHKa6cCo5ssAAKe8xJAAAAAA
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Sun, 28 May 2023 00:06:01 GMT
Expires: 0
Pragma: no-cache

Redirect headers

Cache-Control: private
Connection: keep-alive
Content-Length: 0
Date: Sun, 28 May 2023 00:06:01 GMT
Location: https://usersync.gumgum.com/usersync?b=sus&i=ZHKa6cCo5ssAAKe8xJAAAAAA
P3P: CP="See also http://www.scaleout.jp/privacy/"
Server: nginx
X-SO-Ads-Time: 41
X-SO-Cluster-ID: 0
X-SO-HostName: m-ad34.dc4p.scaleout.jp
X-SO-IP: 185.213.155.141
X-SO-Key: ZHKa6cCo5ssAAKe8xJAAAAAA
X-SO-LB-Data: {"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":true,"ipv4":"0.0.0.0","key":"ZHKa6cCo5ssAAKe8xJAAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"m-ad34"}
X-SO-LB-Hostname: a-tgng40007.dc2p.scaleout.jp
X-SO-Upstream-ID: m-ad34

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame 3A22
Redirect Chain

https://cs.admanmedia.com/sync/gumgum?puid=e_307050ea-315e-41b2-8ee1-3a31bc5ad775&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=0&gdpr_consent=&ccpa=1---
https://usersync.gumgum.com/usersync?b=aad&i=61dcd3de-6347-42c6-96f2-db0d0787e501

35 B
250 B

35ms
35ms

Document
image/gif

34.247.205.196
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=aad&i=61dcd3de-6347-42c6-96f2-db0d0787e501
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Sun, 28 May 2023 00:06:01 GMT
Expires: 0
Pragma: no-cache

Redirect headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Date: Sun, 28 May 2023 00:06:01 GMT
Expires: 0
Location: https://usersync.gumgum.com/usersync?b=aad&i=61dcd3de-6347-42c6-96f2-db0d0787e501
Pragma: no-cache
Server: nginx
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Transfer-Encoding: chunked
X-Frame-Options: DENY

GET
H/1.1 200
OK usermatchredir Show response
ssum-sec.casalemedia.com/ Frame FD73 43 B
632 B 11ms
7ms Document
image/gif 185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache
Connection: Keep-Alive
Content-Length: 43
Content-Type: image/gif
Date: Sun, 28 May 2023 00:06:00 GMT
Expires: 0
Keep-Alive: timeout=1, max=498
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma: no-cache
Server: Apache

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame B612
Redirect Chain

https://creativecdn.com/cm-notify?pi=gumgum
https://creativecdn.com/cm-notify?pi=gumgum&tc=1
https://usersync.gumgum.com/usersync?b=rth&i=zWmv2AMEIKjLEuWMpWa2&pi=gumgum&tc=1

35 B
250 B

41ms
32ms

Document
image/gif

34.247.205.196
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=rth&i=zWmv2AMEIKjLEuWMpWa2&pi=gumgum&tc=1
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Sun, 28 May 2023 00:06:01 GMT
Expires: 0
Pragma: no-cache

Redirect headers

cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
date: Sun, 28 May 2023 00:06:00 GMT Sun, 28 May 2023 00:06:00 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://usersync.gumgum.com/usersync?b=rth&i=zWmv2AMEIKjLEuWMpWa2&pi=gumgum&tc=1
pragma: no-cache

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 3D09
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
https://eus.rubiconproject.com/usync.html?p=gumgum

281 B
554 B

15ms
7ms

Document
text/html

23.56.202.187
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.56.202.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-56-202-187.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sun, 28 May 2023 00:06:00 GMT
ETag: "40010-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Sun, 28 May 2023 00:06:00 GMT
location: https://eus.rubiconproject.com/usync.html?p=gumgum
server: AkamaiGHost

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame BB30
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:e7026472-9ae5-4401-9cbe-7a98e6149dc1&gdpr=0&gdpr_consent=

42 B
402 B

19ms
17ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:e7026472-9ae5-4401-9cbe-7a98e6149dc1&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sun, 28 May 2023 00:06:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Content-Type: image/gif
Date: Sun, 28 May 2023 00:06:00 GMT
Expires: Sun, 28 May 2023 00:05:59 GMT
Keep-Alive: timeout=360
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: MT3 851 9bd98ae master zrh-pixel-x31 config_version:"unknown"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:e7026472-9ae5-4401-9cbe-7a98e6149dc1&gdpr=0&gdpr_consent=

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame B9E1
Redirect Chain

https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5141210825224141390

42 B
423 B

63ms
15ms

Document
image/gif

185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5141210825224141390
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sun, 28 May 2023 00:06:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Content-Length: 0
Date: Sun, 28 May 2023 00:06:00 GMT
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5141210825224141390
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server: Jetty(9.4.51.v20230217)

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 57DB
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=

42 B
95 B

16ms
15ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sun, 28 May 2023 00:06:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

cache-control: no-cache
content-length: 0
cross-origin-resource-policy: cross-origin
date: Sun, 28 May 2023 00:06:00 GMT
expires: Sun, 28 May 2023 00:00:00 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 712599
strict-transport-security: max-age=31536000; preload;
x-errorlevel: 0

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame E2AE
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2203260035567559171

42 B
274 B

16ms
16ms

Document
image/gif

185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2203260035567559171
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sun, 28 May 2023 00:06:01 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

content-length: 0
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2203260035567559171
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H/1.1 200
OK dcm Show response
aax-eu.amazon-adsystem.com/s/ Frame 3F7C 43 B
855 B 120ms
105ms Document
image/gif 67.220.226.233
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=53544C99-45ED-49E4-A1E4-0671C2D599C3&redir=true&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

67.220.226.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Sun, 28 May 2023 00:06:01 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: T2RHBV9APEWV5ECJADGT

GET
H2 200 sync Show response
ads.servenobid.com/ Frame 7A22 0
357 B 41ms
27ms Document
text/html 63.33.85.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.servenobid.com/sync?pid=316&uid=53544C99-45ED-49E4-A1E4-0671C2D599C3
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.33.85.96 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-33-85-96.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
amp-access-control-allow-source-origin: *
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-length: 0
content-type: text/html;charset=ISO-8859-1
date: Sun, 28 May 2023 00:06:00 GMT

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 20F8
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=U1RMmUXtSeSh5AZxwtWZww%3D%3D&gdpr=0&gdpr_consent=
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

16 KB
16 KB

7ms
6ms

Image
text/html

23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol: H2
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 00:06:00 GMT
content-encoding: gzip
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
server: Apache
vary: Accept-Encoding
content-type: text/html
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=94680
accept-ranges: bytes
content-length: 5554
expires: Mon, 29 May 2023 02:24:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 28 May 2023 00:06:00 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 404 qmap
sync.crwdcntrl.net/ Frame 20F8 49 B
264 B 52ms
26ms Image
image/gif 34.248.75.195
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=53544C99-45ED-49E4-A1E4-0671C2D599C3&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.248.75.195 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-248-75-195.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 May 2023 00:06:00 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.1.49
content-length: 49
expires: 0

GET
H2

204

ids
idsync.frontend.weborama.fr/ Frame 20F8
Redirect Chain

https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=3003143263
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=53544C99-45ED-49E4-A1E4-0671C2D599C3

0
284 B

57ms
20ms

Image
text/plain

34.111.131.239
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=53544C99-45ED-49E4-A1E4-0671C2D599C3
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol: H2
Server: 34.111.131.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 239.131.111.34.bc.googleusercontent.com
Software: Weborama Collect Frontend /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 May 2023 00:06:00 GMT
via: 1.1 google
last-modified: Sun, 28 May 2023 00:06:01 GMT
server: Weborama Collect Frontend
vary: Origin
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location: https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=53544C99-45ED-49E4-A1E4-0671C2D599C3
date: Sun, 28 May 2023 00:06:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2

200

p
a.audrte.com/ Frame 20F8
Redirect Chain

https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=53544C99-45ED-49E4-A1E4-0671C2D599C3
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=MDFmSFRVcDFOTzZST0s1R21kRUN3d2Y3Zw==&google_redir=http%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cDovL2EuYXVkcnRlLmNvbTo4MC9wIi...
https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cDovL2EuYXVkcnRlLmNvbTo4MC9wIiwiZCI6W3sibmFtZSI6ImFkZm9ybSJ9XX0%3D&gdpr=0&gdpr_consent=
https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cDovL2EuYXVkcnRlLmNvbTo4MC9wIiwiZCI6W119&gdpr=0&gdpr_consent=
https://a.audrte.com/a?adform_uid=2307736630812145290&r=eyJ1IjoiaHR0cDovL2EuYXVkcnRlLmNvbTo4MC9wIiwiZCI6W119
https://a.audrte.com/p

68 B
463 B

99ms
99ms

Image
image/png

18.66.97.115
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.audrte.com/p
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol: H2
Server: 18.66.97.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-115.fra56.r.cloudfront.net
Software: nginx/1.18.0 /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 00:06:01 GMT
via: 1.1 3a3c1dcacd115187f53f40028ae4bd24.cloudfront.net (CloudFront)
server: nginx/1.18.0
x-amz-cf-pop: FRA56-P2
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
x-cache: Miss from cloudfront
access-control-allow-credentials: true
content-length: 68
x-amz-cf-id: uVwkXhh848NkZVFNexSQvP29laftGlU9eMqqouG2JBQpSON445cKXA==

Redirect headers

date: Sun, 28 May 2023 00:06:01 GMT
via: 1.1 3a3c1dcacd115187f53f40028ae4bd24.cloudfront.net (CloudFront)
server: nginx/1.18.0
x-amz-cf-pop: FRA56-P2
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST, GET, OPTIONS
x-cache: Miss from cloudfront
location: http://a.audrte.com:80/p
access-control-allow-origin: *
access-control-allow-credentials: true
content-length: 0
x-amz-cf-id: QFqKyrdrd-u6H4GmrstskisEBS5I6Xat3x239b4zLgkYijAF_EY2Vg==

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 20F8
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NTM1NDRDOTktNDVFRC00OUU0LUExRTQtMDY3MUMyRDU5OUMz&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
95 B

19ms
18ms

Image
image/gif

185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol: H2
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Sun, 28 May 2023 00:06:00 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sun, 28 May 2023 00:06:00 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 20F8
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPbZTpSD-E-99I9HfeY4Fzg&google_cver=1

42 B
299 B

17ms
17ms

Image
image/gif

185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPbZTpSD-E-99I9HfeY4Fzg&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol: H2
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Sun, 28 May 2023 00:06:00 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sun, 28 May 2023 00:06:00 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPbZTpSD-E-99I9HfeY4Fzg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame 20F8 43 B
611 B 79ms
17ms Image
image/gif 35.204.74.118
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

118.74.204.35.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 00:06:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Sat, 27 May 2023 00:06:00 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 20F8
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=2307736630812145290

42 B
321 B

16ms
16ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=2307736630812145290
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Sun, 28 May 2023 00:06:01 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sun, 28 May 2023 00:06:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=2307736630812145290
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 20F8 70 B
264 B 47ms
31ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 28 May 2023 00:06:00 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 3D09 34 KB
10 KB 95ms
95ms Script
text/html 23.56.202.187
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.56.202.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-56-202-187.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 056697ed15e390bb5d6013a6bae699c5cbe364bf06b2c957c8c7d3c8d84b8355

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sun, 28 May 2023 00:06:01 GMT
Content-Encoding: gzip
Last-Modified: Sat, 27 May 2023 11:40:38 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=41696
Connection: keep-alive
Content-Length: 10084
Expires: Sun, 28 May 2023 11:40:57 GMT

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame 3D09 0
239 B 7ms
7ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LI6NU16A-25-XAT
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: e06182bf224d96e6550f4595601cdb0b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 11D5 0
863 B 14ms
14ms Script
text/html 185.89.210.122
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 May 2023 00:06:01 GMT
AN-X-Request-Uuid: ad0f6666-a7d7-447f-b517-cf5c411cfd98
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.141; 185.213.155.141; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame 20F8 0
260 B 78ms
15ms Script
text/plain 198.47.127.20

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=162412&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.20 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 00:06:01 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cs.iqzone.com
URL: https://cs.iqzone.com/e9d4ff858b5e32317e843f5ed11b2659.gif?puid=e_307050ea-315e-41b2-8ee1-3a31bc5ad775&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diqz

Verdicts & Comments Add Verdict or Comment

178 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

128 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.rubiconproject.com/	1970-01-20 20:52:48	Name: khaos Value: LI6NU16A-25-XAT
.rubiconproject.com/	1970-01-20 20:52:48	Name: audit Value: 1\|naVuGyos1qre2xLJkbPjBz5APvdogVCbaTd6KyMQnau+SmvwaNDOnvec9EybTg3Atjr9BQ320rs+/UJ4kF6/1In0kEOGVL/NTCnSCuDd+RA=
.adnxs.com/	1970-01-20 14:16:48	Name: icu Value: ChgIvahBEAoYASABKAEw5bXKowY4AUABSAEQ5bXKowYYAA..
.adnxs.com/	1970-01-20 14:16:48	Name: uuid2 Value: 5406120377368137467
.criteo.com/	1970-01-20 21:28:48	Name: uid Value: f1730c37-afa8-4c3a-a7b0-59d45cd810c5
.wheregoes.com/	1970-01-20 21:28:48	Name: __gads Value: ID=0acf0a1d7a5a231e:T=1685232357:RT=1685232357:S=ALNI_MaljO4r4Aoeg5y_3g9ADDcB6cNCIw
.wheregoes.com/	1970-01-20 21:28:48	Name: __gpi Value: UID=00000c28e8667370:T=1685232357:RT=1685232357:S=ALNI_MZWJuj5fMmBpfd1MyZpbClj7WIxKQ
.mathtag.com/	1970-01-20 20:52:48	Name: uuid Value: e7026472-9ae5-4401-9cbe-7a98e6149dc1
.redintelligence.net/	1970-01-20 14:16:48	Name: 8lcfmzhxc8d6_uid Value: c069c174d43c6b87
.doubleclick.net/	1970-01-20 21:28:48	Name: IDE Value: AHWqTUnb-qbx07950nRUmhvQAfWsyAwvvQreSH2unNLLmLdDFrc66wU5dI3fD4KVshI
.adnxs.com/	1970-01-20 14:16:48	Name: anj Value: dTM7k!M4/rCxrEQF']wIg2E?ctu#O!!]tbPl@/D!9hy6]/CwiOj4k9%7l!2?dXT%d2dQn!@F!)$[`SociU(Qv7%3`o4[QV%C2]Hj?nF@WbpRzqF1`*bbK@+]'2%
.bidswitch.net/	1970-01-20 20:52:48	Name: tuuid Value: 7a9a65ad-ae90-414e-9142-8941316d6ef1
.bidswitch.net/	1970-01-20 20:52:48	Name: c Value: 1685232358
.bidswitch.net/	1970-01-20 20:52:48	Name: tuuid_lu Value: 1685232358
.tradedoubler.com/	1970-01-20 20:52:48	Name: PI Value: 1z11z1z11HzA4wVbz7ab3y1y21FmOy1FRDyyy7WPTyvUky2L4S3IyyE._%7ajr%79%7aP%797k5W7vJm%79OJHn3%79f1aD0XIHX%79pt8BGQTd6Eh5SqhQWk8By
.tradedoubler.com/	1970-01-20 20:52:48	Name: UI Value: 1z11zz11HzoCaOUztbDyOuP5
.id5-sync.com/	1970-01-20 12:07:12	Name: cf Value:
.id5-sync.com/	1970-01-20 12:07:12	Name: cip Value:
.id5-sync.com/	1970-01-20 12:07:12	Name: cnac Value:
.id5-sync.com/	1970-01-20 12:07:12	Name: car Value:
.id5-sync.com/	1970-01-20 12:07:12	Name: gdpr Value:
.id5-sync.com/	1970-01-20 12:07:12	Name: callback Value:
.yahoo.com/	1970-01-20 20:53:09	Name: A3 Value: d=AQABBOaacmQCEDAJRfqK0-pt74_qK0zSDlkFEgEBAQHsc2R8ZAAAAAAA_eMAAA&S=AQAAAsj3QoiVVIWizNq15yvlzaU
.casalemedia.com/	1970-01-20 20:52:48	Name: CMID Value: ZHKa5tzRYLZfjMtOWmTNwAAA
.casalemedia.com/	1970-01-20 14:16:48	Name: CMPS Value: 3286
.casalemedia.com/	1970-01-20 14:16:48	Name: CMPRO Value: 3286
.awin1.com/	1970-01-20 12:17:17	Name: awpv14098 Value: 296283\|1685232358\|6c4eefa0-fceb-11ed-89a2-223974343f8d
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 429086:2519595
.linkedin.com/	1970-01-20 20:52:48	Name: bcookie Value: "v=2&1634d485-ee73-41f0-864c-3fd3f2456fc4"
.linkedin.com/	1970-01-20 16:26:24	Name: li_gc Value: MTswOzE2ODUyMzIzNTg7MjswMjGcpWvvsz/UtNYr5yxegletywLYL5sdKv6mGz5EOLph3g==
.linkedin.com/	1970-01-20 12:08:38	Name: lidc Value: "b=VGST02:s=V:r=V:a=V:p=V:g=2914:u=1:x=1:i=1685232358:t=1685318758:v=2:sig=AQEjXAco2WwoDcly7zW8LYnYZxSvi-s_"
exchange.mediavine.com/	1970-01-20 12:27:21	Name: mv_tokens Value: %7B%22mv_uuid%22%3A%226c55f480-fceb-11ed-a8dd-8d1458966243%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 12:27:21	Name: mv_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%226c55f480-fceb-11ed-a8dd-8d1458966243%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 12:27:21	Name: am_tokens Value: %7B%22mv_uuid%22%3A%226c55f480-fceb-11ed-a8dd-8d1458966243%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 12:27:21	Name: am_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%226c55f480-fceb-11ed-a8dd-8d1458966243%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 12:27:21	Name: criteo Value: %7B%22id%22%3A%22k-WNYZkQfyAxJKbFc1RE-gSZrbp9Di2a4veYORsw%22%2C%22version%22%3A%22criteo%22%7D
ads.smartstream.tv/	1970-01-20 20:52:48	Name: DID Value: 37b5d98dbf86cd0dbc521231bccf8460
ads.smartstream.tv/	1970-01-20 20:52:48	Name: idt Value: 100
ads.smartstream.tv/	1970-01-20 20:52:48	Name: permanent Value: 1
.demdex.net/	1970-01-20 16:26:24	Name: demdex Value: 09727902380578739743205425724324808878
.360yield.com/	1970-01-20 14:16:48	Name: tuuid Value: ec5c77f9-dc7d-48ef-a716-f8faa0f01c90
.360yield.com/	1970-01-20 14:16:48	Name: tuuid_lu Value: 1685232358
.pubmatic.com/	1970-01-20 12:50:24	Name: KRTBCOOKIE_97 Value: 3385-uid:k-W25k2AfyAxJKbFc1RE-gSZrbp9BO-ll76F2JLQ&KRTB&23144-uid:k-W25k2AfyAxJKbFc1RE-gSZrbp9BO-ll76F2JLQ&KRTB&23286-uid:k-W25k2AfyAxJKbFc1RE-gSZrbp9BO-ll76F2JLQ&KRTB&23287-uid:k-W25k2AfyAxJKbFc1RE-gSZrbp9BO-ll76F2JLQ
.sxp.smartclip.net/	1970-01-20 12:50:24	Name: uuid Value: da8e4453-e69a-7264-724c-518af7c5dcde
cm.adsafety.net/	1970-01-20 20:52:48	Name: UID Value: CM120230528007a229f6d05e3ebca3ed
.adsafety.net/	1970-01-20 20:52:48	Name: cm_uid Value: CM120230528007a229f6d05e3ebca3ed
cm.adsafety.net/	1970-01-20 20:52:48	Name: cache0 Value: L2UzeGVJMkNTL0pzMlRFUXR5b1cvZzY3UldZclBuVklORDMxeWpQZkZzRjBCZkJUVE8zcjhyMmZMbEx4ZFVrOUsrSDhaamhtSGlYMFpPeUx6SU5zN0kreUtMeTRjandSQzZtSzlVNklyUGkydUUxTnJLdUJXSjZTVzNMVytGRWRLNHpmR2VJdVcvYStrZzRmUUpBRytnaERUdy9oOGJhaVNSNGpXU2JuU0JVSmkwSmVXSlYybFZVV0NZN0o0K2hQeVVjMjd1bWQwcTB0SXhUcTZ2T0dackw5YjdRYnFoMElRcUJRdHBjOWJ4blR4RXkxK29Ma1VNWG0zS0E5MFQ2dENaSDNVSzBDakZsVnJoM1pvdHlxNUhkNEpiUExSL0doVWtiTEs2d3NPN2JFRHBKMXgyVG15bDlOM2d0cGdpbmluVExUcmZiU1kvMTcxcFBjRkFXTWNRPT0%3D
.dpm.demdex.net/	1970-01-20 16:26:24	Name: dpm Value: 09727902380578739743205425724324808878
.360yield.com/	1970-01-20 14:16:48	Name: um Value: !38,BMVp9qzZ5DhliB.TzUP53nJ0F7BtHSqENNAODbVMLbBM46kSPJF9zAyexouiobSFjsFD7b5P,1693008358
.360yield.com/	1970-01-20 14:16:48	Name: umeh Value: !38,0,1747440358,-1
.sxp.smartclip.net/	1970-01-20 12:50:24	Name: dspuuid Value: 10.CAESEMUssBwJyInKUuD7ZSjswvI
.sxp.smartclip.net/	1970-01-20 12:50:24	Name: psyn Value: 19505.10
.amazon-adsystem.com/	1970-01-20 21:43:12	Name: ad-privacy Value: 0
.krxd.net/	1970-01-20 16:26:24	Name: _kuid_ Value: PlJPIcDp
.office-partner.de/	1970-01-20 21:43:12	Name: source Value: {"webgains_webgains":{"timestamp":1685232358631,"clickCookie":false}}
.tremorhub.com/	1970-01-20 20:53:09	Name: tvid Value: e05ca4e892d1411897991a24dad34abf
.tremorhub.com/	1970-01-20 12:50:24	Name: tv_UICR Value: k-4fK3vwfyAxJKbFc1RE-gSZrbp9Cv2f2CL2E6_g
.amazon-adsystem.com/	1970-01-20 17:21:07	Name: ad-id Value: A4e88StAbEMBn4jwTpAEfwo
.wheregoes.com/	1970-01-20 21:28:48	Name: cto_bundle Value: No680F9scEZ2JTJCJTJGTU4zNVdybTZNZWRubXlKVEVMOFp1RyUyQmJHcDJ0QmdhVm12bmFoQlhXZlpBQnFkM2lOUkUzJTJCczZONURGJTJCQ0haQ1lTZVNpUjg1TWNhVmM0Y0FwZnBGQm91bWZPelJIV2dwMHhmNlNXS2tMJTJGVEoyZVhwTFlLbXd1RlJYaWdwNmhydlVJdnpVMUclMkJJVHFPdE95USUzRCUzRA
match.sharethrough.com/	1970-01-20 12:17:17	Name: AWSALBCORS Value: etn9SHOAUrKAdtiZN0moiD1RIzT7rBi/CqMtBIUOBlN4qImbkDSfINwPQlgOoUhkw9Xi7NYdra/Z0OgUVjz6wn084jlMmbf58hJFw+SZQij5p6KYy9poSu4lS9oW
.analytics.yahoo.com/	1970-01-20 20:52:48	Name: IDSYNC Value: "18zh~2bw0:198o~2bw0"
.ads.pubmatic.com/	1970-01-20 12:08:38	Name: KCCH Value: YES
.servenobid.com/	1970-01-20 12:17:17	Name: pid_337 Value: y-vTmGZ5pE2uEpmmG1o0mGKs4Fic_OrrDmvN5MaMM-~A
.servenobid.com/	1970-01-20 12:17:17	Name: pid_339 Value: y-vTmGZ5pE2uEpmmG1o0mGKs4Fic_OrrDmvN5MaMM-~A
.servenobid.com/	1970-01-20 12:17:17	Name: pid_312 Value: 5406120377368137467
.lijit.com/	1970-01-20 20:52:48	Name: ljt_reader Value: Gt9mrRZHp55ytvBjTP2xY7Cm
.media.net/	1970-01-20 20:52:48	Name: data-pbs Value: setstatuscode~~1
.lijit.com/	1970-01-20 20:52:48	Name: _ljtrtb_273657 Value: 273657
.servenobid.com/	1970-01-20 12:17:17	Name: pid_333 Value: ZHKa5tzRYLZfjMtOWmTNwAAADNYAAAAB
.smartadserver.com/	1970-01-20 21:37:26	Name: pid Value: 4049060541653575330
.gumgum.com/	1970-01-20 20:52:48	Name: vst Value: e_307050ea-315e-41b2-8ee1-3a31bc5ad775
.servenobid.com/	1970-01-20 12:17:17	Name: pid_353 Value: 0000EEA
.servenobid.com/	1970-01-20 12:17:17	Name: pid_310 Value: Gt9mrRZHp55ytvBjTP2xY7Cm
.rfihub.com/	1970-01-20 21:28:48	Name: rud Value: H4sIAAAAAAAA_-MSNjU0MTQyNLAwMjUyMgGyjS0NhPgMdd0NTDJdI7NzqyJ9sgGmrc3eJQAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNjU0MTQyNLAwMjUyMgGyjS0NhPgMdd0NTDJdI7NzqyJ9sgGmrc3eJQAAAA
.pubmatic.com/	1970-01-20 20:52:48	Name: KADUSERCOOKIE Value: 53544C99-45ED-49E4-A1E4-0671C2D599C3
.pubmatic.com/	1970-01-20 14:16:48	Name: chkChromeAb67Sec Value: 1
.pubmatic.com/	1970-01-20 12:08:38	Name: pi Value: 162412:2
.pubmatic.com/	1970-01-20 14:16:48	Name: DPSync3 Value: 1686441600%3A201_245_241_235
.pubmatic.com/	1970-01-20 14:16:48	Name: SyncRTB3 Value: 1686441600%3A220_21_56_54_46_161_13_7_251%7C1686528000%3A35
.servenobid.com/	1970-01-20 12:17:17	Name: pid_317 Value: 4049060541653575330
.servenobid.com/	1970-01-20 12:17:17	Name: pid_324 Value: 5134455419384659236
.quantserve.com/	1970-01-20 14:16:48	Name: d Value: EEoBDQGMKYir0QA
.quantserve.com/	1970-01-20 21:37:26	Name: mc Value: 64729ae8-dc153-bb9ce-51f11
.turn.com/	1970-01-20 16:26:24	Name: uid Value: 8652146884359079182
.servenobid.com/	1970-01-20 12:17:17	Name: pid_309 Value: e_307050ea-315e-41b2-8ee1-3a31bc5ad775
.rfihub.com/	1970-01-20 21:28:48	Name: eud Value: H4sIAAAAAAAA_9vEyGtoZmFqZGxkbGZgaWTxC5lvYWYJADmWctEgAAAA
.1rx.io/	1970-01-20 20:52:48	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-381267b1-276a-4dca-8eb3-7ab83a4ca641-003%22%7D
.openx.net/	1970-01-20 20:52:48	Name: i Value: 6510866c-8fe3-40b5-a482-9c4dab10a63d\|1685232360
.pubmatic.com/	1970-01-20 14:16:48	Name: KRTBCOOKIE_27 Value: 16735-uid:e7026472-9ae5-4401-9cbe-7a98e6149dc1&KRTB&16736-uid:e7026472-9ae5-4401-9cbe-7a98e6149dc1&KRTB&23019-uid:e7026472-9ae5-4401-9cbe-7a98e6149dc1&KRTB&23114-uid:e7026472-9ae5-4401-9cbe-7a98e6149dc1
.creativecdn.com/	1970-01-20 20:52:48	Name: u Value: zWmv2AMEIKjLEuWMpWa2
.creativecdn.com/	1970-01-20 20:52:48	Name: ts Value: 1685232360
.servenobid.com/	1970-01-20 12:17:17	Name: pid_316 Value: 53544C99-45ED-49E4-A1E4-0671C2D599C3
.nrich.ai/	1970-01-20 21:43:12	Name: _nauid Value: e1e5e2d3-6a69-46dc-b7fa-23a73277d789
.outbrain.com/	1970-01-20 14:16:48	Name: obuid Value: f287c8b6-ffd1-4e96-8a5d-44951241f809
.weborama.fr/	1970-01-20 21:33:07	Name: AFFICHE_W Value: FxLQ0OH0XIcX33
.pubmatic.com/	1970-01-20 14:16:48	Name: KRTBCOOKIE_18 Value: 22947-5141210825224141390
.simpli.fi/	1970-01-20 20:54:14	Name: suid Value: 37E8DC0F32344D38A7FF06336B6845B2
.pubmatic.com/	1970-01-20 14:16:48	Name: KRTBCOOKIE_80 Value: 16514-CAESEPbZTpSD-E-99I9HfeY4Fzg&KRTB&22987-CAESEPbZTpSD-E-99I9HfeY4Fzg&KRTB&23025-CAESEPbZTpSD-E-99I9HfeY4Fzg&KRTB&23386-CAESEPbZTpSD-E-99I9HfeY4Fzg
.targeting.unrulymedia.com/	1970-01-20 20:52:48	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-381267b1-276a-4dca-8eb3-7ab83a4ca641-003%22%7D
.de17a.com/	1970-01-20 20:45:36	Name: guid Value: 1.2203260035567559171
.adform.net/	1970-01-20 12:51:50	Name: C Value: 1
.everesttech.net/	1970-01-20 20:52:48	Name: everest_g_v2 Value: g_surferid~ZHKa6AANZFcxZQBa
.audrte.com/	1970-01-20 12:28:48	Name: arcki2 Value: 01fHTUp1NO6ROK5GmdECwwf7g!20220908!1685232360992!ip#185.213.155.141
.audrte.com/	1970-01-20 12:28:48	Name: arcki2_pubmatic Value: 53544C99-45ED-49E4-A1E4-0671C2D599C3!20220908!1685232360996
.servenobid.com/	1970-01-20 12:17:17	Name: pid_321 Value: RX-381267b1-276a-4dca-8eb3-7ab83a4ca641-003
.adform.net/	1970-01-20 13:33:36	Name: uid Value: 2307736630812145290
.pubmatic.com/	1970-01-20 12:50:24	Name: KRTBCOOKIE_336 Value: 5844-2203260035567559171
.pubmatic.com/	1970-01-20 12:50:24	Name: PugT Value: 1685232361
.pubmatic.com/	1970-01-20 12:50:24	Name: KRTBCOOKIE_391 Value: 22924-2307736630812145290&KRTB&23263-2307736630812145290&KRTB&23481-2307736630812145290
.disqus.com/	1970-01-20 20:52:48	Name: zeta-ssp-user-id Value: ua-7b38cc84-a6a0-3b71-9039-70e214cc36c1
.servenobid.com/	1970-01-20 12:17:17	Name: pid_346 Value: ua-7b38cc84-a6a0-3b71-9039-70e214cc36c1
.go.sonobi.com/	1969-12-31 23:59:59	Name: HAPLB8S Value: s85139\|ZHKa7
.admanmedia.com/	1970-01-20 12:27:21	Name: admtr Value: 61dcd3de-6347-42c6-96f2-db0d0787e501
.admanmedia.com/	1970-01-20 12:27:21	Name: ac_r Value: CS71
.technoratimedia.com/	1970-01-20 21:43:12	Name: tads_uid Value: GDPR
.audrte.com/	1970-01-20 12:28:48	Name: arcki2_ddp2 Value: 01fHTUp1NO6ROK5GmdECwwf7g!20220908!1685232361152
.zemanta.com/	1970-01-20 20:52:48	Name: zuid Value: yZQYHMNNKy1XU0Tbly95
sync.srv.stackadapt.com/	1970-01-20 20:52:48	Name: sa-user-id Value: s%3A0-e3e1ac07-27ef-526c-5716-b5256910c2dc.vTsgVkp347FPHK8WjQ%2Fr7SWS3fmO2NGzlPRMhVw42z0
sync.srv.stackadapt.com/	1970-01-20 20:52:48	Name: sa-user-id-v2 Value: s%3A4-GsByfvUmxXFrUlaRDC3LnVm40.r80UlND0T0y%2F%2BngkLk9c3298A3VmB8l8Jq%2FinD6UCos
.srv.stackadapt.com/	1970-01-20 20:52:48	Name: sa-user-id-v2 Value: s%3A4-GsByfvUmxXFrUlaRDC3LnVm40.r80UlND0T0y%2F%2BngkLk9c3298A3VmB8l8Jq%2FinD6UCos
.ipredictive.com/	1970-01-20 20:52:48	Name: cu Value: b18dea77-a6d3-4127-b677-ba77b6c8a675\|1685232361243
.audrte.com/	1970-01-20 12:28:48	Name: arcki2_adform Value: 2307736630812145290!20220908!1685232361280
.smartadserver.com/	1970-01-20 20:54:14	Name: csync Value: 135:TAM_OK\|141:01fHTUp1NO6ROK5GmdECwwf7g
bh.contextweb.com/	1969-12-31 23:59:59	Name: INGRESSCOOKIE Value: 207b7eb91e29795b
.audrte.com/	1970-01-20 12:28:48	Name: arcki2_smart Value: 4049060541653575330!20220908!1685232361397
.bluekai.com/	1970-01-20 16:32:09	Name: bku Value: ikG99mZSzZEkie6u
.bluekai.com/	1970-01-20 16:32:09	Name: bkpa Value: KJhz0X+mQ69D9BYFZKfbTavGnGiokZaQ8QTQxy4Rsa8HDkGqciqT2zSBY2z7jp+tDfLa6pQXwcVBLhHhpkOvFCCjrkBPFphS3ba+rLc8Zvqfu1yM9D39PLSTlmgB5lL+qNm83EIFOmQX+LmTlsGY+mg72kJtOsC527NPNo44j2vsZY48e1p47hEpLXutC1JpyEhqC/ijaNoYGQDSCeoJuddpQlRM9UMVYHRiH8kbnbjiZBgbfyVvTVFmlYi/luJPRcwQaBBRXE9GSJRQplZSDp2UsnkfhxBNeZVDc4z3Y/+RKljQKS8mxwig2IRImnFPwnf5CIbggO4cVvdUwy19B1o5fy==

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	(Line 1) Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
other	warning	URL: https://s0.2mdn.net/sadbundle/4158533142830104492/index.html Message: <link rel=preload> has an invalid `href` value
network	error	URL: https://sync.adkernel.com/user-sync?zone=181093&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dmdp%26i%3D%5BUID%5D&gdpr=0&gdpr_consent=&ccpa=1--- Message: Failed to load resource: the server responded with a status of 400 (Bad Request)
network	error	URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=53544C99-45ED-49E4-A1E4-0671C2D599C3&gdpr=0&gdpr_consent= Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.audrte.com
a.twiago.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.360yield.com
ad.sxp.smartclip.net
ad.turn.com
ad.yieldlab.net
ads.eu.criteo.com
ads.pubmatic.com
ads.servenobid.com
ads.smartstream.tv
adservice.google.com
adservice.google.de
adv.office-partner.de
ams3-ib.adnxs.com
analytics.webgains.io
ap.lijit.com
api.fouanalytics.com
api.webgains.io
b1sync.zemanta.com
b46f4489daff66e06603ea6e52980509.safeframe.googlesyndication.com
bcp.crwdcntrl.net
beacon-ams3.rubiconproject.com
beacon.krxd.net
bh.contextweb.com
bidder.criteo.com
c1.adform.net
c21lg-d.media.net
cat.fr3.eu.criteo.com
cdn.adnxs.com
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cdn.track.production.webgains.team
cdn4.buysellads.net
cdnjs.cloudflare.com
ce.lijit.com
cm.adform.net
cm.adsafety.net
cm.g.doubleclick.net
cms.quantserve.com
contextual.media.net
cr.frontend.weborama.fr
creativecdn.com
criteo-partners.tremorhub.com
criteo-sync.teads.tv
cs-rtb.minutemedia-prebid.com
cs-server-s2s.yellowblue.io
cs.admanmedia.com
cs.iqzone.com
csm.eu.criteo.net
d5p.de17a.com
dis.criteo.com
dmp.adform.net
dpm.demdex.net
dsp.nrich.ai
dsum-sec.casalemedia.com
eb2.3lift.com
eus.rubiconproject.com
exchange.mediavine.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hal9000.redintelligence.net
hal900029.redintelligence.net
hb-api.omnitagjs.com
hbx.media.net
ib.adnxs.com
id5-sync.com
idsync.frontend.weborama.fr
image2.pubmatic.com
image6.pubmatic.com
imageproxy.eu.criteo.net
img.tradedoubler.com
impfr.tradedoubler.com
match.adsrvr.org
match.deepintent.com
match.sharethrough.com
matching.ivitrack.com
mug.criteo.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
pixel-us-east.rubiconproject.com
pixel.mathtag.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
prebid.a-mo.net
prebid.media.net
public.servenobid.com
px.ads.linkedin.com
r.casalemedia.com
rtb-csync.smartadserver.com
s.amazon-adsystem.com
s.thebrighttag.com
s.w.org
s0.2mdn.net
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
srv.buysellads.com
ssbsync.smartadserver.com
ssp.disqus.com
ssum-sec.casalemedia.com
stags.bluekai.com
static.criteo.net
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync-tm.everesttech.net
sync.1rx.io
sync.adkernel.com
sync.crwdcntrl.net
sync.go.sonobi.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
tags.crwdcntrl.net
tags.mathtag.com
tg.socdm.com
token.rubiconproject.com
tpc.googlesyndication.com
track.webgains.com
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
usersync.gumgum.com
visitor.omnitagjs.com
wheregoes.com
widget.fr3.eu.criteo.com
www.awin1.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
cs.iqzone.com
104.111.217.14
104.111.217.42
13.224.189.31
13.248.245.213
13.32.99.30
138.201.64.38
141.226.228.48
141.95.33.111
142.250.184.226
142.250.185.98
147.75.84.158
151.101.2.49
151.139.128.10
167.172.55.208
169.197.150.8
178.250.1.11
178.250.7.11
178.250.7.9
18.130.160.192
18.135.173.74
18.66.147.52
18.66.97.115
185.184.8.90
185.255.84.150
185.255.84.152
185.29.132.242
185.29.132.245
185.64.190.80
185.64.191.210
185.80.39.216
185.86.138.152
185.86.139.93
185.89.210.101
185.89.210.122
185.89.210.90
192.0.77.48
193.0.160.131
193.135.9.125
198.47.127.19
198.47.127.20
2.18.233.201
2.18.235.93
2001:678:cb4:bbbb::11
202.241.208.54
213.155.156.182
213.19.147.45
216.52.2.16
216.52.2.6
217.79.187.69
23.35.228.23
23.35.236.188
23.35.236.201
23.45.237.121
23.56.202.187
23.56.205.163
2600:1f18:612b:4200:92b3:de3:12af:b1c1
2600:9000:223f:3600:1f:4c18:bd40:93a1
2600:9000:2250:e600:a:e047:753:be1
2602:803:c003:200::27
2602:803:c003:200::41
2603:c020:400d:3000:f50:982a:7877:65bd
2606:4700:10::6816:3556
2606:4700:3035::ac43:b70e
2606:4700::6811:180e
2606:4700:e6::ac40:c626
2620:116:800d:21:de2e:c7b3:55c0:d5a0
2620:1ec:21::14
2a00:1450:4001:806::2002
2a00:1450:4001:806::2008
2a00:1450:4001:80b::2006
2a00:1450:4001:80b::200a
2a00:1450:4001:80e::2003
2a00:1450:4001:811::2001
2a00:1450:4001:827::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2004
2a00:1450:4001:830::2001
2a02:2638:3::1a
2a02:2638:3::3
2a02:2638:d::13
2a02:2638:d::4
2a02:2638:d::a
2a02:2638:d::d
2a04:4e42::485
2a05:d018:d29:3601:cc5:dc1b:2834:9d22
2a0b:4d07:102::1
3.210.236.185
3.229.221.86
3.33.220.150
3.68.180.113
3.71.149.231
3.74.6.110
34.111.129.221
34.111.131.239
34.117.157.22
34.120.63.153
34.240.89.45
34.241.64.103
34.243.48.125
34.247.205.196
34.248.75.195
34.251.115.24
35.157.25.132
35.186.194.101
35.186.231.97
35.204.74.118
35.244.159.8
37.157.5.132
37.157.6.237
51.68.39.188
51.89.9.252
52.15.58.80
52.202.56.4
52.209.74.61
52.46.151.131
52.7.147.27
63.33.85.96
65.9.66.122
67.220.226.233
69.166.1.10
69.173.144.139
69.173.144.165
69.173.151.100
70.42.32.127
70.42.32.223
74.214.196.131
77.245.57.72
80.77.87.162
85.215.5.31
88.99.219.174
99.86.4.53
00c5621a3f56c052959f8f0591b65e893f132b49b1447fde20767966cacbfbfe
0152ec54bafb1f951d4dc7585aebae598d2235c78d9e81ade8399006f8eb3b9b
01b7b998e99b05601d73ef8ebfb320a8325552ecd5a0a90cc0189a2ed1e14e53
021f0fd27042b279a49e982215c6dc3c3ab84e95b35553a119dfdbd50af6be94
044431b9339043174ed3912016b6747243a1528056bdfe7fca4f5b5f057d91fe
056256f9cc39d668cd3ab7150c876cf203f2978466578fab3680be678a25cfaa
056697ed15e390bb5d6013a6bae699c5cbe364bf06b2c957c8c7d3c8d84b8355
08409d08d8d118c6c6d1c375e079bfce656ac367ff4d1dd9551fff110033c185
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
096ef6644ebed2ac191e5a20c7c5bf31a24d8739912e2142003fdaa469a13aa5
0a2f986297b063640a9411b055f436f995f37af478ae4c70434f32f335623217
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c1ce1aa8e07e9cd49cd881147c0495b5c636dab10ab1c30ceb935b74a8c0ecd
0f91b09ca01c28183f575dceafc26ec1af32be2affb67054a60b3bd309258343
1060091178cbd6c843b802f516f230f1a3a1e85f1afbd6ef84d80e5430ba457e
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1510a77dfa07f5bc82c8c9fe3ca8ec9cfc3824145bc3f911f81907f81bc0ef40
1631266409512c5da7856d313ba096200549201f4826c2bc89a2198b1b524db4
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
19f0fe2f41dbdc3c3b096e94c04e6d0b40ce1c4c84e51677dd00f8174ca97731
19f4129c1cfc1a9fcb2e94b35853f3d2085c0807564e37971d1ccb6ef2a7e852
1a69e1d38e393467eb4d58721bf36ede10f384a11de8daddd46e53fbf9e699cb
1a73f8a0ee18ff1878def45b81b14de934235357ce899fc580f510eae2cefb03
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
22b9fc54e8c82c294b4513f3e007e9bde6ea413a113e1698c173f791e83fba6b
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
269969fb552b8a45fe0deae2e349b06a28d64cfd197f5aa5c88802ae579e563b
26c0852383ebdaa27c96e567badd91da836ccdd5cccf3ec937295c142c449e5a
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2c3e04a3f536b4a6300aeee8ee1dbbfddaacaf29d9f44dadff76b136fab44e38
2c6242acef44a222fe1696540cee8f34d2f39b7d90c5957b24931e2578eb722a
2d02884af24c995359c68709e160d4989edbad8f69878e4aa9fe01c660a0e684
2d8ec22ed3d0609c918dea6e0cddf56c62e24b01d0aede67fd4c8f02a359246d
2d9fb017af918459b599da7e62b718250c644cba54ac9c18282a724b0482362b
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2fb1340c2c035f2e93af346eefb0c76f8714bca0ce7385c8d6c3221a3565c587
3077c047c7210f4e52a637ba10a8d5346ed72d4e29956c96aaa8f8aac58d440c
30ece5ac4e330eb0d7d2f0ff3096f914def5a156abfd9f6f0352d03bcf40311b
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3ec5b19f92b121ae88d7dabc653ade87d85778cac8dd422ae698e419dee8c969
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bee4c9ecfc0a950454054b92dcaf73a46e469743e20b05c5f424c2131b7eade
4c0f87158de5042d109657192ae0ca3dad64601488662485d66cfc645d3fb060
4ca18c247df52dd22650bd7f72f71d7c98102243b0ec474f683c6a279ad3a668
4cdebf6c612db7500d8ae8b16bad75f246c6edfc6438d077ab4d59137f70c6e0
4d0b038d49eadb39a5afb24f0d94ce74eccea9e23995d6c04c624304ea0d1318
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50d658a8866f2060310848c16218d1e6be2ad7323f7200403f4a26ef21a5b436
52011324b0771e7d5f71e7740b2f32a08298df5ad0ad69645cdf314404cb2d0e
52db930f81d97113dde679cac624cb5435b56d4ac486e91a0b6692d2cb615a84
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
558c8f12df464186445cf85c85961640703f0342be8b469eae1333939bf2d6b3
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57043935a3503c7aff7dd3ee5f28f037147ca3f81cc4876f67a33ca14ac45dcb
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
5849aeb82f7a353bf9e41805eb61ff7b34079ed7f1794355555ba1ed42ebf601
5ae70268abe00d0f5f9a58ce23f5af80fd5f8d9e8b5a647855901f5321cbd23a
5e513322d53e0e80a5bedad804e8319b1a9f726b8f7e8b1f1009260c02690fbd
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62ebe194116046467031ad535133f2e9e2294901d8d11714f4bf6d2904f1a1ab
645709dcb09b2700fd5a5938dbdf783ac90a88334e5104041db53302441f33e4
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
672dd353a874c1e40cc89e241661c599d43c2b83abd278c0b80b8087accbcb2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6f49c94c221791c04cf09954b71cac2bb35793279047560b502fa8ae189d0281
6f8910bb4b43e21480fa154045cd5fcf338313475a176572f9b3cb5bdb9abbbf
703ff35b2c4a1e651357a455145c11a5f1e10522b9a1ed7307909a9aee6f7afb
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
7685fccd2f24dbec595b598c95fe95607acc6d0c2a0c56683b2c0a8f63271eab
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
8106b51011b26cf5f69cf7769a95b3f7faf34e2f26191c4e657e705ad3f4ecb6
82b49e0e57e1c4820eb7bbff67a483071672bab681259129292554b5b3c4ccda
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8438847ce24fd71ccfc90631fdf8349ba4ef5c9a715a033e0473f4d0853068b6
85587148ca3afbbd2674193918a547b451eed394970bfe7fa5dd1e5be2b2e0f4
883204807e945d6a19f8b9928edcb5a4433606979adcf31f843feed5d65514d5
88724da3173eaf855fc8b8094480d1d923f69c420107501da8d40b503163bcf2
89a7d8c7d9cc2d954be3e4e6420a65bda5306db7beddf4c36b14df790909a9a8
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8d11c66d7f310f9aca74196892947d94e222f2ae0b36298d168002bf2431b5ce
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3
9a6a3bb54c20503e069b1d80078da9a75bb05d304a3e62c3e7d8d052bc49f0c2
9cf4fc9350f69e442ebfdf130d4e601377e9273b642282a1ebb4f79d6116e8c5
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a40825f19dae4b870f5a3c411942fd8d5ab9e075cc99983b74f139fd4c856c4b
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a91fca903f7f2a3d051f657b5b25baed4e99b6c1e51bfee63737f73ff54f2b7c
a9b847c681a24b03ba8acc0b4dcd8aab9acf8c4d3131be784d488e2402d57427
aabdfafa681a7cab14a3ab3382de35f87fa91dcbc153d76a00e71ff17afa8cbb
ab49a0c9123c7b64ff525f199becec33dee08582cc0f7b82ea9435b1f76ce9bb
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b24b19152e92ee2240cdf53444b33a1b8ec286e9a44072890c5490c9d8ddfa3d
b2f37a5d48012b60d0912d3469d5d2e1557238e8b91695dbdfa4abf4519aae6e
b719f2c49c49fa2193af6e91f00ddb7e279b89c3681ff481c8998f4fec3f866d
ba747b154c136ed6792d43a15aea5dbcc4764666920d6b630231a12c98475547
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc4e9b14ba8f9e349071e9d19faab1a0465dc797d1d401babd1dc2aa2e054eaa
bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a
bcefbbc0f8a1f61939edab637716178780fe29f93670393af33ea757bcef5224
be0cd36c7aae81d58d929850be4471dcfdae950c9c90f99f1b43e5ed38f82dda
c08f660a95b1cc8521a6366708ed88e3774985c10939c2cf35f32e534de8304b
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c72f57881ea9665da29cc614802f61a04084e06b14de9f1d79ce26273e66a991
c8f2cd96c961c0d7f46f9da788bafb8c5d328af34afe637d3ab462b60687be8e
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
cd336cdb075c8c61a776a9239837fe679b747b292e906aa9b2aa171fc30aed69
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d27d3ce9124909a5ff44640d1a1556822d10db85c40fd45c9c574d52ff30fb1a
d48f7d7bc477f61c161f38835c0daaead5a64ca51be3656755d0b08c866dfcf2
d8c1b80797dc2792cd87ecad812467323ae2c95ebb01da15cf5c93861e087d1f
d961a31d3d2fdb93a35a4024f9878b2ed896cd86a084ceb8df6af3bc53e29125
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e1d0dca3eb6e493e7a4168a4628dcc79ecce2fc33867bb7314b41e2f612772f8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
eb69b0bb2bbc43b47c868b9f2dfbeb06e0764dff683b447985a73d8b01b3e7db
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f9069e765fbe398f997add12a68cb2a29757379a4419198ef6fc3f627a06011f
fe6ace7f8cff4baae1e99312823acb0ff86c6c5125a27ae206c4111cda2564c9
ff9203317e7c9fbb07a67ce6a0965a5643e0f2c8153992ab783813cfa3890b39

wheregoes.com Open in urlscan Pro 2606:4700:3035::ac43:b70e Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

282 Requests

80 %HTTPS

25 %IPv6

93 Domains

144 Subdomains

107 IPs

11 Countries

1754 kBTransfer

4309 kBSize

128 Cookies

1 Outgoing links

Redirected requests

282 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

wheregoes.com Open in urlscan Pro
2606:4700:3035::ac43:b70e Public Scan

Screenshot
Live screenshot

Full Image

282
Requests

80 %
HTTPS

25 %
IPv6

93
Domains

144
Subdomains

107
IPs

11
Countries

1754 kB
Transfer

4309 kB
Size

128
Cookies

282 HTTP transactions
7 data transactions