www.wheresgeorge.com Open in urlscan Pro
2606:4700:20::681a:735 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.wheresgeorge.com/
Effective URL:
https://www.wheresgeorge.com/
Submission: On December 05 via manual (December 5th 2022, 5:05:29 am UTC) from US — Scanned from DE

Summary HTTP 207 Redirects Links 18 Behaviour Indicators

Summary

This website contacted 57 IPs in 9 countries across 36 domains to perform 207 HTTP transactions. The main IP is 2606:4700:20::681a:735, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.wheresgeorge.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 19th 2022. Valid for: a year.

This is the only time www.wheresgeorge.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 46	2606:4700:20:... 2606:4700:20::681a:735	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2010	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
1	172.64.151.162 172.64.151.162	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2600:9000:206... 2600:9000:206f:6e00:4:b37b:9440:93a1	16509 (AMAZON-02) (AMAZON-02)
1	88.221.168.201 88.221.168.201	16625 (AKAMAI-AS) (AKAMAI-AS)
3	147.75.85.234 147.75.85.234	54825 (PACKET) (PACKET)
5	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
3	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3	37.252.171.149 37.252.171.149	29990 (ASN-APPNEX) (ASN-APPNEX)
4	172.64.154.237 172.64.154.237	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	35.157.246.167 35.157.246.167	16509 (AMAZON-02) (AMAZON-02)
3	63.33.230.145 63.33.230.145	16509 (AMAZON-02) (AMAZON-02)
3	2602:803:c004... 2602:803:c004:200::140	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
1	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
1	34.120.133.55 34.120.133.55	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	44.239.16.115 44.239.16.115	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::6816:3556	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	13.225.78.97 13.225.78.97	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:205... 2600:9000:2057:4000:a:e047:752:5701	16509 (AMAZON-02) (AMAZON-02)
1 2	34.120.107.143 34.120.107.143	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2606:4700::68... 2606:4700::6810:5614	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
2	35.190.39.111 35.190.39.111	15169 (GOOGLE) (GOOGLE)
2	162.19.138.116 162.19.138.116	16276 (OVH) (OVH)
3	3.226.37.73 3.226.37.73	14618 (AMAZON-AES) (AMAZON-AES)
1 18	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1 2	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	138.201.220.30 138.201.220.30	24940 (HETZNER-AS) (HETZNER-AS)
1 3	185.29.134.249 185.29.134.249	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1	23.35.228.210 23.35.228.210	16625 (AKAMAI-AS) (AKAMAI-AS)
1	151.101.1.108 151.101.1.108	54113 (FASTLY) (FASTLY)
4	37.252.171.52 37.252.171.52	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 5	144.76.104.53 144.76.104.53	24940 (HETZNER-AS) (HETZNER-AS)
1	52.17.7.52 52.17.7.52	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE)
6	37.157.6.245 37.157.6.245	198622 (ADFORM) (ADFORM)
17	37.157.6.234 37.157.6.234	198622 (ADFORM) (ADFORM)
3	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	104.18.33.19 104.18.33.19	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	52.57.83.94 52.57.83.94	16509 (AMAZON-02) (AMAZON-02)
1	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
2 3	185.64.190.79 185.64.190.79	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
1 1	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
207	57

46 2606:4700:20::681a:735 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.wheresgeorge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.151.162 (United States)

ASN13335 (CLOUDFLARENET, US)

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:206f:6e00:4:b37b:9440:93a1 (United States)

ASN16509 (AMAZON-02, US)

rumcdn.geoedge.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.221.168.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-168-201.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 147.75.85.234 (Schiphol, Netherlands)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

didna-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.171.149 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.64.154.237 (United States)

ASN13335 (CLOUDFLARENET, US)

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
as-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 35.157.246.167 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com

c2shb.ssp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 63.33.230.145 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-33-230-145.eu-west-1.compute.amazonaws.com

g2.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2602:803:c004:200::140 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cad407624c34a43645c86495bbbac08f.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.133.55 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 55.133.120.34.bc.googleusercontent.com

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.239.16.115 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-239-16-115.us-west-2.compute.amazonaws.com

id.sharedid.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-97.fra2.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:4000:a:e047:752:5701 (United States)

ASN16509 (AMAZON-02, US)

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.107.143 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 143.107.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.39.111 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 111.39.190.35.bc.googleusercontent.com

esp.rtbhouse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.19.138.116 (France)

ASN16276 (OVH, FR)
PTR: ns31533567.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.226.37.73 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-226-37-73.compute-1.amazonaws.com

gw.geoedge.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::1c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 138.201.220.30 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.30.220.201.138.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.29.134.249 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

tags.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.228.210 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-228-210.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.108 (United States)

ASN54113 (FASTLY, US)

cdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.252.171.52 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

fra1-ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 144.76.104.53 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.53.104.76.144.clients.your-server.de

hal900022.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.17.7.52 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-7-52.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 37.157.6.245 (Denmark)

ASN198622 (ADFORM, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 37.157.6.234 (Denmark)

ASN198622 (ADFORM, DK)

s1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.33.19 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dsum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.57.83.94 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-83-94.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.190.79 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image8.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.194 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.110 (United Kingdom) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
46	wheresgeorge.com 1 redirects www.wheresgeorge.com	1 MB
30	googlesyndication.com 1 redirects cad407624c34a43645c86495bbbac08f.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 144 pagead2.googlesyndication.com — Cisco Umbrella Rank: 109	330 KB
23	adform.net track.adform.net — Cisco Umbrella Rank: 3622 s1.adform.net — Cisco Umbrella Rank: 7620	170 KB
13	doubleclick.net 1 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 203 googleads.g.doubleclick.net — Cisco Umbrella Rank: 39 cm.g.doubleclick.net — Cisco Umbrella Rank: 234	245 KB
8	gstatic.com www.gstatic.com encrypted-tbn1.gstatic.com encrypted-tbn3.gstatic.com encrypted-tbn2.gstatic.com fonts.gstatic.com	212 KB
8	adnxs.com ib.adnxs.com — Cisco Umbrella Rank: 238 cdn.adnxs.com — Cisco Umbrella Rank: 1430 fra1-ib.adnxs.com — Cisco Umbrella Rank: 7161	41 KB
8	pubmatic.com 3 redirects ads.pubmatic.com — Cisco Umbrella Rank: 533 hbopenbid.pubmatic.com — Cisco Umbrella Rank: 504 image8.pubmatic.com — Cisco Umbrella Rank: 661 image2.pubmatic.com — Cisco Umbrella Rank: 1051	67 KB
8	geoedge.be rumcdn.geoedge.be — Cisco Umbrella Rank: 1708 gw.geoedge.be — Cisco Umbrella Rank: 1971	276 KB
7	yahoo.com c2shb.ssp.yahoo.com — Cisco Umbrella Rank: 1227	9 KB
7	casalemedia.com 2 redirects htlb.casalemedia.com — Cisco Umbrella Rank: 539 as-sec.casalemedia.com — Cisco Umbrella Rank: 1681 dsum.casalemedia.com — Cisco Umbrella Rank: 1571 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 588	4 KB
7	openx.net 1 redirects didna-d.openx.net — Cisco Umbrella Rank: 46739 oajs.openx.net — Cisco Umbrella Rank: 2928 google-bidout-d.openx.net — Cisco Umbrella Rank: 2864 u.openx.net — Cisco Umbrella Rank: 738	1 KB
6	redintelligence.net 1 redirects hal9000.redintelligence.net — Cisco Umbrella Rank: 36764 hal900022.redintelligence.net — Cisco Umbrella Rank: 434466	7 KB
4	mathtag.com 1 redirects tags.mathtag.com — Cisco Umbrella Rank: 4132 pixel.mathtag.com — Cisco Umbrella Rank: 1081	2 KB
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 242	25 KB
3	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 429 mug.criteo.com — Cisco Umbrella Rank: 2441	7 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 190	143 KB
3	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 1107 id5-sync.com — Cisco Umbrella Rank: 476	18 KB
3	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 87 www.google.com — Cisco Umbrella Rank: 2	1 KB
3	rubiconproject.com fastlane.rubiconproject.com — Cisco Umbrella Rank: 498	2 KB
3	gumgum.com g2.gumgum.com — Cisco Umbrella Rank: 1425	2 KB
3	a-mo.net prebid.a-mo.net — Cisco Umbrella Rank: 1033	12 KB
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 886	1 KB
2	rtbhouse.com esp.rtbhouse.com — Cisco Umbrella Rank: 7113	238 B
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1271 bcp.crwdcntrl.net — Cisco Umbrella Rank: 1050	10 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 38	20 KB
2	googleapis.com storage.googleapis.com — Cisco Umbrella Rank: 436 fonts.googleapis.com — Cisco Umbrella Rank: 51	14 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 435	10 KB
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 2603	1 KB
1	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 6331	2 KB
1	sharedid.org id.sharedid.org — Cisco Umbrella Rank: 2907	903 B
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 675	13 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 3128	8 KB
1	rlcdn.com api.rlcdn.com — Cisco Umbrella Rank: 929	364 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 364	394 B
1	google.de adservice.google.de — Cisco Umbrella Rank: 7808	792 B
1	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 653	13 KB
207	36

	Domain	Requested by
46	www.wheresgeorge.com	1 redirects www.wheresgeorge.com
18	tpc.googlesyndication.com	1 redirects rumcdn.geoedge.be cad407624c34a43645c86495bbbac08f.safeframe.googlesyndication.com tpc.googlesyndication.com
17	s1.adform.net	track.adform.net s1.adform.net www.wheresgeorge.com
10	securepubads.g.doubleclick.net	www.wheresgeorge.com securepubads.g.doubleclick.net rumcdn.geoedge.be
9	pagead2.googlesyndication.com	rumcdn.geoedge.be tpc.googlesyndication.com securepubads.g.doubleclick.net
7	c2shb.ssp.yahoo.com	www.wheresgeorge.com
6	track.adform.net	hal900022.redintelligence.net s1.adform.net
5	hal900022.redintelligence.net	1 redirects www.wheresgeorge.com rumcdn.geoedge.be hal900022.redintelligence.net
5	rumcdn.geoedge.be	www.wheresgeorge.com rumcdn.geoedge.be
4	fra1-ib.adnxs.com	rumcdn.geoedge.be cdn.adnxs.com
3	image8.pubmatic.com	2 redirects www.wheresgeorge.com
3	cdnjs.cloudflare.com	s1.adform.net
3	tags.mathtag.com	1 redirects www.wheresgeorge.com rumcdn.geoedge.be
3	gw.geoedge.be	rumcdn.geoedge.be
3	www.googletagservices.com	rumcdn.geoedge.be
3	cad407624c34a43645c86495bbbac08f.safeframe.googlesyndication.com	securepubads.g.doubleclick.net rumcdn.geoedge.be
3	fastlane.rubiconproject.com	www.wheresgeorge.com
3	g2.gumgum.com	www.wheresgeorge.com
3	htlb.casalemedia.com	www.wheresgeorge.com
3	ib.adnxs.com	www.wheresgeorge.com
3	hbopenbid.pubmatic.com	www.wheresgeorge.com
3	didna-d.openx.net	www.wheresgeorge.com
3	prebid.a-mo.net	www.wheresgeorge.com
2	pm.w55c.net	2 redirects
2	dsum.casalemedia.com	2 redirects
2	www.google.com	1 redirects rumcdn.geoedge.be
2	fonts.gstatic.com	fonts.googleapis.com
2	googleads.g.doubleclick.net	cad407624c34a43645c86495bbbac08f.safeframe.googlesyndication.com
2	gum.criteo.com	1 redirects rumcdn.geoedge.be
2	encrypted-tbn3.gstatic.com	cad407624c34a43645c86495bbbac08f.safeframe.googlesyndication.com
2	encrypted-tbn1.gstatic.com	cad407624c34a43645c86495bbbac08f.safeframe.googlesyndication.com
2	id5-sync.com	cdn.id5-sync.com www.wheresgeorge.com
2	esp.rtbhouse.com	invstatic101.creativecdn.com
2	oajs.openx.net	1 redirects www.wheresgeorge.com
2	www.google-analytics.com	www.wheresgeorge.com www.google-analytics.com
1	image2.pubmatic.com	1 redirects
1	cm.g.doubleclick.net	1 redirects
1	u.openx.net	www.wheresgeorge.com
1	dsum-sec.casalemedia.com	www.wheresgeorge.com
1	google-bidout-d.openx.net	rumcdn.geoedge.be
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	mug.criteo.com	www.wheresgeorge.com
1	fonts.googleapis.com	tpc.googlesyndication.com
1	cdn.adnxs.com	rumcdn.geoedge.be
1	pixel.mathtag.com	rumcdn.geoedge.be
1	hal9000.redintelligence.net	rumcdn.geoedge.be
1	encrypted-tbn2.gstatic.com	cad407624c34a43645c86495bbbac08f.safeframe.googlesyndication.com
1	www.gstatic.com	rumcdn.geoedge.be
1	cdn.jsdelivr.net	rumcdn.geoedge.be
1	cdn.prod.uidapi.com	rumcdn.geoedge.be
1	tags.crwdcntrl.net	rumcdn.geoedge.be
1	invstatic101.creativecdn.com	rumcdn.geoedge.be
1	cdn.id5-sync.com	rumcdn.geoedge.be
1	id.sharedid.org	rumcdn.geoedge.be
1	static.criteo.net	rumcdn.geoedge.be
1	oa.openxcdn.net	rumcdn.geoedge.be
1	as-sec.casalemedia.com	js-sec.indexww.com
1	api.rlcdn.com	js-sec.indexww.com
1	match.adsrvr.org	js-sec.indexww.com
1	adservice.google.com	rumcdn.geoedge.be
1	adservice.google.de	rumcdn.geoedge.be
1	ads.pubmatic.com	www.wheresgeorge.com
1	js-sec.indexww.com	storage.googleapis.com
1	storage.googleapis.com	www.wheresgeorge.com
207	64

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
forums.wheresgeorge.com
www.cafepress.com
wheresgeorgerubberstamps.com
redfearn.co

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-19` - `2023-05-19`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
storage.googleapis.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
gw.geoedge.be Amazon	`2022-09-12` - `2023-10-10`	a year	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2022-02-04` - `2023-02-03`	a year	crt.sh
*.a-mo.net R3	`2022-12-04` - `2023-03-04`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
web.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-08-02` - `2023-01-25`	6 months	crt.sh
*.gumgum.com Amazon	`2022-05-06` - `2023-06-04`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
oa.openxcdn.net GTS CA 1D4	`2022-12-02` - `2023-03-02`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-11-08` - `2023-02-04`	3 months	crt.sh
id.sharedid.org Amazon	`2022-11-08` - `2023-12-07`	a year	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2022-11-02` - `2023-01-31`	3 months	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2022-05-01` - `2023-06-02`	a year	crt.sh
cdn.prod.uidapi.com R3	`2022-11-29` - `2023-02-27`	3 months	crt.sh
esp.rtbhouse.com GTS CA 1D4	`2022-11-23` - `2023-02-21`	3 months	crt.sh
*.id5-sync.com R3	`2022-11-09` - `2023-02-07`	3 months	crt.sh
protect.geoedge.be Sectigo ECC Domain Validation Secure Server CA	`2022-01-02` - `2023-02-02`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-10-31` - `2023-01-26`	3 months	crt.sh
redintelligence.net R3	`2022-12-05` - `2023-03-05`	3 months	crt.sh
pixel.mathtag.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-05` - `2023-07-05`	a year	crt.sh
*.mathtag.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-18` - `2023-04-25`	a year	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2022-03-11` - `2023-04-11`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-09-20` - `2023-09-20`	a year	crt.sh

This page contains 14 frames:

Primary Page: https://www.wheresgeorge.com/
Frame ID: BA43A1E4D24E4563E9E9385F4B6D0476
Requests: 113 HTTP requests in this frame

Frame: https://cad407624c34a43645c86495bbbac08f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: C338492E0C8B7B168A51BB70E47303C1
Requests: 1 HTTP requests in this frame

Frame: https://cad407624c34a43645c86495bbbac08f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 8546F29D1BD343FE46ACF58A4076DF3C
Requests: 18 HTTP requests in this frame

Frame: https://cad407624c34a43645c86495bbbac08f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 1F1FA50B010BBAA788E21A491FEB398D
Requests: 10 HTTP requests in this frame

Frame: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi.js
Frame ID: 538071EB130AA26D9CEC5F524F42AC31
Requests: 18 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.wheresgeorge.com
Frame ID: 37AC3B43E86AC78848C9154E8CBCF805
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1556583186674994428/index.html
Frame ID: 93C837D5D6D7D35E2A8344ADBA3E7080
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 28E365CA76B66501BFF023488CA48B67
Requests: 2 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: D1C1707EF789F1CCAEB2CA2D9DCCA387
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js
Frame ID: 19AE65B5A1C5469FCE8C0E1FBD54D435
Requests: 1 HTTP requests in this frame

Frame: https://hal900022.redintelligence.net/request_content.php?s=15341600011509506352835012164022&a=00f93e7a
Frame ID: 6B03538AF5F36E18556E8E06418FF8DF
Requests: 12 HTTP requests in this frame

Frame: https://s1.adform.net/Banners/Elements/Files/160090/12063365/12063365.js?ADFassetID=12063365&bv=258
Frame ID: 990614F6DFFD34C29E3FDF793249187E
Requests: 18 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: BDEF6E972DD3D916723FAF5181BC7E52
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 390C176B3E0D0A89742B241DC9F930CD
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Where's George? - Official Currency Tracking Project -

Page URL History Show full URLs

http://www.wheresgeorge.com/ HTTP 302
https://www.wheresgeorge.com/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui[.-]([\d.]*\d)[^/]*\.js
jquery-ui.*\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

207
Requests

95 %
HTTPS

42 %
IPv6

36
Domains

64
Subdomains

57
IPs

9
Countries

2731 kB
Transfer

5786 kB
Size

44
Cookies

18 Outgoing links

These are links going to different origins than the main page.

URL: http://www.facebook.com/WheresGeorge

Search URL Search Domain Scan URL

URL: http://twitter.com/wheresgeorge

Search URL Search Domain Scan URL

URL: http://forums.wheresgeorge.com/forumdisplay.php?56-WG-4-0-General-Discussion
Title: this forum

Search URL Search Domain Scan URL

URL: https://forums.wheresgeorge.com/index.php?forums/new-user-q-a-forum.3/
Title: New User/Q&A

Search URL Search Domain Scan URL

URL: https://forums.wheresgeorge.com/index.php?forums/main-wheres-george-forum.2/
Title: Main WG Discussion Forum

Search URL Search Domain Scan URL

URL: https://forums.wheresgeorge.com/index.php
Title: Forums Home Page

Search URL Search Domain Scan URL

URL: https://forums.wheresgeorge.com/index.php?forums/hit-celebration-user-profiles.4/
Title: Hit Celebration

Search URL Search Domain Scan URL

URL: https://forums.wheresgeorge.com/index.php?forums/two-dollar-bill-discussion.45/
Title: $2 Bill Discussion

Search URL Search Domain Scan URL

URL: https://forums.wheresgeorge.com/index.php?forums/western-usa.5/
Title: Western USA

Search URL Search Domain Scan URL

URL: https://forums.wheresgeorge.com/index.php?forums/midwest-usa.6/
Title: Midwest USA

Search URL Search Domain Scan URL

URL: https://forums.wheresgeorge.com/index.php?forums/north-east-mid-atlantic-usa.7/
Title: Northeast USA

Search URL Search Domain Scan URL

URL: https://forums.wheresgeorge.com/index.php?forums/south-eastern-usa.8/
Title: Southeast USA

Search URL Search Domain Scan URL

URL: https://forums.wheresgeorge.com/index.php?forums/bill-collecting-and-numismatics.9/
Title: Numismatic/Bill Collectors

Search URL Search Domain Scan URL

URL: https://forums.wheresgeorge.com/index.php?categories/off-topic-discussions-wheres-george.10/
Title: Off-Topic Forums

Search URL Search Domain Scan URL

URL: https://forums.wheresgeorge.com/index.php?whats-new/posts
Title: New Posts (all forums)

Search URL Search Domain Scan URL

URL: http://www.cafepress.com/wheresgeorge
Title: Store Home

Search URL Search Domain Scan URL

URL: https://wheresgeorgerubberstamps.com/
Title: WG Stamps

Search URL Search Domain Scan URL

URL: http://redfearn.co/
Title: Royce Redfern

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.wheresgeorge.com/ HTTP 302
https://www.wheresgeorge.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 104

https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.wheresgeorge.com%2F&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.wheresgeorge.com%2F&rid=esp&cc=1

Request Chain 126

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKCnu4CQiQEQsAkYrAIyCBtUs27Roi6i HTTP 301
https://tpc.googlesyndication.com/simgad/9530445888032852924

Request Chain 137

https://tags.mathtag.com/notify/img?exch=apn&s_exch=apn&id=5aW95q2jLzIzLyAvWkRka1pEQXlPVFV0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzQwNTc4MTQ4MDA3MzIxMTQ1OTYvMTExNDc2MTMvMTI2NzM3MjAvMTMvYkFVb2hZTU1Yam15eG05aXdUazJOc2lldEhDazBrXzNLdHlWM3ZDOVd1QS8xLzEzLzAvMC8yMDI1MDkzLzE0MTA1NzYyOTMvMjE1NTQzLzEyNTEzNjYvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC80MDU3ODE0ODAwNzMyMTE0NTk2L2Ftcy8wLzM3NzEvOC85OTkvMjU4Lzg0LjE5LjE3NS4wLzAuMDAwLzE2NzAyMTY3MTkvMTY3MDIyOTMxOS8xMy84MjE5Lw/BeKgP-zI02QmY7lbTRcmCOSLkYw&nodeid=4014&group=cdg&auctionid=4057814800732114596&pbs_auctionid=4057814800732114596&shardkey=4057814800732114596&sid=12673720&cid=11147613&bp=a_bfcjdd&min_bid_win=${AUCTION_MIN_TO_WIN}&nfy_act=LD5wew&bfip=185.29.135.159&type=imp&client=c2s HTTP 302
https://tags.mathtag.com/ck-confirm?bid_id=4057814800732114596&node_id=4014&exch_id=13

Request Chain 148

https://gum.criteo.com/sid/json?origin=publishertagids&domain=wheresgeorge.com&sn=ChromeSyncframe&so=0&topUrl=www.wheresgeorge.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=8jho53xOMkZDUHlhc1l3c3RBQks3L1BxaDd1T0pxcWQyWHJ2ZjFYb0VCbjFZdWtMcDVsdU5lQ2kwd0xBbWpUMi9xSmhkakZNSWJoRXRKWWlQYW1GbjFSTExTeFlqekxuK0ErcjZ4YWhqV2JuQms3Rllad3B2R25qbWpMMGZmak1xMGtwTjZQcEdoY2pLTGx3M1ZUSkJheEduMFZZcTlkYjVWWEJkSnBTdDRmdnk1UDlkRGpCOExBeVhVb3NzTS96SHBPK1BKcDhRZzVDT0J3T3U4UVFpaS84VENMVEhaWFE4andjOGI1dEY5VUZ0WG9tWjgxWXhPdURtaktidjBVVUc3b1dWRkhrWTJDZ1hiTDhKSC9GcjNYRUZaRHZvZ21pN3BSZFFYeXBidWZvK0JiZz18&cppv=2

Request Chain 149

https://hal900022.redintelligence.net/request.php?zone=w94lkllg5fwj&nw=20&renderingType=javascript&namespace=5dacd349ff&subid=&uid=77519b62c10252b6&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aapn&envData=&gdpr=0&gdpr_consent=&ud=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D4057814800732114596%26mt_id%3D11147613%26mt_adid%3D215543%26redirect%3D&documentReferer=https%3A%2F%2Fwww.wheresgeorge.com%2F&ancestorOrigins=https%3A%2F%2Fwww.wheresgeorge.com&random=9553477977293&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal900022.redintelligence.net/request.php?zone=w94lkllg5fwj&nw=20&renderingType=javascript&namespace=5dacd349ff&subid=&uid=77519b62c10252b6&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aapn&envData=&gdpr=0&gdpr_consent=&ud=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D4057814800732114596%26mt_id%3D11147613%26mt_adid%3D215543%26redirect%3D&documentReferer=https%3A%2F%2Fwww.wheresgeorge.com%2F&ancestorOrigins=https%3A%2F%2Fwww.wheresgeorge.com&random=9553477977293&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 153

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 197

https://dsum.casalemedia.com/pbusermatch?origin=prebid&site_id=360263&p=1&i=0&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://dsum.casalemedia.com/pbusermatch?origin=prebid&site_id=360263&p=1&i=0&gdpr=0&gdpr_consent=&us_privacy=&C=1 HTTP 302
https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=0 HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=0 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=x8c2HxiA1P23Fp5&gdpr=0

Request Chain 199

https://image8.pubmatic.com/AdServer/ImgSync?p=159745 HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?p=159745&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NUZBMzBGMDQtQTI5OC00MkQzLThDNzgtQUVCNzQ0NEY5RUY3&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=

207 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.wheresgeorge.com/
Redirect Chain

http://www.wheresgeorge.com/
https://www.wheresgeorge.com/

32 KB
9 KB

518ms
474ms

Document
text/html

2606:4700:20::681a:735
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wheresgeorge.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:735 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 90f7e583fbd484f79db863bd15a70eb5f8b111c517cf35b5cc11a261b1de0c0e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 774a3ef4fba85bf9-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 05 Dec 2022 05:05:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l8QbAmkvyJ1p%2F4vn2QAvTcQRIdZPXRRQVz%2B%2F%2FqLTAmujoVHoibPu1JtILZ1ehoRXkS%2FiseuKYIvBEP%2F%2FVBZcB%2BlS0Aa4eGxxWqocJJ0KxJi9w53Z5XIX%2BF5dGa27KO%2F%2Fg4m3sJzaLEMRcBYbONMtwAsS"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

CF-Cache-Status: DYNAMIC
CF-RAY: 774a3ef07caa6919-FRA
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Mon, 05 Dec 2022 05:05:17 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YUfdwSomvFvSp%2BoD0gHHiGSlTc%2BCWS9PPO8fMROmK%2FDmzbd5Kck4eNVjg9%2BhvoBn%2Bz3ZxHNDQ1%2BzDNS7fkwyPmvK39ry1njtXOWOC%2BTkfDOQBVaeXhp9EVQmGH%2F288%2BFJ8eETG8DibgwL%2Fr1wQlgbC2w"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
location: https://www.wheresgeorge.com

GET
H2 200 wpJ7OnaoHqqN-SSFOvcy2VKlnmo.js Show response
www.wheresgeorge.com/cdn-cgi/apps/head/ 5 KB
2 KB 470ms
468ms Script
application/javascript 2606:4700:20::681a:735
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wheresgeorge.com/cdn-cgi/apps/head/wpJ7OnaoHqqN-SSFOvcy2VKlnmo.js
Requested by: Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:735 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d44418aef78b2e4586c639a6b4e57b4b9fc93a958bf2dd254b70553d51dd06d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 05:05:18 GMT
x-amz-version-id: unIJ3FFnfsyXqpBFcH8o6ddwQmEUXCMN
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 20 May 2018 13:52:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-amz-request-id: 4P18VDYRG1VRJK3G
etag: W/"936e534205b414d393664355db3c16d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2sWtDna6UJabAuuSWN%2B5qbHyKYKzYJuyqhgHENl5UpTJVAFcjYPo2dkYleReKI1Aj6blUxPcSlavllyUaDp%2B7Q16SAh78rvbjLkJWDX%2BQSshmWXABMCmIBBz6dC7aHf746EhMp7xT4Ki9%2FWBzX8SPMwa"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 774a3ef80a7d5bf9-FRA
x-amz-id-2: rnH3wWnZsYm6unyV3cIqxGtlwNUYpXuwfMbPMUn74hs7F5cgu2TK0Tn2rebIRQmqRKO/NcqwONI=

GET
H2 200 wg.css
www.wheresgeorge.com/skins/wg-green/ 17 KB
4 KB 502ms
500ms Stylesheet
text/css 2606:4700:20::681a:735
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wheresgeorge.com/skins/wg-green/wg.css
Requested by: Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:735 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f0da298e31dd1a50b19d710bd787a8adce25afcaf4a89ba5fcf819c6662723e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 05:05:18 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 11 Sep 2019 22:03:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"4511-5924e2f6646db-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iKNDkb%2FerUzSOC1Oo7G4O41%2BOlYMPu6gSx1GP27weHlCVAQTwthyxdXzyUdZ%2BQFFQoNIq0AwjTgqUSmbkVqSXkJwB%2FRa8kggCnX3l1QBjwE3UBkHivMEor0UF2O9IXvNDqm%2BezH8vvi2hBSxEy%2FBNKOV"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=691200
cf-ray: 774a3ef80a7f5bf9-FRA

GET
H2 200 jquery-ui-1.9.2.custom.min.css
www.wheresgeorge.com/includes/jquery-ui-192/south-street/ 26 KB
6 KB 488ms
486ms Stylesheet
text/css 2606:4700:20::681a:735
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wheresgeorge.com/includes/jquery-ui-192/south-street/jquery-ui-1.9.2.custom.min.css
Requested by: Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:735 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5948c940e4cd9dad9b958313b8ab760bfb85c7a3dad4332c6fb5f9ebb6ce695b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 05:05:18 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 29 Oct 2013 20:01:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6934-4e9e6af248a40-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a9JQYdwnyZ1Vdid82jNwFj4KcsLdtTq3zDIKlmQBK7v0Yh3xp2STrY51snACspV1eg8jBfRn4QPK2hVs9PAXM4IkrIAXe%2FAzm34x0Jq9iPLbafPTdmu0eQeyTV2vb45qJfSXErZyPBwVN3Mv1SF3irp3"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=691200
cf-ray: 774a3ef80a815bf9-FRA

GET
H2 200 jquery.min.js Show response
www.wheresgeorge.com/includes/js/ 91 KB
33 KB 557ms
555ms Script
application/javascript 2606:4700:20::681a:735
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wheresgeorge.com/includes/js/jquery.min.js
Requested by: Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:735 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 05:05:18 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 23 Aug 2013 16:51:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"16bb3-4e4a038483840-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ssZLtjyjSezcEMzHn6vf5Nh4zWzPZSZ2AJaWMLigYk%2BXT%2BWGT7%2FmO1sEDo8M6cwVf6mc9JnTRz76NG5kDNAiOOrIG%2F2RbDN1YbWMijepmz3RG8O2NkmmrFJ8K736X15DG7VoTna2m91NC9RgnO4l3khl"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=691200
cf-ray: 774a3ef80a825bf9-FRA

GET
H2 200 jquery-migrate-1.2.1.min.js Show response
www.wheresgeorge.com/includes/js/ 7 KB
3 KB 487ms
486ms Script
application/javascript 2606:4700:20::681a:735
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wheresgeorge.com/includes/js/jquery-migrate-1.2.1.min.js
Requested by: Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:735 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 05:05:18 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 25 Jul 2013 20:17:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"1c1f-4e25bb7c6c100-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VZKPVA%2FnpXL2dItWeSA18zb11BDlXGE%2FmrtHa9OmRWLEJSz8zAUCHfW0za7OOnRtDRq6znhLW07m5eS7O4Eu7msLN7M%2BzUKsR%2FSFvk0xDpbqs%2BPi6rwwyvxfNALDVtqoQwfcNTyTsMHr7FWIgwaJ5Zce"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=691200
cf-ray: 774a3ef80a835bf9-FRA

GET
H2 200 jquery-ui-1.9.2.custom.min.js Show response
www.wheresgeorge.com/includes/jquery-ui-192/ 203 KB
55 KB 697ms
695ms Script
application/javascript 2606:4700:20::681a:735
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wheresgeorge.com/includes/jquery-ui-192/jquery-ui-1.9.2.custom.min.js
Requested by: Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:735 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b571fcad8128b028fa991009315020350ef5e296d826df2c6c8b6367a1e8fc27

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 05:05:18 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 29 Oct 2013 20:01:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"32a8f-4e9e6ae4eeac0-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y8ri0breXf1fOcZm7duoHvlYPdfXGw%2B6DnX0lKeQ3hCjxwgPZWK2qIeGqVj2sVEHStVc4PmTd6P5fa%2B4sHpLER7N2m3upfPb55egR52S6QTCBzbAzX3LAuAM8YUU69LedReUhHhlPEqxQEd3X45Zzg8I"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=691200
cf-ray: 774a3ef80a865bf9-FRA

GET
H2 200 cookie.js Show response
www.wheresgeorge.com/includes/js/ 2 KB
1 KB 485ms
484ms Script
application/javascript 2606:4700:20::681a:735
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wheresgeorge.com/includes/js/cookie.js
Requested by: Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:735 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c008b3684df8cf75f020bd759aa1f63d80456b77daf1076745be29ecdb9303a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 05:05:18 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 04 Aug 2013 00:21:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"7ec-4e3142dbc2a40-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G5K%2BFU2zr%2Fv3oPWbJVFVpJ8F1ZNKPTT1SYj4oXcl2VoSfhcoAcxW0TGxDI91POXTXBkK7QWMfIVo32A4qHwnoPkpoI3r%2Bl%2Be4WJzntjIStTB1aVaIYcpp4PDUL%2F9KC91fm%2FQ0n%2B0i3CodgGtCciXWJN%2B"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=691200
cf-ray: 774a3ef80a875bf9-FRA

GET
H2 200 header.js Show response
www.wheresgeorge.com/includes/js/ 4 KB
2 KB 486ms
485ms Script
application/javascript 2606:4700:20::681a:735
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wheresgeorge.com/includes/js/header.js
Requested by: Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:735 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd41b646250576c87600d36db00f6543440e3a07c73c69d33dfd7f7dafec08cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 05:05:18 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 04 Sep 2018 20:40:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"10b4-57511aa3d5e54-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FRVyIV3j1vGhyQp9sNbfiI0oyQ4%2BBYEYX%2F3erTY7IOEfD%2FQJPh3TIiulh%2BXH6jLf573oKMn2zuhQlcnfGZRWaBvpqGsINrbkrxDI5wc4HqiBaipNZ3wIIf%2BpAtd87f0nRZZ2ejopR0jPQb0I6gKN3aSL"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=691200
cf-ray: 774a3ef80a885bf9-FRA

GET
H2 200 odoticker.js Show response
www.wheresgeorge.com/includes/odometer/ 4 KB
2 KB 496ms
495ms Script
application/javascript 2606:4700:20::681a:735
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wheresgeorge.com/includes/odometer/odoticker.js
Requested by: Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:735 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a2b35d9f73e68484712519c315b452b1331fcb1c5591505f3b556fbd8a3726e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 05:05:18 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 04 Aug 2013 00:21:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"feb-4e3142d7f2140-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3ySfn7QQ%2FtgAzagYRUU0A4G7Zy8s1XwBC8uJpsMcodCjJ4qBKUfeEwBzjlJog30IQS72NFv%2FGJcBRnLaipoFxhzxcu%2Fuml%2F%2FFnPNaB%2FmUB7QdajjlmM1MlbJZpJb1hjAzq%2BTsCgV5p9vFJA23F2GLdF2"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=691200
cf-ray: 774a3ef80a895bf9-FRA

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 80 KB
27 KB 86ms
38ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a525c29375c645110e4d70c15004dced135dc3d5858b52d71b48db3eb3d4eb0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 05:05:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27507
x-xss-protection: 0
server: sffe
etag: "1412 / 372 of 1000 / last-modified: 1670022507"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 05 Dec 2022 05:05:18 GMT

GET
H2 200 didna_config.js Show response
storage.googleapis.com/didna_hb/wheresgeorge/wheresgeorge/ 12 KB
13 KB 386ms
334ms Script
text/javascript 2a00:1450:4001:830::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/didna_hb/wheresgeorge/wheresgeorge/didna_config.js
Requested by: Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: e0da400202994ee8fe2b6573bd21dcb9260c054dfc6610fce978e67364096d88

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 05:05:18 GMT
x-guploader-uploadid: ADPycdux7nzYxeD9-CBweg_j5Yc-YRMuSVqrFXcRn87y-bglMIdTSV_t90pGINHpeQ7F_bRa587hAwumXADUrhbGrpM9CL0Y3CR9
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12261
last-modified: Wed, 30 Nov 2022 18:49:15 GMT
server: UploadServer
etag: "c3111810cc8d9add797e48bae6513d4d"
x-goog-generation: 1669834155887758
content-type: text/javascript
x-goog-hash: crc32c=d64v5Q==, md5=wxEYEMyNmt15fki65lE9TQ==
cache-control: no-store
x-goog-stored-content-length: 12261
accept-ranges: bytes
expires: Tue, 05 Dec 2023 05:05:18 GMT

GET
H2 200 updown.png
www.wheresgeorge.com/images/ 4 KB
4 KB 442ms
442ms Image
image/png 2606:4700:20::681a:735
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.wheresgeorge.com/images/updown.png
Requested by: Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:735 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 56461ffccda775adce78f8b68d8ad28e5abddd893b7612ebd16344ccc6d66c95

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 05:05:19 GMT
cf-cache-status: MISS
last-modified: Sun, 04 Aug 2013 00:21:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "109e-4e3142cc80640"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H1vMFCmAZxcyfne8QHE6%2BBmzRpmLNUIXG%2FN0NVJAhqiWPPa9fZZb2wmYGAZDqIHzwciDOVHZYJ6Uf6XNbFfVSiczY%2F5XSg7UF3E%2BB8hvqPNV%2BJu9vOuLoEhLZAABAoQh1PO1CdS8yYvkEw71eDNzgcXj"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 774a3efc7b1d5bf9-FRA
content-length: 4254

GET
H2 200 facebook.jpg
www.wheresgeorge.com/images/ 4 KB
4 KB 2692ms
2689ms Image
image/jpeg 2606:4700:20::681a:735
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.wheresgeorge.com/images/facebook.jpg
Requested by: Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:735 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f3cb1db2d0a51e283ae6fc0d9cf5aef88f250ce5166bd994435d8b7d068cde87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 05:05:21 GMT
cf-cache-status: MISS
last-modified: Sun, 04 Aug 2013 00:21:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "f8a-4e3142cd74880"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V4hmtLbiT7ZCSNrqyy%2BKEQVgX8lLymT715gqD2yVbrFEAiu5XbCbCtp1csFB%2BGebbAKjt9l7CVbchBN7bZ1KJ%2FcVXA4bv%2BH6WambC5NUrzJ1%2BUuNdCcG9ACXbG7LY7k7bcvibdClSAZmt6zMG1OQn4IX"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 774a3efcab545bf9-FRA
content-length: 3978

GET
H2 200 twitter.jpg
www.wheresgeorge.com/images/ 4 KB
4 KB 1404ms
1398ms Image
image/jpeg 2606:4700:20::681a:735
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.wheresgeorge.com/images/twitter.jpg
Requested by: Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:735 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fedf7a96d9f67f560198fa4e96d5f49a5b25c1dd23d406169a0b3b74ea3968b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 05:05:20 GMT
cf-cache-status: MISS
last-modified: Sun, 04 Aug 2013 00:21:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "f57-4e3142cc80640"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nDgSrHW6cKOGRmh5PLhJgvzsVSeoGXmeJy6xZ9TF%2BXmknAX%2F3NyRXhEd7LZcBgbjOLw4h9P%2F1cnsF%2B06ZF%2B%2BH%2Fr45kxW2OTKIgpz0%2FZivzvum9rXYlutwHLdglGR1Qlo4zdOa1uX46kE5gBUD45zSK56"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 774a3efcab595bf9-FRA
content-length: 3927

GET
H2 200 pixel.gif
www.wheresgeorge.com/skins/common/ 807 B
1 KB 659ms
653ms Image
image/gif 2606:4700:20::681a:735
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.wheresgeorge.com/skins/common/pixel.gif
Requested by: Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:735 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c22dc3d31dccd54ee6cc46af4d6b0970e7c684bb32c3812b8371b0e271905b2b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 05:05:19 GMT
cf-cache-status: MISS
last-modified: Mon, 05 Aug 2013 01:17:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "327-4e329122dd340"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oSbp0LPw9OuR2yWMGxu3dGMakQRPqnhvNbxdsmvOCbo4W1HVhoWi9anVt5QsC9oTcVmuETweBnCuobx0gSwQLYdweByRb2zTzhfVLjVxesrkVBavEIMSxyO3Lj3ucUKWCHSab%2Fc14MCpzXekmOsUzGbM"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 774a3efcab5a5bf9-FRA
content-length: 807

GET
H2 200 dropback.jpg
www.wheresgeorge.com/skins/wg-green/ 868 B
1 KB 2688ms
2682ms Image
image/jpeg 2606:4700:20::681a:735
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.wheresgeorge.com/skins/wg-green/dropback.jpg
Requested by: Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:735 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 97aefe4a1c50e7bf4bd5eb810781749a1aa540fe755c4e1e45aa82414c0b5818

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 05:05:21 GMT
cf-cache-status: MISS
last-modified: Mon, 05 Aug 2013 01:17:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "364-4e329123d1580"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ri8XBrfJU6vi%2BkW%2FHz2r36YTzvqaUu2AmkwQpguaScCLFDN4ix3coh2USE%2BVMz9c5UKJ%2F2AcgKojgw%2FYU8KsvmYlAHlQzCcWy%2FAzQl7AYFr46VFNL4HxzZstarI4mpUWJ9ieW7yQ4ou4QWV1An%2BHCYIe"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 774a3efcab5b5bf9-FRA
content-length: 868

GET
H2 200 totalbillsentered.png
www.wheresgeorge.com/images/ 622 B
948 B 1664ms
1659ms Image
image/png 2606:4700:20::681a:735
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.wheresgeorge.com/images/totalbillsentered.png
Requested by: Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:735 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b6bdedf30dce0674375bdde60d211a32d50fd18df2402730def2b8f2de7988d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 05:05:20 GMT
cf-cache-status: MISS
last-modified: Sun, 04 Aug 2013 00:21:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "26e-4e3142d050f40"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8wpWIEhYy5LKjlvHMOEfginKtoPy3t2gcli7b31k8Dp31mWtRvTVRT%2FfEwoy1rol4NDf5jj6Jw%2FA2y0xrpcSinEZJw6Tx7ac6F%2Bv6HkK1D%2Ft5oXUZ6OkOChSayTRJETSQHtIysQoFRKqnLhbMCcBDWRr"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 774a3efcab5c5bf9-FRA
content-length: 622

GET
H2 200 totaldollarvalue.png
www.wheresgeorge.com/images/ 620 B
942 B 2703ms
2698ms Image
image/png 2606:4700:20::681a:735
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.wheresgeorge.com/images/totaldollarvalue.png
Requested by: Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:735 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e0e17b1b2c8c884ef95858b7cce3c572ebdf32d5da4ca26a366dece88bda76a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 05:05:21 GMT
cf-cache-status: MISS
last-modified: Sun, 04 Aug 2013 00:21:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "26c-4e3142d050f40"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5KA5i%2BJKPTpJn6qF6RzCMf9jqyUUrM7eqOLLIfprPGAE63Kv%2B5vB6eF6gQ5s962Defg1aJute6q6xgZDU%2BNxpWjiP2yKJXsAKaWifU%2B1sHXOUXK64X9UWbNpXSzyrlx77OHLlFF6v2%2BXf58dzkyQI3PC"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 774a3efcab5e5bf9-FRA
content-length: 620

GET
H2 200 billsenteredtoday.png
www.wheresgeorge.com/images/ 653 B
994 B 1660ms
1654ms Image
image/png 2606:4700:20::681a:735
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.wheresgeorge.com/images/billsenteredtoday.png
Requested by: Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:735 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dbf2e4d7a491afaa7aa1d29ae72d71c78b5470f1d610b3eab6f7b9c8d6444404

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 05:05:20 GMT
cf-cache-status: MISS
last-modified: Sun, 04 Aug 2013 00:21:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "28d-4e3142d145180"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o0dIPBhhH7pMRdtX6Z4srbERXMy6x6rjnGjteTinMWhpXxmS2AeRPb%2F%2FSBXw7a%2BxlDNqCy2LDZWLWNtjIW0QfvQYQ%2BD5ROSRJDgcK%2Bxbq9dHRBnXh%2B6cLgp9BaT8j91C6D6006okzBb8HNeh7vSE%2FjQm"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 774a3efcab5f5bf9-FRA
content-length: 653

GET
H2 200 hitstoday.png
www.wheresgeorge.com/images/ 453 B
802 B 2510ms
2505ms Image
image/png 2606:4700:20::681a:735
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.wheresgeorge.com/images/hitstoday.png
Requested by: Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:735 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c6f35733b79b1d6797353f4aa427becf64a36417f0e1ebce4da187e3ea9341d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 05:05:21 GMT
cf-cache-status: MISS
last-modified: Sun, 04 Aug 2013 00:21:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "1c5-4e3142cf5cd00"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A0DT2JtveaIZ3r864wDFM8y6DRKE%2FNiAtiG%2FSTL1Z2NnnZ2K2LpyeCteaI9vufFZgDzYi3xZcveeX4qKaSEJg67YhrodH8md%2Fi5sjELphChKQ9Tjjet9t%2FNwXrT8q2P6wLdS0hYxYgDchIyE4oGjWEAI"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 774a3efcab615bf9-FRA
content-length: 453

GET
H2 200 dollarsign.png
www.wheresgeorge.com/images/ 331 B
686 B 149ms
144ms Image
image/png 2606:4700:20::681a:735
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.wheresgeorge.com/images/dollarsign.png
Requested by: Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:735 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 222cbd44beda0de2293c5eb373dcbe8ef2a81dd8c67b364224bc3ef2061d3354

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 05:05:18 GMT
cf-cache-status: MISS
last-modified: Sun, 04 Aug 2013 00:21:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "14b-4e3142cf5cd00"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FPFncuOPvDsKaUJO2ZpvilkphvbHpCZRvnPu%2Fn%2FFuBnNOU0IFFoh7uuWn9LUcTFikDF6lSzbuVIOW%2BlzEqezYJTO4HDboGfNF5njCbKwUuWTtGa09KQXM09mDvjzcX1UNSQfmOkM0dpE%2BOPzF44O8%2FbQ"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 774a3efcab625bf9-FRA
content-length: 331

GET
H2 200 shiftleft.png
www.wheresgeorge.com/images/ 482 B
813 B 2604ms
2599ms Image
image/png 2606:4700:20::681a:735
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.wheresgeorge.com/images/shiftleft.png
Requested by: Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:735 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3ed2d3ba588437ab0954941c0edd797482ed06264b1ca9e6806ed6daeb07b43

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 05:05:21 GMT
cf-cache-status: MISS
last-modified: Sun, 04 Aug 2013 00:21:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "1e2-4e3142cd74880"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wxqdXf2xpb6l7CbQn5uVvTs6evGQmh%2FYLAoHbc0NEhJSNFTwu8v90kZ9yC%2BJKJOfNIQL%2FP1tRhRfto56NkvSOIQonAyBYSZIigFF54jjW%2Btaaq4GW%2BRnBHbGH8MdYDJTfRfUzDY8HiEGczvEQdpMBWjL"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 774a3efcab635bf9-FRA
content-length: 482

GET
H2 200 shiftright.png
www.wheresgeorge.com/images/ 476 B
810 B 3725ms
3720ms Image
image/png 2606:4700:20::681a:735
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.wheresgeorge.com/images/shiftright.png
Requested by: Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:735 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27c167a66fe7195d6169a97715a3becf7e3d5892a12b2825f77959d1c21bfaa9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 05:05:22 GMT
cf-cache-status: MISS
last-modified: Sun, 04 Aug 2013 00:21:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "1dc-4e3142cf5cd00"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rMnnCO7v%2BJt9gYt712%2F90m4%2BBGDjxSX8zXqPT0Bc6vINu9%2F2GoQA0rwEM7ImoG%2Fv1aOBmMFRqVjxBY5uMhIDpsv8mekSFJgI5mwI9PTWMnpXHKgDaj8FGcLthRrEAcFQRjXChtNb8XV%2F0h0%2FewZmw%2FmC"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 774a3efccb825bf9-FRA
content-length: 476

GET
H2 200 vjR-JvKboGM0k7UaLR-M2ocVDUM.js Show response
www.wheresgeorge.com/cdn-cgi/apps/body/ 3 KB
2 KB 492ms
487ms Script
application/javascript 2606:4700:20::681a:735
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wheresgeorge.com/cdn-cgi/apps/body/vjR-JvKboGM0k7UaLR-M2ocVDUM.js
Requested by: Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/cdn-cgi/apps/head/wpJ7OnaoHqqN-SSFOvcy2VKlnmo.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:735 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea8dcf94a62e4ac82246b2224d85052c2308c4c8123dd8b2c4c154cebe9b47f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 05:05:19 GMT
x-amz-version-id: CoNkkylYkt0wMB4UqLQPntJ1JMFymTAa
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 20 May 2018 13:52:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-amz-request-id: RM0V5T75EN8CT7FQ
etag: W/"39fbf6c21b8ff6ff3a490e69a4fb757e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lUBvAizDQ1waX8q3E5Pdg6ikcbVXi7eSznah479RveQVuNhd0g%2Bwvsd2%2BezPV4hFEMS0O8sCNpWDhxk0tvBlVFwTDADlehQotiIpbMmURagvCrRzeQMqkRViqHno%2BJiJXdVfQLoyiquw7DSLhvbnPjbp"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 774a3efccb835bf9-FRA
x-amz-id-2: LhNlbryP+GKvKqUhIC0pdR934NG8/P9zeFlfv6AiZ5+YNf19YGCDh52lVNXDeQU9PnRaO/BbAE8=

GET
H2 200 wg-back-3t-dark.jpg
www.wheresgeorge.com/skins/common/ 121 KB
122 KB 3890ms
3886ms Image
image/jpeg 2606:4700:20::681a:735
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.wheresgeorge.com/skins/common/wg-back-3t-dark.jpg
Requested by: Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/skins/wg-green/wg.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:735 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70751679ec1e2f27cd958b14c2b87f5b1b7fd4e7fbbce340bb3ca6f8dfd82d0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/skins/wg-green/wg.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 05:05:22 GMT
cf-cache-status: MISS
last-modified: Sat, 27 Aug 2016 21:09:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "1e4a0-53b140c66c640"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MJDDuhv5wnTUA4G3Z7HjtGYThUtNJVjFCW5X6XE%2FXPEOq8g1EzAq49ROypCZmP098ZMvoKvmxW9PXBEabz1WyWYpobe1Pm%2BbkKqx1pWmMXOpxnNCvyOZ2HhE3AlUXGHkEcPd62aU0wsb6Uy7I8vbmkxo"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 774a3efccb845bf9-FRA
content-length: 124064

GET
H2 200 rthf_opened.png
www.wheresgeorge.com/skins/common/ 2 KB
3 KB 3725ms
3720ms Image
image/png 2606:4700:20::681a:735
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.wheresgeorge.com/skins/common/rthf_opened.png
Requested by: Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/skins/wg-green/wg.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:735 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e0426dbe67dd4f52df684e50d0e6d33f68f73bd83ba416b7e26b1227a61585d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/skins/wg-green/wg.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 05:05:22 GMT
cf-cache-status: MISS
last-modified: Mon, 05 Aug 2013 01:17:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "96e-4e329121e9100"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A%2Fy3yVZqCwRmxgTQvq1JWCrNfuQIVspJu%2BJ7bxwStZQ5dQwL%2FTb%2BqRtmoLJIYNoUqcoQT2576sEcMpvyzcm6HzatA2bw4rVZuFI6btjLS4UnVxprJ6GrYKDg0C8DifuJWLPkQvyPH513JQDt5a8laNre"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 774a3efccb865bf9-FRA
content-length: 2414

GET
H2 200 announcements_opened.png
www.wheresgeorge.com/skins/common/ 3 KB
3 KB 3728ms
3725ms Image
image/png 2606:4700:20::681a:735
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.wheresgeorge.com/skins/common/announcements_opened.png
Requested by: Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/skins/wg-green/wg.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:735 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 29c7dc1333487ffb5ff8332547585101be64e8323c334b6542092bf21e4f1fa0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/skins/wg-green/wg.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 05:05:22 GMT
cf-cache-status: MISS
last-modified: Mon, 05 Aug 2013 01:17:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "b84-4e329122dd340"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r9lAjWnfXXR6awUhIAbYXVKT03fwgXdCy%2BH3FPzxaAgOAAc%2B7ewKl4nhopAPcMEmG02a0taB9q0lpnRjaTeT4%2F3VjBKLbgU0PttXYT3gqUdT5f%2Bjc7EyMKdnnOEVjmKudaCur8bhS3tGvomvl5%2BaLjNx"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 774a3efccb875bf9-FRA
content-length: 2948

GET
H2 200 page-border.png
www.wheresgeorge.com/skins/wg-green/ 49 KB
49 KB 3911ms
3908ms Image
image/png 2606:4700:20::681a:735
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.wheresgeorge.com/skins/wg-green/page-border.png
Requested by: Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/skins/wg-green/wg.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:735 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0bd2a2b65fa258c88704613fbaa9261c2ace4b5d8fdaec5e6790efa4554e13ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/skins/wg-green/wg.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 05:05:22 GMT
cf-cache-status: MISS
last-modified: Mon, 05 Aug 2013 01:17:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "c40e-4e329123d1580"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dP91Lm1Hz%2B%2FFtD0hr9RZ4dasPM%2BSaQSYRO38%2BRMZRSRyxRQTO4fctqC%2B%2FCs5peZXSpghFCp4Bpjm559XhBJ%2FpuExzLVnFDvV%2FufS8GhhUZiL7jCqlMRvzFy%2BAGjEWr1zNLF3uTUf4KZ8ha0cOk66DZFg"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 774a3efccb895bf9-FRA
content-length: 50190

GET
H2 200 wheres-george-eyes2.jpg
www.wheresgeorge.com/skins/common/ 40 KB
41 KB 3818ms
3815ms Image
image/jpeg 2606:4700:20::681a:735
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.wheresgeorge.com/skins/common/wheres-george-eyes2.jpg
Requested by: Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/skins/wg-green/wg.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:735 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3f554402586b6d6141a35ff7838ecb350f34b95632f489dd26230c748293a24f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/skins/wg-green/wg.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 05:05:22 GMT
cf-cache-status: MISS
last-modified: Thu, 08 Dec 2016 18:16:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "a1c1-54329a1c02e80"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vteawR6DBaP1sXgvw31RFxS%2FiZho7ZmO0oyFgc7Lm5uS6%2BjWr0c7Wv2AQtfv3Iu4Qjh2%2B4Ylsf3myoeq04WLcHoXwgSbgnpfVxJwhRsL5SYittVi5L3EsnKClyHMBMBCFlVHNUrekedoUY5UJ0ufV6Ox"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 774a3efccb8a5bf9-FRA
content-length: 41409

GET
H2 200 wg-header-top-center.png
www.wheresgeorge.com/skins/common/ 18 KB
19 KB 3780ms
3777ms Image
image/png 2606:4700:20::681a:735
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.wheresgeorge.com/skins/common/wg-header-top-center.png
Requested by: Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/skins/wg-green/wg.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:735 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dce531eee4c5fdc685dbcdb1470072755405690fdfdd930a6e22e463f78d284e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/skins/wg-green/wg.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 05:05:22 GMT
cf-cache-status: MISS
last-modified: Mon, 05 Aug 2013 01:17:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "4938-4e329122dd340"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7rfAHPg27BvWlN5hwgOv3hNBELbg15jEA7JvlPq8HeC5VSmgTR6plg66%2BYvBFzkhQPcbUBarGns6pF7cmRjgs%2BS%2FOLN%2BQXlKZ4VmLN2d13kP8X%2FhTY1Xr7Y8SRH3H5v7TMAEb3xB%2FT9f48vmCuWK4bMq"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 774a3efccb8b5bf9-FRA
content-length: 18744

GET
H2 200 wg-header-top-left.png
www.wheresgeorge.com/skins/common/ 40 KB
40 KB 4882ms
4879ms Image
image/png 2606:4700:20::681a:735
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.wheresgeorge.com/skins/common/wg-header-top-left.png
Requested by: Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/skins/wg-green/wg.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:735 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 78c19f0f48c2039268244bea64d0c0d6b0e99739baf0706c043f4a7fa5b9a49f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/skins/wg-green/wg.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 05:05:23 GMT
cf-cache-status: MISS
last-modified: Mon, 05 Aug 2013 01:17:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "9e8d-4e329121e9100"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NAGewmUMc9tsNsAHc090gvS3S1dnEmcr%2FBVuOMccVZaD2ygmBz5mXpFOUBeCiNwWVNQrqAlfHwHID5vD53rKJJU0LWENxEzTte7v2vhj8s0FkWDQghF39R8YpqByTDNtOqU2%2Fq6PQbuZ7XPfNoV0%2FIFM"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 774a3efccb8c5bf9-FRA
content-length: 40589

GET
H2 200 wg-header-bottom-left.png
www.wheresgeorge.com/skins/common/ 21 KB
21 KB 2763ms
2761ms Image
image/png 2606:4700:20::681a:735
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.wheresgeorge.com/skins/common/wg-header-bottom-left.png
Requested by: Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/skins/wg-green/wg.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:735 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f64f12e5474480f9b66cd6231874622c4e0fbc168d7d9708aae94183f01e6a1b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/skins/wg-green/wg.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 05:05:21 GMT
cf-cache-status: MISS
last-modified: Mon, 05 Aug 2013 01:17:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "545b-4e329121e9100"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5t%2BhefA8KxyXoJzw9EqmcC4sJr4mLuCR4mz%2Fd%2BF0vaUbj7Cvm3DhMh25UOIobQI%2BVvCep2Wpx7d805%2FJPXn7jDGW0qdCQmWjUB2WAcqXH7%2FUyx%2FM9LQZp4MuQFuPqECn8JihLguC%2BGyUzOO9pv%2FJxOR5"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 774a3efccb8d5bf9-FRA
content-length: 21595

GET
H2 200 wg-header-top-right.png
www.wheresgeorge.com/skins/common/ 40 KB
41 KB 3824ms
3822ms Image
image/png 2606:4700:20::681a:735
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.wheresgeorge.com/skins/common/wg-header-top-right.png
Requested by: Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/skins/wg-green/wg.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:735 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9fe82976b037bfb21b0977871949ca3ecc4602f5b90c2b7c7b322068a2cc5341

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/skins/wg-green/wg.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 05:05:22 GMT
cf-cache-status: MISS
last-modified: Mon, 05 Aug 2013 01:17:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "a163-4e329122dd340"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hSlN3ovSUdPjNi7cUv3Admk9fdKo4TqEPv%2BLWlIQ5pfrAMo8FF%2BryKVVD0yQhs2aIKvMBUi1TGiEq%2F7SkcWjc7hGDJMRI3bYGjhCflFe2SUiyriW33s%2BT3J3z08SJomLW4fBxGjDgAp1Dgg7wMzBwl%2Fe"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 774a3efccb8e5bf9-FRA
content-length: 41315

GET
H2 200 wg-header-bottom-right.png
www.wheresgeorge.com/skins/common/ 19 KB
20 KB 4124ms
4122ms Image
image/png 2606:4700:20::681a:735
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.wheresgeorge.com/skins/common/wg-header-bottom-right.png
Requested by: Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/skins/wg-green/wg.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:735 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b8b2da42e63cfbe1929809bf08001dbc90fb04da686e8f1895c96c2e3476586

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/skins/wg-green/wg.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 05:05:22 GMT
cf-cache-status: MISS
last-modified: Mon, 05 Aug 2013 01:17:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "4d53-4e329122dd340"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ix%2FhS5uV%2BA9O5UrUGneT%2BwOkVB0B2YCtbskPdEut5AF0qyplvsDOh69Dx9GDUT9IpSeZ3oBKLxBvdGGUR1e94Jdohhaz11FzLaIdNdTlcz5dX%2BG%2FXOSyaZM%2BxJ%2F6mmVoLfC84dbyg7fmU4Ap5r6rubIA"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 774a3efccb8f5bf9-FRA
content-length: 19795

GET
H2 200 glass-logo.png
www.wheresgeorge.com/skins/common/ 4 KB
4 KB 4756ms
4754ms Image
image/png 2606:4700:20::681a:735
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.wheresgeorge.com/skins/common/glass-logo.png
Requested by: Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/skins/wg-green/wg.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:735 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 94a64debb73115b6e4bb5816aad62b1af7c6584b2139d9a2d9480dbf4220561c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/skins/wg-green/wg.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 05:05:23 GMT
cf-cache-status: MISS
last-modified: Mon, 05 Aug 2013 01:17:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "e22-4e329122dd340"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=516pkY51rX6kL46NwdzSAXomF%2BSgidclqNYWNmhxKX9zdv0TqPw0bw2BOKGgR6nYFzOL%2BfKdMzRADITuXGqq9SnkpYCeTCKd3XGIw8I4LWLdWx9q2mbTqlhufu5qK1vyxjYmfVmd4C0YG8A8QnbEpEUN"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 774a3efccb905bf9-FRA
content-length: 3618

GET
H2 200 nav-background.jpg
www.wheresgeorge.com/skins/wg-green/ 4 KB
4 KB 4766ms
4764ms Image
image/jpeg 2606:4700:20::681a:735
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.wheresgeorge.com/skins/wg-green/nav-background.jpg
Requested by: Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/skins/wg-green/wg.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:735 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e73d4b74d14162b1d0b2d35585058d806f07513b84aa6cbb2d8e9fa51be9d74

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/skins/wg-green/wg.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 05:05:23 GMT
cf-cache-status: MISS
last-modified: Mon, 05 Aug 2013 01:17:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "ecc-4e329123d1580"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v7wH9re%2FNXcDdNV8eL1f0C7jvdCoeDsEv%2F8865%2BA4FxiiFVMYGwQpJNdIvJMpx6MrdUnGinkKQIDsJBFggxJeCBWA%2BTcFsAZTlI2wdwC%2FyRPnnzuaHthOrRY0ERm1R9OsXiJFygAYDCvSJD%2BnmR7UeRh"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 774a3efccb915bf9-FRA
content-length: 3788

GET
H2 200 pubads_impl_2022112901.js Show response
securepubads.g.doubleclick.net/gpt/ 384 KB
130 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022112901.js?cb=31071079

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ec70108a49369dc3f73734dacf94050c28049d32fe708c968782483ae8cabda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 15:16:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49713
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133261
x-xss-protection: 0
last-modified: Tue, 29 Nov 2022 09:37:49 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 04 Dec 2023 15:16:45 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 102 B
98 B 100ms
54ms XHR
application/json 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.wheresgeorge.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d3bcadfd8c6c942428d4da05a4f74d77c3ae116691a1b7134edfe6381a2530c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 05:05:18 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 73
x-xss-protection: 0
expires: Mon, 05 Dec 2022 05:05:18 GMT

GET
H2 200 nav-sep.jpg
www.wheresgeorge.com/skins/wg-green/ 722 B
1 KB 4748ms
4747ms Image
image/jpeg 2606:4700:20::681a:735
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.wheresgeorge.com/skins/wg-green/nav-sep.jpg
Requested by: Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/skins/wg-green/wg.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:735 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9cc6470204dda1b6135b76c42ed59cefaed8dead87385d110742669f54d4b054

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/skins/wg-green/wg.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 05:05:23 GMT
cf-cache-status: MISS
last-modified: Mon, 05 Aug 2013 01:17:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "2d2-4e329123d1580"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QO%2BveBxorsbIY6VQmub1L%2Bw6MVQfcKrfXQKTzNHrXQc8%2BhDRUcrfkaLR4C7L%2B9f0PGS%2F0ig4j86c5zILSQu7ChOUjiZPdj9fRdl3Dslla0ORIuQz%2FbX7v4yVYHUaljHSSYoju945iaLXdktyMLwsp7gh"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 774a3efcdbac5bf9-FRA
content-length: 722

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 72ms
21ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 05 Dec 2022 03:15:46 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 6572
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Mon, 05 Dec 2022 05:15:46 GMT

GET
H2 200 found-a-bill.png
www.wheresgeorge.com/skins/wg-green/ 69 KB
70 KB 4905ms
4902ms Image
image/png 2606:4700:20::681a:735
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.wheresgeorge.com/skins/wg-green/found-a-bill.png
Requested by: Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/skins/wg-green/wg.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:735 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da4f3b2e0ca2bdad54c77c30fe4e209f95fc88cc5d67cfb42e66c9d0259ac144

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/skins/wg-green/wg.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 05:05:23 GMT
cf-cache-status: MISS
last-modified: Mon, 05 Aug 2013 01:17:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "115eb-4e329123d1580"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pM9vY%2BQOniPSOtP328owHtfO12HvPGD9VaN8UHI4LlhS%2FjC49oq0HBIm9JKe2dLTyqWcH8jwamydCVH%2F0KiC7UgKBulU3pkK9RRL5aXM3d6s9%2BbvkMYZPzwKO3RZgOtmDBWo4jjogTXhQrPjLpYVULp%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 774a3efcebc15bf9-FRA
content-length: 71147

GET
H2 200 enter-track.png
www.wheresgeorge.com/skins/wg-green/ 70 KB
70 KB 4896ms
4893ms Image
image/png 2606:4700:20::681a:735
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.wheresgeorge.com/skins/wg-green/enter-track.png
Requested by: Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/skins/wg-green/wg.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:735 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cabea06371ff3f26ecf21fcac0c279ae3bd92f787624d3215bc6ba3121c4806c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/skins/wg-green/wg.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 05:05:23 GMT
cf-cache-status: MISS
last-modified: Mon, 05 Aug 2013 01:17:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "11728-4e329123d1580"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mSTkyuFEeZoGFX2sMzBRqFhNp2Yp5h8AoYO9k3OmcHSNs0WhEpG03gvRmetGy8i9I1X%2B5QoT3qumZRw1qnyoyfdKalkw3p4Hcszl7v6e4ot7SmEg3R1esUTvTxmF1mnMQphSpjO1r8EeePvFaokDdFEp"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 774a3efcebc25bf9-FRA
content-length: 71464

GET
H2 200 footer-background2.png
www.wheresgeorge.com/skins/common/ 165 KB
166 KB 4915ms
4913ms Image
image/png 2606:4700:20::681a:735
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.wheresgeorge.com/skins/common/footer-background2.png
Requested by: Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/skins/wg-green/wg.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:735 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f8d71892deb8ef0496585f4d5a5199b23eebcd595b8acf7ddb92009b72e31596

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/skins/wg-green/wg.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 05:05:23 GMT
cf-cache-status: MISS
last-modified: Thu, 08 Dec 2016 18:17:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "29430-54329a4ca6140"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5fFFTO2DRdsYUdDHE0QMrRGZVDNuuRAZXF16PLZdVYdFsnkR5%2BBNZFzfeeL7QW0MaYrBVJcS%2Bm9xgrb5ljh1QGhhKLMzjBycGy4q06KTph3p7K94L4NYGTu0vw9jnvscUwa3sZrFMQxLHAyBfEJnntGD"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 774a3efcebc55bf9-FRA
content-length: 169008

GET
H2 200 footer-bottom.png
www.wheresgeorge.com/skins/common/ 197 KB
197 KB 4929ms
4928ms Image
image/png 2606:4700:20::681a:735
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.wheresgeorge.com/skins/common/footer-bottom.png
Requested by: Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/skins/wg-green/wg.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:735 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c1d9973ca5c62cf51fbb097b24568a2e8ac42584bcbbb3f3d40db6d5ac7a1bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/skins/wg-green/wg.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 05:05:23 GMT
cf-cache-status: MISS
last-modified: Mon, 05 Aug 2013 01:17:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "31265-4e329121e9100"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NaIcYXms68mQ97ELTI5Kf39PCzUmc0DyqRga2w%2FTsEYFa%2F8Npp6zGoYGw7AeiGz2RfWSH8BVUUHZ1xP3%2FLpH%2BxiU9b1AbN0O%2BR7fbvbmRT39KO97P%2BgQvTviQCQxGroO8il30smlOiB9Ln4CAze2L6rF"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 774a3efcebc65bf9-FRA
content-length: 201317

GET
H2 200 hitfeed.php Show response
www.wheresgeorge.com/ 7 KB
3 KB 144ms
144ms XHR
text/html 2606:4700:20::681a:735
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wheresgeorge.com/hitfeed.php
Requested by: Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/includes/js/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:735 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 73866ae9e08790385053a9665a2556fea9b6808f6a3efee407264aba843f7d58

Request headers

Accept: */*
Referer: https://www.wheresgeorge.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 05:05:19 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B6dB%2BQHa8VfORKn%2FG4NFc3dDp3EyMjJTa35N0WcwK6ZSNgunLRdEhiK%2FHe%2FwIZGif8kItqhwI6R0aw2PwSRkH3ESyJDNnLMIWUArYyD21BMYFsqsSRX94ZAI%2FXPZIw62X%2B4GBPNrpaeCMXmWwFkg%2Bug1"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 774a3efd0bfd5bf9-FRA

GET
H2 200 top-ad-background.png
www.wheresgeorge.com/skins/wg-green/ 406 B
733 B 149ms
148ms Image
image/png 2606:4700:20::681a:735
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.wheresgeorge.com/skins/wg-green/top-ad-background.png
Requested by: Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/skins/wg-green/wg.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:735 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7fae18de875f131f9962b002379d31c5b0f33a917be900337718f66877948b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/skins/wg-green/wg.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 05:05:19 GMT
cf-cache-status: MISS
last-modified: Mon, 05 Aug 2013 01:17:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "196-4e329123d1580"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NoQ1xj%2FtPtxDHgTgvSLBGrsFSnZzz7Pn33CE9rM5JhNh1dMOXq0PcTXJddAo7f%2BDTtU46ATIE9%2B2ogqBcYMascuWqB4Iqplk55ml1IyXinBsxjC0wUZqgOEz1AmiEYblXsvHsKc5%2FfW3BwXXc0YjRtse"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 774a3efd1c045bf9-FRA
content-length: 406

GET
H2 200 close24.png
www.wheresgeorge.com/skins/common/ 50 KB
51 KB 4894ms
4894ms Image
image/png 2606:4700:20::681a:735
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.wheresgeorge.com/skins/common/close24.png
Requested by: Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/skins/wg-green/wg.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:735 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8731b24cdd3437a8da8618f85194973a5b248ec42a27adaefe618e3257214cf3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/skins/wg-green/wg.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 05:05:23 GMT
cf-cache-status: MISS
last-modified: Mon, 05 Aug 2013 01:17:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "c933-4e329122dd340"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mkT%2B4PaS0Z4EOBispE5RmOsBrI0HdQqEHPV%2Blw2xLR5ve1fPTePb9seyU%2FLQFFwOUP3FYF6vTMw00wRrGEirbFCB77sW%2Br%2F65eHqhkqgFdax8r2P1RomDUVvxJXv5OCtip%2BLGIjW2MCxdKjXikQSYHqn"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 774a3efd1c055bf9-FRA
content-length: 51507

GET
H2 200 georgemeter.json Show response
www.wheresgeorge.com/ 49 B
476 B 4698ms
4698ms XHR
application/json 2606:4700:20::681a:735
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wheresgeorge.com/georgemeter.json?_=1670216718651
Requested by: Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/includes/js/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:735 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e217c8132d5e8b9323f79dcd34b0bfc82cae4fdbd8f5652594fe561071bff883

Request headers

Accept: text/plain, */*; q=0.01
Referer: https://www.wheresgeorge.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 05:05:23 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Mon, 05 Dec 2022 05:05:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"31-5ef0da12f76cb"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uMUzrAYANWxSj2weQa23QDSkfN7QYiqingbAnjGaGIswFkFVViIwlF9SrZjCkguaLURXgPZSF7LkQ9f%2BukrKj63hWZQwziMw%2Bo5f%2BGe9F2ORPcYDCuZl7pgBGZvQdnOp8eGP164g0oaBDGvCA4FXcQ5x"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cf-ray: 774a3efd1c0b5bf9-FRA

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 73ms
28ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1360666415&t=pageview&_s=1&dl=https%3A%2F%2Fwww.wheresgeorge.com%2F&ul=en-us&de=UTF-8&dt=Where%27s%20George%3F%20-%20Official%20Currency%20Tracking%20Project%20-&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1169037057&gjid=1708794594&cid=1518866491.1670216719&tid=UA-1469661-1&_gid=471938720.1670216719&_r=1&_slc=1&z=438420048

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.wheresgeorge.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 05 Dec 2022 05:05:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.wheresgeorge.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 186905-129106728116453.js Show response
js-sec.indexww.com/ht/p/ 37 KB
13 KB 714ms
652ms Script
text/javascript 172.64.151.162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/ht/p/186905-129106728116453.js
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna_hb/wheresgeorge/wheresgeorge/didna_config.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6deb8763f8da9983dc3f1ab5d4376b37292dbd4b7fbd988713ac334a5904069

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 05:05:19 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
last-modified: Mon, 05 Dec 2022 05:01:13 GMT
server: cloudflare
etag: W/"7612ca-930b-5ef0d939b8eea"
vary: Accept-Encoding
content-type: text/javascript
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
cache-control: public, max-age=14400
cf-ray: 774a3eff1bebbb55-FRA
expires: Mon, 05 Dec 2022 09:05:19 GMT

GET
BLOB 200
OK d14b3f06-3c53-43f7-8129-146e9966092e
https://www.wheresgeorge.com/ 594 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.wheresgeorge.com/d14b3f06-3c53-43f7-8129-146e9966092e
Requested by: Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9c7bf6fd89eb097c1f7cf0a33ba3ff0b9edc9ef69a2e496fa332c688841a8841

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Length: 594
Content-Type: text/javascript

GET
BLOB 200
OK b7ca9d30-2f31-48a8-af0e-9519cb52a6b7 Show response
https://www.wheresgeorge.com/ 196 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.wheresgeorge.com/b7ca9d30-2f31-48a8-af0e-9519cb52a6b7
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna_hb/wheresgeorge/wheresgeorge/didna_config.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a50fd2c2415334c1be42218fccd59b837de10ed8ba364199d2c0b0d4a4c65299

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Length: 200828
Content-Type: text/javascript

GET
H2 200 grumi-ip.js Show response
rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/ 12 KB
5 KB 185ms
96ms Script
application/javascript 2600:9000:206f:6e00:4:b37b:9440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi-ip.js
Requested by: Host: www.wheresgeorge.com
URL: blob:https://www.wheresgeorge.com/b7ca9d30-2f31-48a8-af0e-9519cb52a6b7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:6e00:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8d50c94e062cfbcd2b5b804e9bdb01755941dc851812cdbeea3c6dc928651f8c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 04:48:44 GMT
content-encoding: br
via: 1.1 6b38a2e1db230db568190464ab7177da.cloudfront.net (CloudFront)
x-amz-version-id: w3KJZkVAfqnORqOaqFfF6RO.15AU_w0t
last-modified: Tue, 06 Sep 2022 10:54:02 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 996
etag: W/"8ad2beee52c2abad4a49b927b72d3048"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age: 14400, stale-while-revalidate=14400, immutable
x-amz-cf-id: D1NZ41YgoxASyzzE4Rmm2SiUUJwXOwsXGR2AwkdT46_ME0ErDw5YtA==

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/159745/4535/ 215 KB
66 KB 76ms
22ms Script
application/javascript 88.221.168.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/159745/4535/pwt.js
Requested by: Host: www.wheresgeorge.com
URL: blob:https://www.wheresgeorge.com/b7ca9d30-2f31-48a8-af0e-9519cb52a6b7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.221.168.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-168-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: d557de3f39744cf5f2dc1fd949f47e98362dfdb6bd43a8b691d5b61bfb63fd95

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 05:05:19 GMT
content-encoding: gzip
last-modified: Mon, 31 Oct 2022 16:33:39 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=136903
accept-ranges: bytes
content-length: 66761
expires: Tue, 06 Dec 2022 19:07:02 GMT

GET
BLOB 200
OK ed804d62-3000-45c0-b80f-6580b485ee18 Show response
https://www.wheresgeorge.com/ 481 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.wheresgeorge.com/ed804d62-3000-45c0-b80f-6580b485ee18
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna_hb/wheresgeorge/wheresgeorge/didna_config.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7900b61c654b5c5c8e2592fcc4738e256046cc53883a016fbe696c591dac5d9d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Length: 492946
Content-Type: text/javascript

GET
DATA 200
OK truncated
/ 546 B
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 191ad33371b27fc1982dd92307fc8961c2f6d8367cbad961ddb47db9e6ebc170

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: text/css;charset=utf-8

POST
H2 200 c Show response
prebid.a-mo.net/a/ 23 KB
12 KB 194ms
135ms XHR
application/json 147.75.85.234
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: www.wheresgeorge.com
URL: blob:https://www.wheresgeorge.com/ed804d62-3000-45c0-b80f-6580b485ee18
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: f88b2e6331b41010203b7a1bfd7976086caa2621f473a6bff6052521faf71c60

Request headers

Referer: https://www.wheresgeorge.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 05 Dec 2022 05:05:18 GMT
content-encoding: gzip
server: envoy
vary: origin, accept-encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.wheresgeorge.com
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 90
content-length: 11913

GET
H2 200 arj Show response
didna-d.openx.net/w/1.0/ 73 B
148 B 115ms
34ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://didna-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.wheresgeorge.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=6936668b-fd45-4c40-9278-f7844c36cd82&nocache=1670216719369&aus=300x250%2C336x280&divids=rectangle_1&aucs=%252F170737076%252C1069408%252Fdisplay%252FWheresGeorge%252Fwheresgeorge.com&auid=540256503
Requested by: Host: www.wheresgeorge.com
URL: blob:https://www.wheresgeorge.com/ed804d62-3000-45c0-b80f-6580b485ee18
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: ad008715bb343c6fb646069bf2982c2387bd9ee1c5b590c622011e4c376efb88

Request headers

Referer: https://www.wheresgeorge.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 05 Dec 2022 05:05:19 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: application/json
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.wheresgeorge.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
64 B 456ms
143ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: www.wheresgeorge.com
URL: blob:https://www.wheresgeorge.com/ed804d62-3000-45c0-b80f-6580b485ee18
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.wheresgeorge.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.wheresgeorge.com
date: Mon, 05 Dec 2022 05:05:19 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 14 KB
8 KB 230ms
175ms XHR
application/json 37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: www.wheresgeorge.com
URL: blob:https://www.wheresgeorge.com/ed804d62-3000-45c0-b80f-6580b485ee18

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e96232f35f33729c5eb9a01f7e30a12ce71129365f86cd91eb53deee8587f939

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.wheresgeorge.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 05 Dec 2022 05:05:19 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 84.19.175.165; 84.19.175.165; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 837ddd8b-aeaa-4d0a-9914-bd333018b1d6
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.wheresgeorge.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 37 B
313 B 229ms
173ms XHR
application/json 172.64.154.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=360263
Requested by: Host: www.wheresgeorge.com
URL: blob:https://www.wheresgeorge.com/ed804d62-3000-45c0-b80f-6580b485ee18
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 77f7c57e52395b9adbb8b8d079c31fc6bc39532250563bca65fd47c6aa08763a

Request headers

Referer: https://www.wheresgeorge.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 05 Dec 2022 05:05:19 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sT4elFmBb%2BlVdcWIbnLphJE25gQZ%2FpDe9XGOCsMhJYFpWv2bB7By7NsgPj2Bjdm2PWJYGlhsCKxt%2BZhSqSAjFvHoXnJEO7YXpFVnovTYbAoWZPjRM%2B7Tro%2BxJFbrT27KCeW70mGJ"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.wheresgeorge.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 774a3f008954bb8f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37
expires: 0

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 3 KB
3 KB 187ms
111ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691d0017070401401403a11d30006&pos=8a9698ab01747406698907d5067700f3&cmd=bid&secure=1
Requested by: Host: www.wheresgeorge.com
URL: blob:https://www.wheresgeorge.com/ed804d62-3000-45c0-b80f-6580b485ee18
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: bc26ea59ffe8453b0c79725cbacbd5bf3607cf6710a00202d9a37348429ef579

Request headers

Referer: https://www.wheresgeorge.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 05 Dec 2022 05:05:19 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.wheresgeorge.com
access-control-allow-credentials: true
content-length: 3003

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
297 B 107ms
32ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691d0017070401401403a11d30006&pos=8a9698ab01747406698907d5637f00f4&cmd=bid&secure=1
Requested by: Host: www.wheresgeorge.com
URL: blob:https://www.wheresgeorge.com/ed804d62-3000-45c0-b80f-6580b485ee18
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: ac14b8b7d830fb36bb9a9beee3b7b49035d8bdd1ecd669dafe7afe7c92c577b4

Request headers

Referer: https://www.wheresgeorge.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 05 Dec 2022 05:05:19 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.wheresgeorge.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 404 B
815 B 199ms
89ms XHR
application/json 63.33.230.145
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?lt=1670216719384&to=0&aun=rectangle_1&gpid=%2F170737076%2C1069408%2Fdisplay%2FWheresGeorge%2Fwheresgeorge.com&t=avou7mdw&pi=2&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.wheresgeorge.com%2F&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%227.26.0%22%7D&ogu=null&ns=9216
Requested by: Host: www.wheresgeorge.com
URL: blob:https://www.wheresgeorge.com/ed804d62-3000-45c0-b80f-6580b485ee18
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.33.230.145 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-33-230-145.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 31864a6b821f78de93e86ea73be38dab540b0e33055ddbae9953fb437afd609a

Request headers

Referer: https://www.wheresgeorge.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 05 Dec 2022 05:05:19 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.wheresgeorge.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 410 B
973 B 262ms
147ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20100&site_id=238888&zone_id=1178360&size_id=15&alt_size_ids=16&rf=https%3A%2F%2Fwww.wheresgeorge.com%2F&kw=wheresgeorgewhereswillywhere%27sgeorge%3FtrackdolllarbillsWG%3FWGwhereswilly.comwheresgeorge.comtrackdollartrackdollarbillstrackdollardillstrackdollarsdollarsonebillfrbfederalreservebankstracetracingtrackingtracktraceamericanserialnumberseriesdenominationbillswhereisgeorgecurrencymoneylegaltender&tg_i.page=https%3A%2F%2Fwww.wheresgeorge.com%2F&tg_i.domain=wheresgeorge.com&tg_i.pbadslot=%2F170737076%2C1069408%2Fdisplay%2FWheresGeorge%2Fwheresgeorge.com&tk_flint=pbjs_lite_v7.26.0&x_source.tid=6936668b-fd45-4c40-9278-f7844c36cd82&l_pb_bid_id=1988aff1789d0b7&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F170737076%2C1069408%2Fdisplay%2FWheresGeorge%2Fwheresgeorge.com&slots=1&rand=0.3454053795680596
Requested by: Host: www.wheresgeorge.com
URL: blob:https://www.wheresgeorge.com/ed804d62-3000-45c0-b80f-6580b485ee18
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 07834c02633917b263202310d2dbe2e7e9e6853c740e4dd02de318f54249cb93

Request headers

Referer: https://www.wheresgeorge.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 05 Dec 2022 05:05:19 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.wheresgeorge.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 410
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 3 KB
3 KB 213ms
147ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691d0017070401401403a11d30006&pos=8a9698ab01747406698907d5ccaa00f5&cmd=bid&secure=1
Requested by: Host: www.wheresgeorge.com
URL: blob:https://www.wheresgeorge.com/ed804d62-3000-45c0-b80f-6580b485ee18
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 893b574eb3439996f8bc59f7fee7e8a46e00b2dc65c5dc7d78f3d1c40be74be7

Request headers

Referer: https://www.wheresgeorge.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 05 Dec 2022 05:05:19 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.wheresgeorge.com
access-control-allow-credentials: true
content-length: 3011

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 134ms
68ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691d0017070401401403a11d30006&pos=8a9698ab01747406698907d6092b00f6&cmd=bid&secure=1
Requested by: Host: www.wheresgeorge.com
URL: blob:https://www.wheresgeorge.com/ed804d62-3000-45c0-b80f-6580b485ee18
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 63a729fdf38d4201cbc2d68200d44f3d61f4c00e9a63adaf1b24c257f3f119d0

Request headers

Referer: https://www.wheresgeorge.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 05 Dec 2022 05:05:19 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.wheresgeorge.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 408 B
741 B 262ms
154ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20100&site_id=238888&zone_id=1178360&size_id=9&alt_size_ids=8&rf=https%3A%2F%2Fwww.wheresgeorge.com%2F&kw=wheresgeorgewhereswillywhere%27sgeorge%3FtrackdolllarbillsWG%3FWGwhereswilly.comwheresgeorge.comtrackdollartrackdollarbillstrackdollardillstrackdollarsdollarsonebillfrbfederalreservebankstracetracingtrackingtracktraceamericanserialnumberseriesdenominationbillswhereisgeorgecurrencymoneylegaltender&tg_i.page=https%3A%2F%2Fwww.wheresgeorge.com%2F&tg_i.domain=wheresgeorge.com&tg_i.pbadslot=%2F170737076%2C1069408%2Fdisplay%2FWheresGeorge%2Fwheresgeorge.com&tk_flint=pbjs_lite_v7.26.0&x_source.tid=0243fc6a-314d-4b6e-8cab-dc7198933f34&l_pb_bid_id=24282b4f66f4c3c&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.05&rp_maxbids=1&p_gpid=%2F170737076%2C1069408%2Fdisplay%2FWheresGeorge%2Fwheresgeorge.com&slots=1&rand=0.578397357662713
Requested by: Host: www.wheresgeorge.com
URL: blob:https://www.wheresgeorge.com/ed804d62-3000-45c0-b80f-6580b485ee18
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 0755ba0ffaeddb60b4944d7c2aac5a7bb0dd2462f213d74f0ea8ceb77f3a9827

Request headers

Referer: https://www.wheresgeorge.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 05 Dec 2022 05:05:19 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.wheresgeorge.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 408
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
280 B 139ms
108ms XHR
text/plain 147.75.85.234
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: www.wheresgeorge.com
URL: blob:https://www.wheresgeorge.com/ed804d62-3000-45c0-b80f-6580b485ee18
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.wheresgeorge.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.wheresgeorge.com
date: Mon, 05 Dec 2022 05:05:19 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 78
server: envoy
vary: origin, Accept-Encoding

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 404 B
814 B 192ms
94ms XHR
application/json 63.33.230.145
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?lt=1670216719397&to=0&aun=skyscraper_1&gpid=%2F170737076%2C1069408%2Fdisplay%2FWheresGeorge%2Fwheresgeorge.com&fp=0.05&fpc=USD&t=avou7mdw&pi=2&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.wheresgeorge.com%2F&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%227.26.0%22%7D&ogu=null&ns=9216
Requested by: Host: www.wheresgeorge.com
URL: blob:https://www.wheresgeorge.com/ed804d62-3000-45c0-b80f-6580b485ee18
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.33.230.145 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-33-230-145.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b99a21f33656b56daaf0aae9de335a93fbb93278ba50989b6359ac7a9d03ddbf

Request headers

Referer: https://www.wheresgeorge.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 05 Dec 2022 05:05:19 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.wheresgeorge.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
120 B 403ms
116ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: www.wheresgeorge.com
URL: blob:https://www.wheresgeorge.com/ed804d62-3000-45c0-b80f-6580b485ee18
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.wheresgeorge.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.wheresgeorge.com
date: Mon, 05 Dec 2022 05:05:19 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 145 B
1 KB 233ms
187ms XHR
application/json 37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: www.wheresgeorge.com
URL: blob:https://www.wheresgeorge.com/ed804d62-3000-45c0-b80f-6580b485ee18

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

03acc59c4ca1401a177badffdb56f37a01c11d0886167882f5ae86a1e4f992e2

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.wheresgeorge.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 05 Dec 2022 05:05:19 GMT
AN-X-Request-Uuid: 4876f86d-ce8a-4a16-9761-1d4fe9dcd2b5
Server: nginx/1.21.3
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.wheresgeorge.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 84.19.175.165; 84.19.175.165; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 145
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 37 B
567 B 179ms
144ms XHR
application/json 172.64.154.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=360263
Requested by: Host: www.wheresgeorge.com
URL: blob:https://www.wheresgeorge.com/ed804d62-3000-45c0-b80f-6580b485ee18
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0753d1dfcafcc83e4c50a5479f0b3bd1ace745fdd421400007abf57863f04d1c

Request headers

Referer: https://www.wheresgeorge.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 05 Dec 2022 05:05:19 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l12oPgKBoHkUAiD7lLZKzq0GaS8za0qlDymKV70t9fBSBNTJLPF3S8LdlUhtJo%2FPOWIpJlswPv8aaNUnfN7C0w86CE7fmdUR7%2BIQiESyF7Unhda4HPzIxD8FZf0e63DbuB2vqEWT"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.wheresgeorge.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 774a3f008956bb8f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37
expires: 0

GET
H2 200 arj Show response
didna-d.openx.net/w/1.0/ 72 B
381 B 79ms
30ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://didna-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.wheresgeorge.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=0243fc6a-314d-4b6e-8cab-dc7198933f34&nocache=1670216719402&aus=160x600%2C120x600&divids=skyscraper_1&aucs=%252F170737076%252C1069408%252Fdisplay%252FWheresGeorge%252Fwheresgeorge.com&auid=540256503&aumfs=50
Requested by: Host: www.wheresgeorge.com
URL: blob:https://www.wheresgeorge.com/ed804d62-3000-45c0-b80f-6580b485ee18
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 8621af61bcde2b5d8ed84e6ac8231f7d9ef1f8757218871dd00d40c494c5134c

Request headers

Referer: https://www.wheresgeorge.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 05 Dec 2022 05:05:19 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: application/json
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.wheresgeorge.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 78
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 grumi.js Show response
rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/ 201 KB
68 KB 26ms
26ms Script
text/javascript 2600:9000:206f:6e00:4:b37b:9440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi.js
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi-ip.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:6e00:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 22bcbd9adfea86a67d9e9fc06e7072cee8951a4b0c821763ece6e3ec6522183c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 04:48:43 GMT
content-encoding: br
via: 1.1 6b38a2e1db230db568190464ab7177da.cloudfront.net (CloudFront)
x-amz-version-id: CpH70Is3vsWatlkrhJ73cSmsumMGL9I3
last-modified: Mon, 05 Dec 2022 04:19:30 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 997
etag: W/"c060eeef7253fb8ebde339d80a171ef4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
x-amz-cf-id: zyiBFrn8d9McgQAQ5gsA5xC8JZIS20wlY_oaZavrp4C5e-S1tOjipA==

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 404 B
813 B 84ms
83ms XHR
application/json 63.33.230.145
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?lt=1670216719572&to=0&aun=leaderboard_1&gpid=%2F170737076%2C1069408%2Fdisplay%2FWheresGeorge%2Fwheresgeorge.com&fp=0.05&fpc=USD&t=avou7mdw&pi=2&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.wheresgeorge.com%2F&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%227.26.0%22%7D&ogu=null&ns=9216
Requested by: Host: www.wheresgeorge.com
URL: blob:https://www.wheresgeorge.com/ed804d62-3000-45c0-b80f-6580b485ee18
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.33.230.145 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-33-230-145.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: c60da4ef0fadafd9a9b53e9f90a78f41752a55c85acea3753b0e37edbb04c8ec

Request headers

Referer: https://www.wheresgeorge.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 05 Dec 2022 05:05:19 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.wheresgeorge.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 3 KB
3 KB 113ms
113ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691d0017070401401403a11d30006&pos=8a9698ab01747406698907d7077300fa&cmd=bid&secure=1
Requested by: Host: www.wheresgeorge.com
URL: blob:https://www.wheresgeorge.com/ed804d62-3000-45c0-b80f-6580b485ee18
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: cb291c9a0cbd2729c447eb55ff4b2dbeb53b5aaf162e56cc94a340793ca791f6

Request headers

Referer: https://www.wheresgeorge.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 05 Dec 2022 05:05:19 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.wheresgeorge.com
access-control-allow-credentials: true
content-length: 2940

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 30ms
30ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691d0017070401401403a11d30006&pos=8a9698ab01747406698907d6b9bc00f9&cmd=bid&secure=1
Requested by: Host: www.wheresgeorge.com
URL: blob:https://www.wheresgeorge.com/ed804d62-3000-45c0-b80f-6580b485ee18
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: ea81b491786b422c503a0219c100bcad7aee184b24ddb5b4d6fd6e50e0c5714d

Request headers

Referer: https://www.wheresgeorge.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 05 Dec 2022 05:05:19 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.wheresgeorge.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 29ms
28ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691d0017070401401403a11d30006&pos=8a9698ab01747406698907d45d4400f1&cmd=bid&secure=1
Requested by: Host: www.wheresgeorge.com
URL: blob:https://www.wheresgeorge.com/ed804d62-3000-45c0-b80f-6580b485ee18
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 00c2e0963425bffa7d4567c0c7d3537712ae00a8ead0166d792ad0342eddf37f

Request headers

Referer: https://www.wheresgeorge.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 05 Dec 2022 05:05:19 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.wheresgeorge.com
access-control-allow-credentials: true
content-length: 62

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 144 B
1 KB 180ms
143ms XHR
application/json 37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: www.wheresgeorge.com
URL: blob:https://www.wheresgeorge.com/ed804d62-3000-45c0-b80f-6580b485ee18

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

b4b90d979ce29f6c1f57f22a36fd4708ab999f8a81e3d1e697e6e38d21f04c6c

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.wheresgeorge.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 05 Dec 2022 05:05:19 GMT
AN-X-Request-Uuid: 3032e6a1-81fc-4cc8-82fb-e4f8eb34c882
Server: nginx/1.21.3
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.wheresgeorge.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 84.19.175.165; 84.19.175.165; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 arj Show response
didna-d.openx.net/w/1.0/ 72 B
100 B 53ms
31ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://didna-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.wheresgeorge.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=bf9870cd-1401-4e90-a456-c95efb0b9177&nocache=1670216719576&aus=728x90%2C468x60%2C970x90&divids=leaderboard_1&aucs=%252F170737076%252C1069408%252Fdisplay%252FWheresGeorge%252Fwheresgeorge.com&auid=540256503&aumfs=50
Requested by: Host: www.wheresgeorge.com
URL: blob:https://www.wheresgeorge.com/ed804d62-3000-45c0-b80f-6580b485ee18
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 6523e7414f21570314f72a12571564551f4733b4e3081f80cb8215d5c9207506

Request headers

Referer: https://www.wheresgeorge.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 05 Dec 2022 05:05:19 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: application/json
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.wheresgeorge.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 78
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
133 B 138ms
138ms XHR
text/plain 147.75.85.234
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: www.wheresgeorge.com
URL: blob:https://www.wheresgeorge.com/ed804d62-3000-45c0-b80f-6580b485ee18
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.wheresgeorge.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.wheresgeorge.com
date: Mon, 05 Dec 2022 05:05:19 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 110
server: envoy
vary: origin, Accept-Encoding

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
64 B 248ms
142ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: www.wheresgeorge.com
URL: blob:https://www.wheresgeorge.com/ed804d62-3000-45c0-b80f-6580b485ee18
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.wheresgeorge.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.wheresgeorge.com
date: Mon, 05 Dec 2022 05:05:19 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 411 B
743 B 136ms
135ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20100&site_id=238888&zone_id=1178360&size_id=2&alt_size_ids=1%2C55&rf=https%3A%2F%2Fwww.wheresgeorge.com%2F&kw=wheresgeorgewhereswillywhere%27sgeorge%3FtrackdolllarbillsWG%3FWGwhereswilly.comwheresgeorge.comtrackdollartrackdollarbillstrackdollardillstrackdollarsdollarsonebillfrbfederalreservebankstracetracingtrackingtracktraceamericanserialnumberseriesdenominationbillswhereisgeorgecurrencymoneylegaltender&tg_i.page=https%3A%2F%2Fwww.wheresgeorge.com%2F&tg_i.domain=wheresgeorge.com&tg_i.pbadslot=%2F170737076%2C1069408%2Fdisplay%2FWheresGeorge%2Fwheresgeorge.com&tk_flint=pbjs_lite_v7.26.0&x_source.tid=bf9870cd-1401-4e90-a456-c95efb0b9177&l_pb_bid_id=55bda9d1b8da26f&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.05&rp_maxbids=1&p_gpid=%2F170737076%2C1069408%2Fdisplay%2FWheresGeorge%2Fwheresgeorge.com&slots=1&rand=0.5387449102049269
Requested by: Host: www.wheresgeorge.com
URL: blob:https://www.wheresgeorge.com/ed804d62-3000-45c0-b80f-6580b485ee18
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 3915686f69dca59f511b31e984d126a4271c8c728ecd42f28fa58a3f1c25e4b8

Request headers

Referer: https://www.wheresgeorge.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 05 Dec 2022 05:05:19 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.wheresgeorge.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 411
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H3 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 37 B
544 B 135ms
109ms XHR
application/json 172.64.154.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=360263
Requested by: Host: www.wheresgeorge.com
URL: blob:https://www.wheresgeorge.com/ed804d62-3000-45c0-b80f-6580b485ee18
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: baf01bd369734955aaefb6eb05598835dd5d2cf21bb388f8ab5487158c33dddf

Request headers

Referer: https://www.wheresgeorge.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 05 Dec 2022 05:05:19 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pVTSsfKhiD0rIaaiZ6jYn1OvTuVfoKfdGGIHozIRUI3VDeRbRn%2FO46%2Fs1kvS2AROGMPhi1Rd40jhE2cZoi8oEs5f%2B261jPrhNXQ7jyyZV5ZAJ3CIw6sOPJqBFiVvdO9EIJ0Qp%2FFu"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.wheresgeorge.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 774a3f01a95f91d8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37
expires: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 94ms
31ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.wheresgeorge.com

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi-ip.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 05:05:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 87ms
35ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.wheresgeorge.com

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi-ip.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 05:05:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 110 KB
34 KB 402ms
402ms XHR
text/plain 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4374792120269473&correlator=3817283781999801&eid=31060437%2C31070872%2C31071079&output=ldjh&gdfp_req=1&vrg=2022112901&ptt=17&impl=fifs&iu_parts=170737076%3A1069408%2Cdisplay%2CWheresGeorge%2Cwheresgeorge.com&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=160x600%7C120x600&ifi=1&adks=377414226&sfv=1-0-40&prev_scp=auid%3Dskyscraper_1%26adLocation%3Datf%26didna_vis%3Dtrue%26hb_format%3Dbanner%26hb_size%3D160x600%26hb_pb%3D0.05%26hb_adid%3D627ca50197134e4%26hb_bidder%3Donemobile%26didna_refr%3Dfalse&eri=1&cust_params=pub%3Dwww.wheresgeorge.com%26path%3D%252F%26didna_version%3D4&sc=1&cookie_enabled=1&abxe=1&dt=1670216719829&lmt=1670216719&dlt=1670216718060&idt=860&adxs=350&adys=491&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.wheresgeorge.com%2F&frm=20&vis=1&psz=0x0&msz=60x0&fws=0&ohw=0&ga_vid=1518866491.1670216719&ga_sid=1670216720&ga_hid=1360666415&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022112901.js?cb=31071079

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a7e41f4d4044bf7b5221e7163b38f6469ff440793ec9bb102fc2324c08681cc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 05:05:20 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34945
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.wheresgeorge.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
cad407624c34a43645c86495bbbac08f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C338 6 KB
3 KB 118ms
29ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cad407624c34a43645c86495bbbac08f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022112901.js?cb=31071079

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.wheresgeorge.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 05:05:19 GMT
expires: Tue, 05 Dec 2023 05:05:19 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 116 KB
42 KB 406ms
405ms XHR
text/plain 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4374792120269473&correlator=1594599164087155&eid=31060437%2C31070872%2C31071079&output=ldjh&gdfp_req=1&vrg=2022112901&ptt=17&impl=fifs&iu_parts=170737076%3A1069408%2Cdisplay%2CWheresGeorge%2Cwheresgeorge.com&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90%7C468x60%7C970x90&ifi=2&adks=1906968629&sfv=1-0-40&prev_scp=auid%3Dleaderboard_1%26adLocation%3Datf%26didna_vis%3Dtrue%26didna_refr%3Dfalse&eri=1&cust_params=pub%3Dwww.wheresgeorge.com%26path%3D%252F%26didna_version%3D4&sc=1&cookie_enabled=1&abxe=1&dt=1670216719851&lmt=1670216719&dlt=1670216718060&idt=860&adxs=437&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.wheresgeorge.com%2F&frm=20&vis=1&psz=0x0&msz=969x0&fws=0&ohw=0&ga_vid=1518866491.1670216719&ga_sid=1670216720&ga_hid=1360666415&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022112901.js?cb=31071079

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fa4bc479d95df5777e910cd03c23e87083d84de38441a7b39bc6837c46155d16

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1556583186674994428/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1556583186674994428/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CKTtppLa4fsCFSE94AodF_4NgA&gqi=&layout=/sadbundle/%24csp%253Der3%24/1556583186674994428/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1556583186674994428/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1556583186674994428/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CKTtppLa4fsCFSE94AodF_4NgA&gqi=&layout=/sadbundle/%24csp%253Der3%24/1556583186674994428/index.html
date: Mon, 05 Dec 2022 05:05:20 GMT
x-content-type-options: nosniff
content-encoding: br
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43143
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.wheresgeorge.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 21 KB
10 KB 424ms
423ms XHR
text/plain 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4374792120269473&correlator=3687090046823466&eid=31060437%2C31070872%2C31071079&output=ldjh&gdfp_req=1&vrg=2022112901&ptt=17&impl=fifs&iu_parts=170737076%3A1069408%2Cdisplay%2CWheresGeorge%2Cwheresgeorge.com&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250%7C336x280&ifi=3&adks=3486923331&sfv=1-0-40&prev_scp=auid%3Drectangle_1%26adLocation%3Datf%26didna_vis%3Dtrue%26hb_format%3Dbanner%26hb_size%3D336x280%26hb_pb%3D0.11%26hb_adid%3D6325be34cfb98dc%26hb_bidder%3Dappnexus%26didna_refr%3Dfalse&eri=1&cust_params=pub%3Dwww.wheresgeorge.com%26path%3D%252F%26didna_version%3D4&sc=1&cookie_enabled=1&abxe=1&dt=1670216719865&lmt=1670216719&dlt=1670216718060&idt=860&adxs=946&adys=812&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.wheresgeorge.com%2F&frm=20&vis=1&psz=300x0&msz=300x0&fws=4&ohw=710&ga_vid=1518866491.1670216719&ga_sid=1670216720&ga_hid=1360666415&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022112901.js?cb=31071079

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bc96823ca6ac164d8a2d7ed0d6b94173a672553f21e930992d59f314ca9aac6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 05:05:20 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9970
x-xss-protection: 0
google-lineitem-id: 5226549088
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138294812492
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.wheresgeorge.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rid Show response
match.adsrvr.org/track/ 63 B
394 B 139ms
42ms XHR
application/json 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=186905
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186905-129106728116453.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 182a29bda1030bdb1fe420e42a727c521f1e8717fae220af3185662cd921b0ae

Request headers

Referer: https://www.wheresgeorge.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Mon, 05 Dec 2022 05:05:20 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.wheresgeorge.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 63
expires: Wed, 04 Jan 2023 05:05:19 GMT

GET
H2 451 identity Show response
api.rlcdn.com/api/ 44 B
364 B 83ms
30ms XHR
text/plain 34.120.133.55
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.rlcdn.com/api/identity?pid=2&rt=envelope

Requested by

Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186905-129106728116453.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.133.55 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

55.133.120.34.bc.googleusercontent.com

Software

Resource Hash

da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.wheresgeorge.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Mon, 05 Dec 2022 05:05:19 GMT
via: 1.1 google
x-content-type-options: nosniff
access-control-allow-methods: GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.wheresgeorge.com
access-control-allow-credentials: true
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length: 44
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 200 headerstats Show response
as-sec.casalemedia.com/ 0
506 B 104ms
32ms XHR
text/plain 172.64.154.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/headerstats?s=360066&u=https%3A%2F%2Fwww.wheresgeorge.com%2F&v=3
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186905-129106728116453.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.wheresgeorge.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 05 Dec 2022 05:05:20 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zs81f3NaLqX%2FotUhVhK%2BEfVWBdG6Z%2FqGKAoi15n8EpVlcwNyALAbIOaewUh6stDGPRCOiqjqxM4vv65WpBZTlGxBcXDnEorJi4gojV%2Fs67el3MwcexREGVFPnbCTD23gVJxQtU0dKzI%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://www.wheresgeorge.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 774a3f04a897bb7f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 76ms
23ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi-ip.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 13:48:51 GMT
content-encoding: gzip
age: 1955789
x-guploader-uploadid: ADPycdu3Gw5FY_q4NTn97VXYnntJVtAX26caEl7o3n1xhH_sP1GWn03HtLzXWtmuhtpWhoyqDf_pa2Sc5NeIIOZROxkPyfq5tOA6
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Sun, 12 Nov 2023 13:48:51 GMT

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 39 KB
13 KB 148ms
55ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi-ip.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f066a6392f3732829e95d97ac2a3dfb7dc7d35fc88d71a4ef62ff8f70399326c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 05:05:20 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Mon, 24 Oct 2022 11:21:19 GMT
server: nginx
etag: W/"6356752f-9c1f"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 06 Dec 2022 05:05:20 GMT

GET
H2 200 pubcid.min.js Show response
id.sharedid.org/lib/ 732 B
903 B 573ms
186ms Script
application/javascript 44.239.16.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.sharedid.org/lib/pubcid.min.js
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi-ip.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.239.16.115 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-239-16-115.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 05:05:20 GMT
cache-control: public, max-age=86400
last-modified: Mon, 5 Dec 2022 01:33:17 GMT
accept-ranges: bytes
content-length: 732
vary: accept-encoding
content-type: application/javascript

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 58 KB
17 KB 89ms
33ms Script
text/javascript 2606:4700:10::6816:3556
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi-ip.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a97afd769b3d774563606be9e943789398af5a1bf3583c2bc9a81f99832aa2b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 05:05:20 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 24 Nov 2022 12:48:29 GMT
server: cloudflare
x-amz-request-id: YMFZEZYBJKEKRNPV
age: 2749
etag: W/"91dadf6b1eddd8d91a5cc2e3be5ea8cf"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 774a3f060c8d5c7a-FRA
x-amz-id-2: rR7sHzWBBNucr3XhEuqI/nIptBfNR4Bk4gz/tZK0aI7ojtEYwwSH/6l9FgWTrmHoO3CAY8xfMq0=

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 1 KB
2 KB 79ms
23ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi-ip.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 23bc1d893ce2d2f30b68e549aa3cb991c2a7b7dd87e3df67d9fbb6a8dd113bf8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 04:24:22 GMT
via: 1.1 google
age: 2458
x-guploader-uploadid: ADPycdtQdebH-GTV1PAweHJEZo2DLQd_0GQQNttdZnoD4dSZVB5ZWCN95mbKl1_nsC0_xz-xNfz6OgOw55yMG80mSibWGlmc_rRu
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1258
last-modified: Fri, 29 Jul 2022 16:55:09 GMT
server: UploadServer
etag: "f5bc066f146e3dbb049aa6c86c7012e6"
x-goog-generation: 1659113709880056
x-goog-hash: crc32c=6QojvA==, md5=9bwGbxRuPbsEmqbIbHAS5g==
content-type: text/javascript
cache-control: public, max-age=3600
x-goog-stored-content-length: 1258
accept-ranges: bytes
expires: Mon, 05 Dec 2022 05:24:22 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 32 KB
10 KB 367ms
117ms Script
text/javascript 13.225.78.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi-ip.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-97.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 66a8dfcc4572e000bf5b4351bae2a763b3357a65ed373ff27a7e7b38ec9486ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 03:09:47 GMT
content-encoding: gzip
via: 1.1 7158aa4ac648947d564b98d9769b5b2a.cloudfront.net (CloudFront)
last-modified: Mon, 21 Nov 2022 18:55:41 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
age: 6934
x-amz-server-side-encryption: AES256
etag: W/"2c5f4a319c3d99310927955777b5abe3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age: 86400
x-amz-cf-id: a23bcrTkRdQYMl2rGaCEZ0xJbC3gPxWvzpfeARXXwCgWdrllEa-6bQ==

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 959 B
1 KB 90ms
21ms Script
application/javascript 2600:9000:2057:4000:a:e047:752:5701
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi-ip.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:4000:a:e047:752:5701 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5fd8663b96c0916efbc46a80a2608bbf1a12cb81726c2655b49434b40041ed09

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Mon, 05 Dec 2022 03:22:21 GMT
Via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
Last-Modified: Mon, 05 Dec 2022 03:22:17 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA6-C1
Age: 6180
ETag: "ebc0b38d1fa3c656232b1058a1616e48"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 959
X-Amz-Cf-Id: -Qb3OBH3EbXCCpYXb3tLuXzYqYdMB6xnA_8p0Y1SfkhmmYxthaWAmw==

GET
H3 200 container.html Show response
cad407624c34a43645c86495bbbac08f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8546 6 KB
3 KB 67ms
22ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cad407624c34a43645c86495bbbac08f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi-ip.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.wheresgeorge.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 05:05:19 GMT
expires: Tue, 05 Dec 2023 05:05:19 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
cad407624c34a43645c86495bbbac08f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1F1F 6 KB
3 KB 57ms
25ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cad407624c34a43645c86495bbbac08f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi-ip.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.wheresgeorge.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 05:05:19 GMT
expires: Tue, 05 Dec 2023 05:05:19 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 grumi.js Show response
rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/ Frame 5380 201 KB
68 KB 24ms
23ms Script
text/javascript 2600:9000:206f:6e00:4:b37b:9440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi.js
Requested by: Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:6e00:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 22bcbd9adfea86a67d9e9fc06e7072cee8951a4b0c821763ece6e3ec6522183c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 04:48:43 GMT
content-encoding: br
via: 1.1 6b38a2e1db230db568190464ab7177da.cloudfront.net (CloudFront)
x-amz-version-id: CpH70Is3vsWatlkrhJ73cSmsumMGL9I3
last-modified: Mon, 05 Dec 2022 04:19:30 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 998
etag: W/"c060eeef7253fb8ebde339d80a171ef4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
x-amz-cf-id: Fa1EsFl2D0Qpggx2qHxPy87AVKZwJWwL1YEYIKABH5-_vazWfZQN_w==

GET
H3

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.wheresgeorge.com%2F&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.wheresgeorge.com%2F&rid=esp&cc=1

85 B
103 B

203ms
179ms

Fetch
application/json

34.120.107.143
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.wheresgeorge.com%2F&rid=esp&cc=1
Requested by: Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/
Protocol: H3
Server: 34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 143.107.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: 35193fdb15e22a3ab2995d0a060fab5fd76bba19b31e932fcf7ba19b17c89d1c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 05:05:20 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-32NVorcBzBiey3C/lTfdmXFF5EU"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.wheresgeorge.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Mon, 05 Dec 2022 05:05:20 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://www.wheresgeorge.com
location: /esp?url=https%3A%2F%2Fwww.wheresgeorge.com%2F&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 grumi.js Show response
rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/ Frame 8546 201 KB
68 KB 23ms
23ms Script
text/javascript 2600:9000:206f:6e00:4:b37b:9440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi.js
Requested by: Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:6e00:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 22bcbd9adfea86a67d9e9fc06e7072cee8951a4b0c821763ece6e3ec6522183c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cad407624c34a43645c86495bbbac08f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 04:48:43 GMT
content-encoding: br
via: 1.1 6b38a2e1db230db568190464ab7177da.cloudfront.net (CloudFront)
x-amz-version-id: CpH70Is3vsWatlkrhJ73cSmsumMGL9I3
last-modified: Mon, 05 Dec 2022 04:19:30 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 998
etag: W/"c060eeef7253fb8ebde339d80a171ef4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
x-amz-cf-id: xg7ZPiVTAyQW-jFPePdrZODo-aMzNDPvSdEot07ai5mypKePIMalaw==

GET
H2 200 grumi.js Show response
rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/ Frame 1F1F 201 KB
68 KB 28ms
28ms Script
text/javascript 2600:9000:206f:6e00:4:b37b:9440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi.js
Requested by: Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:6e00:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 22bcbd9adfea86a67d9e9fc06e7072cee8951a4b0c821763ece6e3ec6522183c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cad407624c34a43645c86495bbbac08f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 04:48:43 GMT
content-encoding: br
via: 1.1 6b38a2e1db230db568190464ab7177da.cloudfront.net (CloudFront)
x-amz-version-id: CpH70Is3vsWatlkrhJ73cSmsumMGL9I3
last-modified: Mon, 05 Dec 2022 04:19:30 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 998
etag: W/"c060eeef7253fb8ebde339d80a171ef4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
x-amz-cf-id: BDNjtAiilGk_JFD7_rmjnK_5_2W3CY2zlEBaxeRY1gQ76uOZeM4tSA==

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5380 0
0 56ms
55ms Fetch
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsub1EK8ZZDu6xKYyi-rdLqfaE2yt6WKhAsHzB6ePrsmQVnCtShhXYFP4sxhSMYg57bZgUM7b_TYE9UbeiV03X5uGBV1VB4CSp6_AjigurSUG-s2AYry_HqUJqYRlOTCGE1V7IENlQMWeXQcQjKLwhLx_752HJRXCz53hxNTpeGHpMBp90s8EQfz0dYX7xz_83e0Zh60ICHctLwOJKUF4BIrRf3a_5Tg-4GHKdn16yYSw55zwCDOnC_U69nd-y4p3O8AnigCnbCQJdfJ0o49yZI3kB9_EWPiMuUb1WzgSnW9kr3knL5-zOv4smxKnDClDUuc1NeANcXy9eHCzdU5lL1C1N0MuZhaF75ZzsJa8aipXQygtfU&sai=AMfl-YQwZyIaqjd8wWeGNo6piKWiJaQMJA9v4pURhTzGGXDlOYmM4aDNDlRsuaFESE3jSaG9eFc0HmBwVCHCbOrbzx80hYeT-neXh3UFjZv8_63Y-uwoKEzEfgnufhGyVBTHri30EDcvc0dQvyK46qgk06A&sig=Cg0ArKJSzIfMD6CZbwGZEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 05:05:20 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 05 Dec 2022 05:05:20 GMT

GET
H2 200 creative.js Show response
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ Frame 5380 27 KB
10 KB 74ms
29ms Script
application/javascript 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5e36be95a997321cf95e79310394b551a93a1fefb55c7dca4669137c0946f2a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 05:05:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 26804
x-jsd-version: 1.14.2
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra-eddf8230118-FRA, cache-yyz4527-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"6c5a-5kbBcMwAuv899TsKizV+K03Rtig"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K7k57SsTMwpg4N%2FG1eaweeTp%2F7RZEy6%2BXvpEdW7Ftf00SRDhO2HaoFJ8XqPZbn0yWqs1Hu4sRAXaUuTXAJYLwhBxZBdKr%2B4pKhwuFCa49pqMPXrGktC0u6nFBTD79%2F1g474Px9hcn%2BGSq02%2BVzw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 774a3f06c95691ea-FRA

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5380 155 KB
48 KB 108ms
58ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

302e69dd5cd67c33a01a5d0308c1ead25d5967bd0810b0c073f9fe18124de7bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 05:05:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48508
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1669811598765935"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 05 Dec 2022 05:05:20 GMT

POST
H3 200 encrypt Show response
esp.rtbhouse.com/ 221 B
238 B 87ms
43ms Fetch
application/json 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Requested by: Host: invstatic101.creativecdn.com
URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 8dbc30ebdcc338f5b8ae0bc13e925261fe9ce982df75b75b26100bd3840583ca

Request headers

Referer: https://www.wheresgeorge.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 05 Dec 2022 05:05:20 GMT
via: 1.1 google
server: Google Frontend
content-type: application/json
access-control-allow-origin: *
x-cloud-trace-context: e52159f372fff2a29c0f5aea597bb7b3
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 221

OPTIONS
H2 200 encrypt
esp.rtbhouse.com/ Frame 0
0 97ms
37ms Preflight
text/plain 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.wheresgeorge.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST, GET
access-control-allow-origin: https://www.wheresgeorge.com
access-control-max-age: 600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
content-type: text/plain; charset=utf-8
date: Mon, 05 Dec 2022 05:05:20 GMT
server: Google Frontend
vary: Origin
via: 1.1 google
x-cloud-trace-context: 0994c072d769202db555fd5896ac88ef

GET
H/1.1 204 increment Show response
id5-sync.com/api/esp/ 0
329 B 75ms
22ms XHR
text/plain 162.19.138.116
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.116 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533567.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.wheresgeorge.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.wheresgeorge.com
date: Mon, 05 Dec 2022 05:05:19 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

POST
H2 200 init Show response
gw.geoedge.be/api/ Frame 8546 0
95 B 508ms
117ms XHR
text/plain 3.226.37.73
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://gw.geoedge.be/api/init
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 3.226.37.73 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-226-37-73.compute-1.amazonaws.com
Software: nginx/1.20.1 / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cad407624c34a43645c86495bbbac08f.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Mon, 05 Dec 2022 05:05:20 GMT
server: nginx/1.20.1
x-powered-by: Express
content-length: 0

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 8546 2 KB
846 B 76ms
26ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cad407624c34a43645c86495bbbac08f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 14:56:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50952
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Dec 2022 14:56:08 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 8546 0
0 76ms
76ms Fetch
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CFO3cD3yNY5ufNoao7gPvqZ2YC7vs_s1txN2Vx6IQven9yYgyEAEgtJD6ImCVgoCAsAegAeK_1vMCyAEJqQJEv7Qal6yxPuACAKgDAcgDywSqBOoBT9Ckngc14OMYbZPJJlGlHP3I8gLozqXKxELzuoY367Fz83g_bAodxTCMJ92L9uPlyMwU_8Usf54WuAZTBQo57llmtaVkTRQwQ_RBOvjggrWB1qwwMthGmIvWfYGWOcUGoLN_6lEwOaC4rLSFEqRhMZrUzBM4W92Au8BU1MuvWngkRiV0-v1On25-XQe72xrmjOfk-9_d6Oit5UiVz9jwOgH1n9Qaw0WZLrTVXmlbdj1Y-mljAleMhObMmvNnQ2Uvx4nwjiiz2uBLxNyzbal3x9MPza_DybJnEYKFg6Mk9nzP25OZ7iVr7_QcwASvhYTxlQTgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHhsCpjAGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAemvhvYBwDyBwQQ9ssM0ggRCIDhgBAQARgdMgKqAjoCgECACgHICwHYEw6IFAbQFQGAFwGyFx4KHAgAEhRwdWItMjgyOTQxMTM5OTc2MjQ4NxjcihU&sigh=nNeWa2ndD24&uach_m=[UACH]&cid=CAQSTADq26N9HT87BxLbxOYy33JLeY9myzW1G5xZ99bMYjZQQ_RSKrFwfFT_dageHjb5NmaXyAff6S-e27JyLaJiALg5yUpkCCJbdi9qo-AYASAT&template_id=494
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cad407624c34a43645c86495bbbac08f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame 8546 23 KB
10 KB 65ms
19ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cad407624c34a43645c86495bbbac08f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 12:25:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59984
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9428
x-xss-protection: 0
server: cafe
etag: 246362764157784863
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Dec 2022 12:25:36 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 8546 3 KB
1 KB 71ms
26ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cad407624c34a43645c86495bbbac08f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 21:10:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28476
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Dec 2022 21:10:44 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 8546 18 KB
7 KB 69ms
24ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cad407624c34a43645c86495bbbac08f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 14:56:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50951
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Dec 2022 14:56:09 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8546 155 KB
47 KB 101ms
87ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

302e69dd5cd67c33a01a5d0308c1ead25d5967bd0810b0c073f9fe18124de7bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cad407624c34a43645c86495bbbac08f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 05:05:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48508
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1669811598765935"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 05 Dec 2022 05:05:20 GMT

GET
H2 200 83de75e735dabeddf4e705de6f0a2f41.js Show response
www.gstatic.com/mysidia/ Frame 8546 34 KB
14 KB 74ms
19ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/83de75e735dabeddf4e705de6f0a2f41.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f9c1e1da0c197ca101c6fd5ae899d10951dd43316c4ed6b3c9bd38877e79023a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cad407624c34a43645c86495bbbac08f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sat, 03 Dec 2022 14:56:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 137351
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14157
x-xss-protection: 0
last-modified: Wed, 30 Nov 2022 21:37:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 03 Mar 2023 14:56:09 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 8546 18 KB
19 KB 95ms
21ms Image
image/jpeg 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcRzLbsaySExKdNr1flD1FABevqXjtC8csEdXoxmKB6Gy8ykDLynJtnx3mHqcaY&usqp=CAI

Requested by

Host: cad407624c34a43645c86495bbbac08f.safeframe.googlesyndication.com
URL: https://cad407624c34a43645c86495bbbac08f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf4ceec5c14c3fea57c56dfda7a2bb19b8601e13833be724396f3da499250e2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cad407624c34a43645c86495bbbac08f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 23:43:31 GMT
x-content-type-options: nosniff
age: 278509
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18571
x-xss-protection: 0
last-modified: Thu, 04 Aug 2022 07:31:45 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 01 Dec 2023 23:43:31 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 8546 16 KB
17 KB 77ms
21ms Image
image/jpeg 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcRsGUuwoEV2-dY45M9K6LleCp3oayHFwiMZmvUX5b_eAjyC0U0v9zlPMvcAQg&usqp=CAI

Requested by

Host: cad407624c34a43645c86495bbbac08f.safeframe.googlesyndication.com
URL: https://cad407624c34a43645c86495bbbac08f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

95371e4df2914bb9fb7b9491518a8fe376ee0030df68456b7cef028f36ccf1d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cad407624c34a43645c86495bbbac08f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 23:05:56 GMT
x-content-type-options: nosniff
age: 367164
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16604
x-xss-protection: 0
last-modified: Wed, 12 Oct 2022 05:38:17 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 30 Nov 2023 23:05:56 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 8546 30 KB
30 KB 83ms
27ms Image
image/jpeg 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcRTbnXbQ2gBxNIotqvQ6xGRJQUnDuG-t8lAZjgafdPdGa7ZqhTRflq2DhXbHaU&usqp=CAI

Requested by

Host: cad407624c34a43645c86495bbbac08f.safeframe.googlesyndication.com
URL: https://cad407624c34a43645c86495bbbac08f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

32880bd99af2551347a9144f3895b2b84c7d8360f191a47d86e8bd72f28d01eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cad407624c34a43645c86495bbbac08f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 12:21:40 GMT
x-content-type-options: nosniff
age: 319420
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30997
x-xss-protection: 0
last-modified: Thu, 01 Sep 2022 04:29:27 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 01 Dec 2023 12:21:40 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 8546 20 KB
21 KB 94ms
20ms Image
image/jpeg 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcQ2v4o805G-uFIZEaY9hLxZFDRQpccRRgfE9CqtNot_XodBOk7x&usqp=CAI

Requested by

Host: cad407624c34a43645c86495bbbac08f.safeframe.googlesyndication.com
URL: https://cad407624c34a43645c86495bbbac08f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8dcbd9cae3fef99d529d3852df13afef98cb76bc015c80220a7b3837e281b86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cad407624c34a43645c86495bbbac08f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 07:08:44 GMT
x-content-type-options: nosniff
age: 510996
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20946
x-xss-protection: 0
last-modified: Mon, 22 Aug 2022 14:55:25 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Wed, 29 Nov 2023 07:08:44 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 8546 82 KB
82 KB 102ms
28ms Image
image/jpeg 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcSyNN02kxiUh_IorFVv8MZ0U53I5XkJQKK5iNRDoOwFfx3TCOWw-J49R-N6iA&usqp=CAI

Requested by

Host: cad407624c34a43645c86495bbbac08f.safeframe.googlesyndication.com
URL: https://cad407624c34a43645c86495bbbac08f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2517aa0efd78943129b6df452cdf788432f65f63b3a3e778bfab86d2a004244

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cad407624c34a43645c86495bbbac08f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 06:10:40 GMT
x-content-type-options: nosniff
age: 428080
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 83680
x-xss-protection: 0
last-modified: Wed, 10 Aug 2022 21:22:32 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 30 Nov 2023 06:10:40 GMT

GET
H3

200

9530445888032852924
tpc.googlesyndication.com/simgad/ Frame 8546
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKCnu4CQiQEQsAkYrAIyCBtUs27Roi6i
https://tpc.googlesyndication.com/simgad/9530445888032852924

43 KB
43 KB

82ms
31ms

Image
image/jpeg

2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9530445888032852924

Requested by

Host: cad407624c34a43645c86495bbbac08f.safeframe.googlesyndication.com
URL: https://cad407624c34a43645c86495bbbac08f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc53d593a05558fa05f4630a0fcd99e10388bb7fb4ed8e65aab11bbec4588e9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cad407624c34a43645c86495bbbac08f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 23:06:51 GMT
x-content-type-options: nosniff
age: 367109
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44160
x-xss-protection: 0
last-modified: Mon, 20 Jan 2020 11:05:36 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 30 Nov 2023 23:06:51 GMT

Redirect headers

date: Mon, 05 Dec 2022 05:03:26 GMT
x-content-type-options: nosniff
server: cafe
age: 114
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/9530445888032852924
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 04 Jan 2023 05:03:26 GMT

POST
H2 200 init Show response
gw.geoedge.be/api/ Frame 1F1F 0
96 B 478ms
115ms XHR
text/plain 3.226.37.73
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://gw.geoedge.be/api/init
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 3.226.37.73 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-226-37-73.compute-1.amazonaws.com
Software: nginx/1.20.1 / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cad407624c34a43645c86495bbbac08f.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Mon, 05 Dec 2022 05:05:20 GMT
server: nginx/1.20.1
x-powered-by: Express
content-length: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 37AC 15 KB
6 KB 111ms
33ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.wheresgeorge.com

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi-ip.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.wheresgeorge.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 05:05:20 GMT
server: Kestrel
server-processing-duration-in-ticks: 683335
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1556583186674994428/ Frame 93C8 85 KB
25 KB 32ms
31ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1556583186674994428/index.html

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

462dac337b96d6f6c7df54018e24e0a0ce232e431683e5a9023662fd56d9e0ba

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cad407624c34a43645c86495bbbac08f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 242917
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 24333
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Fri, 02 Dec 2022 09:36:43 GMT
expires: Sat, 02 Dec 2023 09:36:43 GMT
last-modified: Mon, 31 Oct 2022 10:28:39 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 1F1F 0
0 63ms
63ms Fetch
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CWqpmD3yNY-SpN6H6gAeX_LeACNfr7NVtu5ni-NEQv-EeEAEgpOT7ImCVgoCAsAegAaCJmsUDyAEJqQIRGZj093N7PuACAKgDAcgDSKoE8AFP0PEqFe6WV3kTEDk54sxzbFpmlCbktFnqEaHrc4ZIh9bF-PwPErXO99ewVTt6swpDDSFqttvhpSG8zy-AYIm-2469mppoAOwquFIstDlvNvHeDm4bBza-x2C28ozPdco-nsr_D8pl4IX4v1pKVaxmOVrwxmhAW3fBah_gmauAhzUAvha0zuTIMuh6K7LBXS3j9I35oSpEUysVWeoS-dSqA5X9ntZ7wadKDGp_tNYvNNuXJgK96KCcexgWieyPNpVU9DTe84l5scjvvK26qJuc3Q1IhDS3LjcOymd7L7dReeFsEYCScCJoQH9Q97DYV4LABKy-8MuYBOAEAZIFBAgEGAGSBQQIBRgEoAYugAfI9uU6qAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQgMQI0ggRCIDhgBAQARgdMgKqAjoCgECACgPICwHYEwLQFQGYFgGAFwGyFx4KHAgAEhRwdWItMzU2NTM4NTQ4Mzc2MTY4MRjcihU&sigh=TXCnqeOM4nQ&uach_m=[UACH]&cid=CAQSSwDq26N9ncWMEDIlJFb9BY1_tc6EydVelJDc6fHLPUdUqrFkMb4pATOr_XMClEPLHOhDv7GzsZ3PHKyNXN_6bm-wGL98l7VUK5ZlQRgBIBM&template_id=419
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cad407624c34a43645c86495bbbac08f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame 1F1F 23 KB
9 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cad407624c34a43645c86495bbbac08f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 12:25:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59984
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9428
x-xss-protection: 0
server: cafe
etag: 246362764157784863
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Dec 2022 12:25:36 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 1F1F 3 KB
1 KB 45ms
44ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cad407624c34a43645c86495bbbac08f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 21:10:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28476
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Dec 2022 21:10:44 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 1F1F 18 KB
7 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cad407624c34a43645c86495bbbac08f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 14:56:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50951
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Dec 2022 14:56:09 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1F1F 155 KB
47 KB 55ms
54ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

302e69dd5cd67c33a01a5d0308c1ead25d5967bd0810b0c073f9fe18124de7bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cad407624c34a43645c86495bbbac08f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 05:05:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48508
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1669811598765935"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 05 Dec 2022 05:05:20 GMT

POST
H2 200 init Show response
gw.geoedge.be/api/ Frame 5380 0
95 B 548ms
240ms XHR
text/plain 3.226.37.73
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://gw.geoedge.be/api/init
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 3.226.37.73 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-226-37-73.compute-1.amazonaws.com
Software: nginx/1.20.1 / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.wheresgeorge.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Mon, 05 Dec 2022 05:05:20 GMT
server: nginx/1.20.1
x-powered-by: Express
content-length: 0

GET
H/1.1 200
OK w94lkllg5fwj Show response
hal9000.redintelligence.net/zone/ Frame 5380 10 KB
3 KB 101ms
30ms Script
text/html 138.201.220.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/w94lkllg5fwj?subid=&gdpr=0&gdpr_consent=&rnd=4057814800732114596&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:apn&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D4057814800732114596%26mt_id%3D11147613%26mt_adid%3D215543%26redirect%3D
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.220.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.30.220.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 6f4ac75a039bc7788a123d163225b0d17d2dee5daf3760286029e3b3e704d08c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Mon, 05 Dec 2022 05:05:20 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 2783
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H/1.1

200
OK

ck-confirm
tags.mathtag.com/ Frame 5380
Redirect Chain

https://tags.mathtag.com/notify/img?exch=apn&s_exch=apn&id=5aW95q2jLzIzLyAvWkRka1pEQXlPVFV0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzQwNTc4MTQ4MDA3MzIxMTQ1OTYvMTExNDc2MTMvMTI2NzM3MjAvMTMvYk...
https://tags.mathtag.com/ck-confirm?bid_id=4057814800732114596&node_id=4014&exch_id=13

49 B
331 B

38ms
29ms

Image
image/gif

185.29.134.249
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/ck-confirm?bid_id=4057814800732114596&node_id=4014&exch_id=13
Requested by: Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/
Protocol: HTTP/1.1
Server: 185.29.134.249 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.372.0 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Mon, 05 Dec 2022 05:05:21 GMT
Server: MMBD/3.372.0
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: cdg-router-x108, cdg-bidder-x153
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Mon, 05 Dec 2022 05:05:20 GMT

Redirect headers

Date: Mon, 05 Dec 2022 05:05:21 GMT
x-mm-nodeid: 4014
x-mm-bid-request-time: 1670216719
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Connection: keep-alive
Content-Length: 86
x-mm-handled-by-owner: true
Last-Modified: Mon, 05 Dec 2022 05:05:19 GMT
Server: MMBD/3.372.0
x-mm-latency: 5 (4)
Content-Type: text/html; charset=utf-8
Location: https://tags.mathtag.com/ck-confirm?bid_id=4057814800732114596&node_id=4014&exch_id=13
x-mm-dbg: NotCount
Cache-Control: no-cache
x-mm-host: cdg-router-x83, cdg-bidder-x153
Keep-Alive: timeout=360
x-mm-lag: 1
Expires: Mon, 05 Dec 2022 05:05:20 GMT

GET
H/1.1 200
OK img
pixel.mathtag.com/event/ Frame 5380 43 B
550 B 455ms
37ms Image
image/gif 23.35.228.210
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=13&v2=4057814800732114596&v3=1251366&v4=12673720&v5=11147613&mt_nsync=1&no_attr=1
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.228.210 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-228-210.deploy.static.akamaitechnologies.com
Software: MT3 180 1fd3e2d master cdg-pixel-x35 config:1.0.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Mon, 05 Dec 2022 05:05:20 GMT
Server: MT3 180 1fd3e2d master cdg-pixel-x35 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 43
Expires: Mon, 05 Dec 2022 05:05:19 GMT

GET
H/1.1 200
OK img
tags.mathtag.com/event/ Frame 5380 49 B
330 B 509ms
27ms Image
image/gif 185.29.134.249
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/event/img?type=mmImpTrack&exch=apn&bid=4057814800732114596&st=12673720&time=[IMP_ATTR.time]&nodeid=4014
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.134.249 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.372.0 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Mon, 05 Dec 2022 05:05:20 GMT
Server: MMBD/3.372.0
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: cdg-router-x80, cdg-bidder-x153
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Mon, 05 Dec 2022 05:05:19 GMT

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/231/ Frame 5380 80 KB
27 KB 74ms
19ms Script
application/x-javascript 151.101.1.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/231/trk.js
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: a6014f6b98eaeb6078b9e1c953c61f33af95d5f4866d89a416d01b74a0dd6c27

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Expires: Thu, 30 Nov 2023 10:07:30 GMT
Date: Mon, 05 Dec 2022 05:05:20 GMT
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Age: 413870
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 27455
X-Served-By: cache-lga13620-LGA, cache-hhn4073-HHN
Last-Modified: Wed, 30 Nov 2022 10:07:25 GMT
Server: AkamaiNetStorage
X-Timer: S1670216721.565949,VS0,VE0
ETag: "48b9fe7fe4120aea6f95a30f505d7b35:1669802845.0694"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *, *
Cache-Control: max-age=31536000
Accept-Ranges: bytes
X-Cache-Hits: 1, 1375118

GET
H/1.1 200
OK it
fra1-ib.adnxs.com/ Frame 5380 0
816 B 90ms
22ms Image
text/html 37.252.171.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fwww.wheresgeorge.com%252F&e=wqT_3QL6Cuh6BQAAAwDWAAUBCI_4tZwGEO6F59-tocivYhgAKjYJYVW9_E6Twz8REgAce_ZcvT8ZAAAA4KNwGkAhEg0SACkRJMgxAAAAgD0K7z8w94PKBjibQEAdSAhQt7vqvwFYsolQYABo3KNpeO3QBIABAYoBA1VTRJIFBvS2AZgB0AKgAZgCqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AKEygHgAs_1PuoCHWh0dHBzOi8vd3d3LndoZXJlc2dlb3JnZS5jb20vgAMAiAMBkAMAmAMXoAMBqgPbBgqRBmh0dHA6Ly90YWdzLm1hdGh0YWcuY29tL25vdGlmeS9pbWc_ZXhjaD1hcG4mc19leGNoPWFwbiZpZD01YVc5NXEyakx6SXpMeUF2V2tSa2ExcEVRWGxQVkZWMFRVUkJkMDFETUhkTlJFRjNURlJCZDAxRVFYUk5SRUYzVFVSQmQwMUVRWGROUkVGM0x6UXdOVGM0TVRRNE1EQTNNekl4TVRRMU9UWXZNVEV4TkRjMk1UTXZNVEkyTnpNM01qQXZNVE12WWtGVmIyaFpUVTFZYW0xNWVHMDVhWGRVYXpKT2IwRm9OVWd6VDAxVmF6aFhTMFpGUW1keVIzWkhVUzh4THpFekx6QXZNQzh5TURJMU1Ea3pMekUwTVRBMU56WXlPVE12TWpFMU5UUXpMekV5TlRFek5qWXZNUzh3THpBdlRVUkJkMDFFUVhkTlJFRjBUVVJCZDCu9AAQQXZNQzgFTPBGTUM4ME1EVTNPREUwT0RBd056TXlNVEUwTlRrMkwyRnRjeTh3THpNM056RXZPQzg1T1Rrdk1qVTRMemcwTGpFNUxqRTNOUzQBTER1TURBd0x6RTJOekF5TVRZM00BLAEIPERJeU9UTXhPUzh4TXk4NE0BOPBYdy83d0VPUWRzZXFYTzdpYl9mcHN2YlloOFZXZVkmbm9kZWlkPTQwMTQmZ3JvdXA9Y2RnJmF1Y3Rpb25pZD00MDU3ODE0ODAwNzMyMTE0NTk2JnBic19hdWNqIgAcc2hhcmRrZXlWPwDwhnJpY2U9JHtBVUNUSU9OX1BSSUNFfSZicD1hX2JmY2pkZCZuZnlfYWN0PUxENXdmM1UmYmZpcD0xODUuMjkuMTM1LjE1OSZzaWQ9MTI2NzM3MjAmY2lkPTExMTQ3NjEzJnNyYz1hcGkmdHlwZT1udXJsJmNsaWVudD1zMnMSEzQwNTc4MTQ4MBnS8LwaEzcwODg0MjA2NjkwMjg0MTgyODYiCTQwMjMwMDM0MyoGMTAxOTM2OggxMTE0NzYxM8ADrALIAwDYA_v-A-ADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA04NC4xOS4xNzUuMTY1qAQAsgQQCAAQARisAiD6ASgAMAA4ArgEAMAEAMgEANoEAggB4AQB8AS3u-q_AYgFAZgFAKAFrc3QtZGXx892wAUAyQUAAAAAAADwP9IFCQkJDHgAANgFAeAFAfAFo4AD-gUECAAQAJAGAJgGALgGAMEGCSUs8D_QBvmrAdoGFgoQCRIZAYgQABgA4AYB8gYCCACABwGIBwCgBwGqBwcxMjUxMzY2ugcPCAUkACABrzC_BkAAyAft0ATSBw0JEUQBQgjaBwYBenAYAOAHAOoHAggA8Ae39QGKCAIQAJUIAACAP5gIAQ..&s=a757cbbc412af03030a515f6233c5e16b1e939b9

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 05 Dec 2022 05:05:20 GMT
AN-X-Request-Uuid: d52c1467-d4d7-43a0-a849-18431a4b0451
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 84.19.175.165; 84.19.175.165; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 8546 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e946729c3ac39cf16747acd92f74085f64f61e994ea43ddd3aab797895536700

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 css
fonts.googleapis.com/ Frame 93C8 4 KB
1 KB 88ms
30ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:500|Roboto+Mono:500

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1556583186674994428/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0e2d4953aeb14da289bbd4109a608446cbbc86f0570b84f42d82671be0b74c80

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 05 Dec 2022 05:05:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 05:05:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 05 Dec 2022 05:05:20 GMT

GET
H3 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 93C8 16 KB
6 KB 56ms
28ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1556583186674994428/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 04:14:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3076
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5866
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 06 Dec 2022 04:14:04 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 93C8 34 KB
13 KB 53ms
25ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1556583186674994428/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 19:53:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33134
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13035
x-xss-protection: 0
server: cafe
etag: 2319883687766034370
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Mon, 05 Dec 2022 19:53:06 GMT

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 28E3 143 B
476 B 71ms
20ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: cad407624c34a43645c86495bbbac08f.safeframe.googlesyndication.com
URL: https://cad407624c34a43645c86495bbbac08f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cad407624c34a43645c86495bbbac08f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 535
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 04:56:25 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 1F1F 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c015e58ee591856ba08287a73be4ec3fc50a8aa370149c35d131c59113731746

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

sid Show response
mug.criteo.com/ Frame 37AC
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=wheresgeorge.com&sn=ChromeSyncframe&so=0&topUrl=www.wheresgeorge.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=8jho53xOMkZDUHlhc1l3c3RBQks3L1BxaDd1T0pxcWQyWHJ2ZjFYb0VCbjFZdWtMcDVsdU5lQ2kwd0xBbWpUMi9xSmhkakZNSWJoRXRKWWlQYW1GbjFSTExTeFlqekxuK0ErcjZ4YWhqV2JuQms3Rllad3B2R25qbWpMMG...

441 B
669 B

97ms
31ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=8jho53xOMkZDUHlhc1l3c3RBQks3L1BxaDd1T0pxcWQyWHJ2ZjFYb0VCbjFZdWtMcDVsdU5lQ2kwd0xBbWpUMi9xSmhkakZNSWJoRXRKWWlQYW1GbjFSTExTeFlqekxuK0ErcjZ4YWhqV2JuQms3Rllad3B2R25qbWpMMGZmak1xMGtwTjZQcEdoY2pLTGx3M1ZUSkJheEduMFZZcTlkYjVWWEJkSnBTdDRmdnk1UDlkRGpCOExBeVhVb3NzTS96SHBPK1BKcDhRZzVDT0J3T3U4UVFpaS84VENMVEhaWFE4andjOGI1dEY5VUZ0WG9tWjgxWXhPdURtaktidjBVVUc3b1dWRkhrWTJDZ1hiTDhKSC9GcjNYRUZaRHZvZ21pN3BSZFFYeXBidWZvK0JiZz18&cppv=2

Requested by

Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

38177117c62c1114f46a3e82622a9f69e7d135e083e6af492012edcbc401a0d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Dec 2022 05:05:20 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1754586
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 05 Dec 2022 05:05:20 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=8jho53xOMkZDUHlhc1l3c3RBQks3L1BxaDd1T0pxcWQyWHJ2ZjFYb0VCbjFZdWtMcDVsdU5lQ2kwd0xBbWpUMi9xSmhkakZNSWJoRXRKWWlQYW1GbjFSTExTeFlqekxuK0ErcjZ4YWhqV2JuQms3Rllad3B2R25qbWpMMGZmak1xMGtwTjZQcEdoY2pLTGx3M1ZUSkJheEduMFZZcTlkYjVWWEJkSnBTdDRmdnk1UDlkRGpCOExBeVhVb3NzTS96SHBPK1BKcDhRZzVDT0J3T3U4UVFpaS84VENMVEhaWFE4andjOGI1dEY5VUZ0WG9tWjgxWXhPdURtaktidjBVVUc3b1dWRkhrWTJDZ1hiTDhKSC9GcjNYRUZaRHZvZ21pN3BSZFFYeXBidWZvK0JiZz18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 585238
content-length: 0
expires: 0

GET
H/1.1

200
OK

request.php Show response
hal900022.redintelligence.net/ Frame 5380
Redirect Chain

https://hal900022.redintelligence.net/request.php?zone=w94lkllg5fwj&nw=20&renderingType=javascript&namespace=5dacd349ff&subid=&uid=77519b62c10252b6&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900022.redintelligence.net/request.php?zone=w94lkllg5fwj&nw=20&renderingType=javascript&namespace=5dacd349ff&subid=&uid=77519b62c10252b6&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

613 B
938 B

177ms
128ms

Script
application/x-javascript

144.76.104.53
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900022.redintelligence.net/request.php?zone=w94lkllg5fwj&nw=20&renderingType=javascript&namespace=5dacd349ff&subid=&uid=77519b62c10252b6&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aapn&envData=&gdpr=0&gdpr_consent=&ud=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D4057814800732114596%26mt_id%3D11147613%26mt_adid%3D215543%26redirect%3D&documentReferer=https%3A%2F%2Fwww.wheresgeorge.com%2F&ancestorOrigins=https%3A%2F%2Fwww.wheresgeorge.com&random=9553477977293&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/
Protocol: HTTP/1.1
Server: 144.76.104.53 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.53.104.76.144.clients.your-server.de
Software: Apache /
Resource Hash: 8ca25a308b5f72e06d62122a77970a9c57e01008476b36124806f493a63564aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 05 Dec 2022 05:05:20 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 15341600011509506352835012164022
Connection: close
Content-Length: 332
Expires: Mon, 05 Dec 2022 05:05:20 +0100

Redirect headers

Pragma: no-cache
Date: Mon, 05 Dec 2022 05:05:20 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=w94lkllg5fwj&nw=20&renderingType=javascript&namespace=5dacd349ff&subid=&uid=77519b62c10252b6&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aapn&envData=&gdpr=0&gdpr_consent=&ud=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D4057814800732114596%26mt_id%3D11147613%26mt_adid%3D215543%26redirect%3D&documentReferer=https%3A%2F%2Fwww.wheresgeorge.com%2F&ancestorOrigins=https%3A%2F%2Fwww.wheresgeorge.com&random=9553477977293&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 0
Expires: Mon, 05 Dec 2022 05:05:20 +0100

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
339 B 155ms
48ms XHR
application/json 52.17.7.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.7.52 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-7-52.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 455c935dfab6637db96fd7d316a64f7b8c794b77f0cd9388bf673d3c123ca71e

Request headers

Referer: https://www.wheresgeorge.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 05 Dec 2022 05:05:20 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.wheresgeorge.com
cache-control: no-cache
x-server: 10.45.22.162
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H2 200 L0xuDF4xlVMF-BfR8bXMIhJHg45mwgGEFl0_7Pq_ROW4.woff2
fonts.gstatic.com/s/robotomono/v22/ Frame 93C8 12 KB
12 KB 130ms
27ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotomono/v22/L0xuDF4xlVMF-BfR8bXMIhJHg45mwgGEFl0_7Pq_ROW4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:500|Roboto+Mono:500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2ab75783ac5d62ae726f80e5ff075d0ba60c7164d2cad88da874344f313e014f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 23:16:39 GMT
x-content-type-options: nosniff
age: 539321
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12532
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 28 Nov 2023 23:16:39 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 93C8 16 KB
16 KB 124ms
21ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:500|Roboto+Mono:500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 11:59:40 GMT
x-content-type-options: nosniff
age: 320740
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Dec 2023 11:59:40 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 28E3
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

79ms
34ms

Document
text/html

2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: cad407624c34a43645c86495bbbac08f.safeframe.googlesyndication.com
URL: https://cad407624c34a43645c86495bbbac08f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 05:05:20 GMT
expires: Mon, 05 Dec 2022 05:05:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 05:05:20 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame D1C1 0
91 B 77ms
32ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi-ip.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.wheresgeorge.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Mon, 05 Dec 2022 05:05:20 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2 200 HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js Show response
pagead2.googlesyndication.com/bg/ Frame 19AE 36 KB
16 KB 69ms
20ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d72b55013b9749fe76255325fcf5230fe3314fcdf71f172dc5e24068444cdca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cad407624c34a43645c86495bbbac08f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 20:04:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32451
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16085
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 04 Dec 2023 20:04:29 GMT

GET
H2 200 HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js Show response
pagead2.googlesyndication.com/bg/ Frame 93C8 36 KB
16 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d72b55013b9749fe76255325fcf5230fe3314fcdf71f172dc5e24068444cdca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 20:04:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32451
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16085
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 04 Dec 2023 20:04:29 GMT

GET
H3 200 CTA_Container.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1556583186674994428/ Frame 93C8 17 KB
17 KB 21ms
21ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1556583186674994428/CTA_Container.jpg

Requested by

Host: cad407624c34a43645c86495bbbac08f.safeframe.googlesyndication.com
URL: https://cad407624c34a43645c86495bbbac08f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9d8797772c0b623e02c4cc839018bd9ee86908f8ca509fdc808b30da99aa093d

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Thu, 01 Dec 2022 03:07:22 GMT
x-content-type-options: nosniff
age: 352678
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17608
x-xss-protection: 0
last-modified: Mon, 31 Oct 2022 10:28:39 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 01 Dec 2023 03:07:22 GMT

GET
H3 200 KONGSBERG_logo_neg.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1556583186674994428/ Frame 93C8 40 KB
40 KB 27ms
27ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1556583186674994428/KONGSBERG_logo_neg.png

Requested by

Host: cad407624c34a43645c86495bbbac08f.safeframe.googlesyndication.com
URL: https://cad407624c34a43645c86495bbbac08f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66fb64e802e7a0d0612c3cd2c32e5ec66606b82a69e9f18e715b8f872d77b80f

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Thu, 01 Dec 2022 07:30:13 GMT
x-content-type-options: nosniff
age: 336907
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40916
x-xss-protection: 0
last-modified: Mon, 31 Oct 2022 10:28:39 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 01 Dec 2023 07:30:13 GMT

GET
H3 200 728x90_container_BACKGROUND.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1556583186674994428/ Frame 93C8 70 KB
70 KB 24ms
24ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1556583186674994428/728x90_container_BACKGROUND.jpg

Requested by

Host: cad407624c34a43645c86495bbbac08f.safeframe.googlesyndication.com
URL: https://cad407624c34a43645c86495bbbac08f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61471a57fff4e671667e6317709aaff3b25a1726ca113be4b0725d69fb2443d9

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Fri, 02 Dec 2022 05:17:40 GMT
x-content-type-options: nosniff
age: 258460
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 72011
x-xss-protection: 0
last-modified: Mon, 31 Oct 2022 10:28:39 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 02 Dec 2023 05:17:40 GMT

GET
H/1.1 200
OK request_content.php Show response
hal900022.redintelligence.net/ Frame 6B03 4 KB
2 KB 76ms
28ms Document
text/html 144.76.104.53
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900022.redintelligence.net/request_content.php?s=15341600011509506352835012164022&a=00f93e7a
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.104.53 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.53.104.76.144.clients.your-server.de
Software: Apache /
Resource Hash: 220a875b5728c2b858543c3aed69320872b1a373ee32002dd909f87a164ad0a2

Request headers

Referer: https://www.wheresgeorge.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 1402
Content-Type: text/html; charset=utf-8
Date: Mon, 05 Dec 2022 05:05:21 GMT
Expires: Mon, 05 Dec 2022 05:05:21 +0100
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H/1.1 200
OK rd_log Show response
fra1-ib.adnxs.com/ Frame 5380 0
816 B 23ms
22ms Script
text/html 37.252.171.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fwww.wheresgeorge.com%2F&e=wqT_3QLaFOhaCgAAAwDWAAUBCI_4tZwGEO6F59-tocivYhgAKjYJYVW9_E6Twz8REgAce_ZcvT8ZAAAA4KNwGkAhEg0SACkRJMgxAAAAgD0K7z8w94PKBjibQEAdSAhQt7vqvwFYsolQYABo3KNpeO3QBIABAYoBA1VTRJIFBvC2mAHQAqABmAKoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAoTKAeACz_U-6gIdaHR0cHM6Ly93d3cud2hlcmVzZ2VvcmdlLmNvbS_yAhoKE1tCSURfQVRUUi5leGNoYW5nZV0SA2FwbvICJgoPW1JBTkRPTV9OVU1CRVJdEhM0MDU3ODE0ODAwNzMyMTE0NTk28gLPAQoaW1VORU5DT0RFRF9DTElDS19SRURJUkVDVF0SsAFoDYZscGl4ZWwubWF0aHRhZy5jb20vY2xpY2svaW1nPwF-aF9haWQ9ODU0NzU4MjE5OTA0NzkyMzM3MyZtdAUbBDQwQn4AARskaWQ9MTExNDc2MQkqIGRpZD0yMTU1NAUPAHMBHxgyNjczNzIwAS4EZXgBEQUbFGluYXBwPQUWSG9zPSZyZWRpcmVjdD3yAhcKE1s1GTxnZHByX3N0cl0SAPICGQoUOhoAPGZsYWddEgEw8gIeChRbQUQpTjBhZHZlcnRpc2VyXRIGCY4BIQASFSEoY3JlYXRpdmVdEggRvhDyAigKERleGGJpZF9pZF1adgGI0AoKEltOT1RJRklDQVRJT05fVVJJXRK5CjxpbWcgc3JjPWgtdwx0YWdzMnYBFG5vdGlmeTV3GD1hcG4mc18hggUL0GlkPTVhVzk1cTJqTHpJekx5QXZXa1JrYTFwRVFYbFBWRlYwVFVSQmQwMURNSGROUkVGM1RGBRAQRVFYUk4FEABVERAJIPC8THpRd05UYzRNVFE0TURBM016SXhNVFExT1RZdk1URXhORGMyTVRNdk1USTJOek0zTWpBdk1UTXZZa0ZWYjJoWlRVMVlhbTE1ZUcwNWFYZFVhekpPYzJsbGRFaERhekJyWHpOTGRIbFdNM1pET1ZkMVFTOHhMekV6THpBdk1DOHlNREkxTURrekx6RTBNVEExTnpZeU9UTXZNakUxTlRRekx6RXlOVEV6TmpZdk1TOHdMekF2VFVSQmQwMUVRCcQAMA3UAESm9AAFfAR3TAkIeDBNRFUzT0RFME9EQXdOek15TVRFME5UazJMMkZ0Y3kBKIBNM056RXZPQzg1T1Rrdk1qVTRMemcwTGpFNUxqRTNOUzQBTER1TURBd0x6RTJOekF5TVRZM00BLAEIPERJeU9UTXhPUzh4TXk4NE0BOPA8dy9CZUtnUC16STAyUW1ZN2xiVFJjbUNPU0xrWXcmbm9kZWlkPTQwMTQmZ3JvdXA9Y2RnJmF1Y3Rpb25pZFJxAxBwYnNfYXIiABxzaGFyZGtleVI_ADKPAwBjYYtxu3BicD1hX2JmY2pkZCZtaW5fYmlkX3dpbj0ke0FVQ0Xh8JVNSU5fVE9fV0lOfSZuZnlfYWN0PUxENXdldyZiZmlwPTE4NS4yOS4xMzUuMTU5JnR5cGU9aW1wJmNsaWVudD1jMnMgd2lkdGg9MSBoZWlnaHQ9MT5ceDNDZGl2IHdpZHRoPScxJyBoZWlnaHQ9JzEnIHN0eWxlPSdkaXNwbGF5Om5vbmU7IG92ZXJmbG93OmhpZGRlbicFQ2V0CS40bGVmdDotMTBweDt0b3ANChAgcG9zaSFWJDphYnNvbHV0ZSdlpAQnaG2lAHBCHAUQZXZlbnRlpQRtdIXkFDM2ODg3NYHEjeMwNjc2NCZ2MT0xMyZ2MlJuATR2Mz0xMjUxMzY2JnY0PbUHBHY1MjIFSG5zeW5jPTEmbm9fYXR0cj0xJyBSDwEAL1brAAA5EeoBCYLpAEKOBBnoJbEobW1JbXBUcmFjayaVkgBiWowCBHN0GdQgdGltZT1bSU1QqYABDwBdLuECctQA8KQvZGl2PoADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYA_v-A-ADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA04NC4xOS4xNzUuMTY1qAQAsgQQCAAQARisAiD6ASgAMAA4ArgEAMAEAMgEANoEAggB4AQB8AS3u-q_AYgFAZgFAKAFrc3QtZGXx892wAUAyQUAAAAAAADwP9IFCQkAAAAFDzTYBQHgBQHqBagCCqMCd_3TCQwQd2lsbHkFCwwnc2dl4esEP3QhTEBkb2xsbGFyYmlsbHNXRz9XRwUkCS_higkPCTIBEBU1BGFyHQsFPx0QAGQBTx0QAHMBZxRhcnNvbmUBK1BmcmJmZWRlcmFscmVzZXJ2ZWJhbmsFMABlATUIaW5nAQcAaxEIAQ1QZWFtZXJpY2Fuc2VyaWFsbnVtYmVyAQwkZXNkZW5vbWluYWFGAV4AcwW0AGkNtcBjdXJyZW5jeW1vbmV5bGVnYWx0ZW5kZXISAPAFo4AD-gUECAAQAJAGAJgGALgGAMEGJU4wAPA_0Ab5qwHaBhYKEAkSGQFcEAAYAOAGAfIGAggAgAcBiAcAoAcBqgcHbVIMugcPCAUkRCAAMAA4vwZAAMgH7dAE0gcNCRFEAUII2gcGCSdo4AcA6gcCCADwB7f1AYoIAhAAlQgAAIA_mAgB&s=73e441257841a53040d51e09d5afba55c4c98cdf&bdref=https%3A%2F%2Fwww.wheresgeorge.com%2F&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fwww.wheresgeorge.com%2F,https%3A%2F%2Fwww.wheresgeorge.com%2F&

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 05 Dec 2022 05:05:21 GMT
AN-X-Request-Uuid: 7a2304ad-4385-414f-8d02-cb6d9bca1029
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 84.19.175.165; 84.19.175.165; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5380 0
0 58ms
58ms Fetch
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuxyVAemAYIT-oSem8k-mm9ClGXT3C2zgzEOVsVigvT14M_ctwBxkVllat3PDpF_RrwjqMkExbmkTEH3tGsrCLmGG06E717hHE9rr7FBz1t6iyDs5kdhHNWWOSTSV5LCENl-IhtklcT0UoDwFTmru2Wcl_6t9RyPoawvofcLaOPJdKmcTnQI2FgR04PslCw6bMnLGewlpSWw8b27x4Busv1piTHaWHB55-H4lRhBGMIkFfBDuTJL4f4vdFclv2hKayaTOLd5kMOC2_ohWcYob38Q9XMAvQw_gxbw7hI-e7w4y_4l4KK98QDYRF366xx03gm6VRQgtOPVHvgholV3uSIUwmT_1J2UXbRWtCTd7TJSYPJ82HVYg&sai=AMfl-YQZarS7O3ihiYAebXjaVysJ_H3TvC47tLAYm9yn_8KIGXigDhX8LhC3wf7dJvDQpQe-_qDi5BQo-OjELPCWt75693Vcx9tDxaSnw8Gl5KIqPdmjy54n3l0rW6EyH0eWiqd2g8dT6uuaF72EPurIINE&sig=Cg0ArKJSzKY0ZQmjSJDGEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 05:05:21 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 05 Dec 2022 05:05:21 GMT

GET
DATA 200
OK truncated
/ Frame 5380 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 618f37919d3b644e21c306e7acafe56b80a5dd377d53c68a470b4581c7cb4415

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/png

POST
H/1.1 200
OK vevent
fra1-ib.adnxs.com/ Frame 5380 0
843 B 22ms
22ms Ping
text/html 37.252.171.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.wheresgeorge.com%2F&e=wqT_3QL6Cuh6BQAAAwDWAAUBCI_4tZwGEO6F59-tocivYhgAKjYJYVW9_E6Twz8REgAce_ZcvT8ZAAAA4KNwGkAhEg0SACkRJMgxAAAAgD0K7z8w94PKBjibQEAdSAhQt7vqvwFYsolQYABo3KNpeO3QBIABAYoBA1VTRJIFBvS2AZgB0AKgAZgCqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AKEygHgAs_1PuoCHWh0dHBzOi8vd3d3LndoZXJlc2dlb3JnZS5jb20vgAMAiAMBkAMAmAMXoAMBqgPbBgqRBmh0dHA6Ly90YWdzLm1hdGh0YWcuY29tL25vdGlmeS9pbWc_ZXhjaD1hcG4mc19leGNoPWFwbiZpZD01YVc5NXEyakx6SXpMeUF2V2tSa2ExcEVRWGxQVkZWMFRVUkJkMDFETUhkTlJFRjNURlJCZDAxRVFYUk5SRUYzVFVSQmQwMUVRWGROUkVGM0x6UXdOVGM0TVRRNE1EQTNNekl4TVRRMU9UWXZNVEV4TkRjMk1UTXZNVEkyTnpNM01qQXZNVE12WWtGVmIyaFpUVTFZYW0xNWVHMDVhWGRVYXpKT2IwRm9OVWd6VDAxVmF6aFhTMFpGUW1keVIzWkhVUzh4THpFekx6QXZNQzh5TURJMU1Ea3pMekUwTVRBMU56WXlPVE12TWpFMU5UUXpMekV5TlRFek5qWXZNUzh3THpBdlRVUkJkMDFFUVhkTlJFRjBUVVJCZDCu9AAQQXZNQzgFTPBGTUM4ME1EVTNPREUwT0RBd056TXlNVEUwTlRrMkwyRnRjeTh3THpNM056RXZPQzg1T1Rrdk1qVTRMemcwTGpFNUxqRTNOUzQBTER1TURBd0x6RTJOekF5TVRZM00BLAEIPERJeU9UTXhPUzh4TXk4NE0BOPBYdy83d0VPUWRzZXFYTzdpYl9mcHN2YlloOFZXZVkmbm9kZWlkPTQwMTQmZ3JvdXA9Y2RnJmF1Y3Rpb25pZD00MDU3ODE0ODAwNzMyMTE0NTk2JnBic19hdWNqIgAcc2hhcmRrZXlWPwDwhnJpY2U9JHtBVUNUSU9OX1BSSUNFfSZicD1hX2JmY2pkZCZuZnlfYWN0PUxENXdmM1UmYmZpcD0xODUuMjkuMTM1LjE1OSZzaWQ9MTI2NzM3MjAmY2lkPTExMTQ3NjEzJnNyYz1hcGkmdHlwZT1udXJsJmNsaWVudD1zMnMSEzQwNTc4MTQ4MBnS8LwaEzcwODg0MjA2NjkwMjg0MTgyODYiCTQwMjMwMDM0MyoGMTAxOTM2OggxMTE0NzYxM8ADrALIAwDYA_v-A-ADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA04NC4xOS4xNzUuMTY1qAQAsgQQCAAQARisAiD6ASgAMAA4ArgEAMAEAMgEANoEAggB4AQB8AS3u-q_AYgFAZgFAKAFrc3QtZGXx892wAUAyQUAAAAAAADwP9IFCQkJDHgAANgFAeAFAfAFo4AD-gUECAAQAJAGAJgGALgGAMEGCSUs8D_QBvmrAdoGFgoQCRIZAYgQABgA4AYB8gYCCACABwGIBwCgBwGqBwcxMjUxMzY2ugcPCAUkACABrzC_BkAAyAft0ATSBw0JEUQBQgjaBwYBenAYAOAHAOoHAggA8Ae39QGKCAIQAJUIAACAP5gIAQ..&s=a757cbbc412af03030a515f6233c5e16b1e939b9&type=nv&nvt=5&jm=1003&px=910&py=813&bw=336&bh=280&sid=5796007121301419191&vd=ct~0|rr~0&sv=231&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=13795831&sw=1600&sh=1200&pw=1600&ph=1248&ww=1600&wh=1200&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/231/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 05 Dec 2022 05:05:21 GMT
AN-X-Request-Uuid: 0ae2575d-d105-4a92-b73a-934a8b5e77f4
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.wheresgeorge.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 84.19.175.165; 84.19.175.165; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame 6B03 732 B
925 B 104ms
31ms Script
text/javascript 37.157.6.245
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=59873728;click=https://hal900022.redintelligence.net/c/pftf2ov579pu7y2?tprd=

Requested by

Host: hal900022.redintelligence.net
URL: https://hal900022.redintelligence.net/request_content.php?s=15341600011509506352835012164022&a=00f93e7a

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.245 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

2e4a390826b31b5a03f7cde59f957ae74feccff10ff8f624434ecb8bc08127d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900022.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Dec 2022 05:05:21 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 532
expires: -1

GET
H/1.1 200
OK viewability Show response
hal900022.redintelligence.net/ Frame 6B03 0
150 B 80ms
29ms Script
text/html 144.76.104.53
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900022.redintelligence.net/viewability?s=15341600011509506352835012164022&a=470fef9d&vb=m
Requested by: Host: hal900022.redintelligence.net
URL: https://hal900022.redintelligence.net/request_content.php?s=15341600011509506352835012164022&a=00f93e7a
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.104.53 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.53.104.76.144.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900022.redintelligence.net/request_content.php?s=15341600011509506352835012164022&a=00f93e7a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Mon, 05 Dec 2022 05:05:21 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame 6B03 34 KB
16 KB 201ms
33ms Script
text/javascript 37.157.6.234
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=59873728;click=https://hal900022.redintelligence.net/c/pftf2ov579pu7y2?tprd=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: a46228d57faaf3cd1ec77fbed362c13944f30d9e92a4e1e5d3603c3902555df7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900022.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 05:05:21 GMT
content-encoding: gzip
last-modified: Tue, 15 Nov 2022 08:06:48 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Tue, 06 Dec 2022 08:21:41 GMT

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame 6B03 4 KB
2 KB 33ms
32ms Script
text/javascript 37.157.6.245
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?CC=1&bn=59873728;click=https://hal900022.redintelligence.net/c/pftf2ov579pu7y2?tprd=;js=1;adfxid=1x;708;set=en-US|en-US|1600X1200|0|350|300|24|8|3|7|1|;cmpgdpr=;cmpgdprconsent=;fd=0|0&CREFURL=https%3A%2F%2Fwww.wheresgeorge.com

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.245 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

c21fbfb3bdad2e2d677706125bda201d365c62c868f868d562bc1fa1c8b268d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900022.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Dec 2022 05:05:21 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 2036
expires: -1

GET
H2 200 /
track.adform.net/jsmetrics/ Frame 6B03 43 B
208 B 31ms
31ms Image
image/gif 37.157.6.245
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.adform.net/jsmetrics/?sid=276&rid=10633&cid=2383&adfserve=35&asset=235&deviceType=Desktop

Requested by

Host: hal900022.redintelligence.net
URL: https://hal900022.redintelligence.net/request_content.php?s=15341600011509506352835012164022&a=00f93e7a

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.245 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900022.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 05:05:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Tue, 22 May 2018 11:52:57 GMT
server: nginx
etag: "5b040499-2b"
content-type: image/gif
accept-ranges: bytes
content-length: 43

GET
DATA 200
OK truncated
/ Frame 6B03 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 Standard Show response
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/ Frame 6B03 90 KB
39 KB 46ms
46ms Script
text/javascript 37.157.6.234
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 8e16ad2005bc4c19f8560189ef6e7b7475f2b3def2c60a57f9041fac5b4f94cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900022.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 05:05:21 GMT
content-encoding: gzip
last-modified: Tue, 15 Nov 2022 08:06:48 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Tue, 06 Dec 2022 08:22:04 GMT

POST
H2 200 /
track.adform.net/csimpr/ Frame 6B03 35 B
478 B 32ms
32ms Ping
image/gif 37.157.6.245
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=59873728&csi=Ha6BmLYTASYDNltyvgikPV5305wWyDxCbmXiTOp0jlDrygPkIxxfk1j3u545o1YmPm7U8yuckgq7DwowPzqeCt6vWmW1dlSa0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.245 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://hal900022.redintelligence.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 05 Dec 2022 05:05:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://hal900022.redintelligence.net
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1F1F 42 B
64 B 107ms
65ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvd65rhlqx1eDc7PH2ddTNVIZkT5aRe9ognK2FeXMUlRZX3x-mvOmi2W8oDyg9fWN1v702_7LUPQzQSnDYWT_hBvzkqp3zrFNxVN3wLyEYWbYRXUUuUZpZ6OWHZOCPpGm9vHCRFyw&sai=AMfl-YSdB2Gqm3AKrVVtEX3_HVrMibafCrz-OrdbpN-GjUdGPP-0VFSDP9_6l2crieRQrtOxOKP5A9Z54SruAlfAC3vfu7ytObbsy0JCoaG9oJLXeM07fC8Ur5B9XEgPHKMI-7T3VfxH-WpWw6-jXuI&sig=Cg0ArKJSzPlYgAVAvwWaEAE&cid=CAQSSwDq26N9ncWMEDIlJFb9BY1_tc6EydVelJDc6fHLPUdUqrFkMb4pATOr_XMClEPLHOhDv7GzsZ3PHKyNXN_6bm-wGL98l7VUK5ZlQRgBIBM&id=lidar2&mcvt=1010&p=0,437,90,1165&mtos=1010,1010,1010,1010,1010&tos=1010,0,0,0,0&v=20221130&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=2&adk=1906968629&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1670216720286&rpt=362&isd=0&lsd=0&met=mue&wmsd=0&pbe=0

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cad407624c34a43645c86495bbbac08f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Dec 2022 05:05:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 12063365.js Show response
s1.adform.net/Banners/Elements/Files/160090/12063365/ Frame 9906 3 KB
1 KB 34ms
33ms Script
application/x-javascript 37.157.6.234
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/Banners/Elements/Files/160090/12063365/12063365.js?ADFassetID=12063365&bv=258
Requested by: Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 4baa8e2e8f2696bc7edccd0972fe0082ad20b6d4866a437ed6f77029a2b9ecfa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900022.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 05:05:21 GMT
content-encoding: gzip
last-modified: Wed, 23 Nov 2022 15:29:51 GMT
server: nginx
x-amz-request-id: tx00000b88628a37d963439-00638d49bd-3293868f-default
etag: W/"cd86b30aa953312596ee7e678fc82311"
x-cache-status: STALE
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H2 200 screen.css
s1.adform.net/Banners/Elements/Files/160090/12063365/bvpath_258/ Frame 9906 1 KB
916 B 37ms
33ms Stylesheet
text/css 37.157.6.234
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/Banners/Elements/Files/160090/12063365/bvpath_258/screen.css
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: ab02ed602fa10893081cc4e418328fd90d96f61b4926794dd8d66d23d20011f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900022.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 05:05:21 GMT
content-encoding: gzip
last-modified: Wed, 23 Nov 2022 15:29:51 GMT
server: nginx
x-amz-request-id: tx00000dda1bfa555d68a2a-00638d5bd0-3293868f-default
etag: W/"dc8be1316649176340c295c6f7dfcf57"
x-cache-status: STALE
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H2 200 Adform.DHTML.js Show response
s1.adform.net/banners/scripts/rmb/ Frame 9906 30 KB
14 KB 42ms
38ms Script
application/javascript 37.157.6.234
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js?bv=626
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900022.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 05:05:21 GMT
content-encoding: gzip
last-modified: Wed, 08 Jun 2022 12:02:22 GMT
server: nginx
x-amz-request-id: tx00000954a8d644de9b13a-0063766111-32940f80-default
etag: W/"4731aef0a5114a59b4311776d270e848"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H2 200 introfill.png
s1.adform.net/Banners/Elements/Files/160090/12063365/bvpath_258/ Frame 9906 106 B
437 B 44ms
40ms Image
image/png 37.157.6.234
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/Elements/Files/160090/12063365/bvpath_258/introfill.png
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: d1af9da57519fd2466a4e032395abcb89c6e405ac5de28ecdddcda93bf3ab768

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900022.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 05:05:21 GMT
last-modified: Wed, 23 Nov 2022 15:29:51 GMT
server: nginx
x-amz-request-id: tx000007b9b7571c80b0ffc-00638d49bf-329373d4-default
etag: "bed6577a35da7347c5e0fc9e98ed26d6"
x-cache-status: STALE
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 106

GET
H2 200 cta.png
s1.adform.net/Banners/Elements/Files/160090/12063365/bvpath_258/ Frame 9906 2 KB
2 KB 44ms
40ms Image
image/png 37.157.6.234
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/Elements/Files/160090/12063365/bvpath_258/cta.png
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 7d4118d790fdf6eda9cab0a8a58ce044b6615120c70678ccfbbc0d4944fd465f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900022.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 05:05:21 GMT
last-modified: Wed, 23 Nov 2022 15:29:51 GMT
server: nginx
x-amz-request-id: tx00000d54f71a5d0223746-00638d5bd0-329373d4-default
etag: "f36107dbf2dde6174d82ea8a90968cb4"
x-cache-status: STALE
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1740

GET
H2 200 disclaimer.png
s1.adform.net/Banners/Elements/Files/160090/12063365/bvpath_258/ Frame 9906 3 KB
3 KB 45ms
41ms Image
image/png 37.157.6.234
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/Elements/Files/160090/12063365/bvpath_258/disclaimer.png
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 464ff87f2b7b35587e953c632ddfa78cdceaf1094f7e39553ee3e1d16c18d6c3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900022.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 05:05:21 GMT
last-modified: Wed, 23 Nov 2022 15:29:51 GMT
server: nginx
x-amz-request-id: tx0000052e6d3d8952261b6-00638d5bd0-32940f80-default
etag: "1adac539639ae3b51804be19789ffb1a"
x-cache-status: STALE
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2799

GET
H2 200 logo.png
s1.adform.net/Banners/Elements/Files/160090/12063365/bvpath_258/ Frame 9906 5 KB
5 KB 47ms
43ms Image
image/png 37.157.6.234
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/Elements/Files/160090/12063365/bvpath_258/logo.png
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: bc9f634bcbde3783be6101e8fb38a18e93c1e737843bf9136fc857964eb32b98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900022.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 05:05:21 GMT
last-modified: Wed, 23 Nov 2022 15:29:51 GMT
server: nginx
x-amz-request-id: tx000004ae59f2626d1c667-00638d49bf-3293aae9-default
etag: "cbcccd228dee49920aa2f78716f70a6d"
x-cache-status: STALE
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 5125

GET
H2 200 logoend.png
s1.adform.net/Banners/Elements/Files/160090/12063365/bvpath_258/ Frame 9906 8 KB
8 KB 50ms
47ms Image
image/png 37.157.6.234
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/Elements/Files/160090/12063365/bvpath_258/logoend.png
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 4e601f0e86ce228bf0586b64f9d85ac4a239fa1ff71886f0a35475678773cdca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900022.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 05:05:21 GMT
last-modified: Wed, 23 Nov 2022 15:29:51 GMT
server: nginx
x-amz-request-id: tx0000066230f5d7700fa89-00638d49c0-3293868f-default
etag: "c99e04b95a442151ff51ee5dea1eab12"
x-cache-status: STALE
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 8074

GET
H2 200 background.jpg
s1.adform.net/Banners/Elements/Files/160090/12063365/bvpath_258/ Frame 9906 4 KB
4 KB 51ms
48ms Image
image/jpeg 37.157.6.234
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/Elements/Files/160090/12063365/bvpath_258/background.jpg
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 9b98385b1458b52b17cd1108e4913325690674965a81a891fe9015631afa5844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900022.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 05:05:21 GMT
last-modified: Wed, 23 Nov 2022 15:29:51 GMT
server: nginx
x-amz-request-id: tx00000e89d34fd2f9288de-00638d5bd0-329354d9-default
etag: "9279336e79d31539fdd8e5b3457040ea"
x-cache-status: STALE
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4070

GET
H2 200 start1.jpg
s1.adform.net/Banners/Elements/Files/160090/12063365/bvpath_258/ Frame 9906 20 KB
20 KB 70ms
67ms Image
image/jpeg 37.157.6.234
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/Elements/Files/160090/12063365/bvpath_258/start1.jpg
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 9ae50611d88637626e77fde36ee15395d26d7fad3c623c7bfd9a8cd80f4562a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900022.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 05:05:21 GMT
last-modified: Wed, 23 Nov 2022 15:29:51 GMT
server: nginx
x-amz-request-id: tx00000ca3dccb815a2b51f-00638d5bd0-329354d9-default
etag: "6302a167aa48d0600c8c2d2c16b6ca2c"
x-cache-status: STALE
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 20341

GET
H2 200 start2.jpg
s1.adform.net/Banners/Elements/Files/160090/12063365/bvpath_258/ Frame 9906 33 KB
33 KB 76ms
73ms Image
image/jpeg 37.157.6.234
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/Elements/Files/160090/12063365/bvpath_258/start2.jpg
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: cb84776b7fb75c84182c1a3cd52f73d0f3baa9e107342770795d7a02087bd97d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900022.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 05:05:21 GMT
last-modified: Wed, 23 Nov 2022 15:29:51 GMT
server: nginx
x-amz-request-id: tx0000089bc8081c641c2c1-00638d49bf-3293868f-default
etag: "5bb71386f5bc8e595814b4720d4cbcdd"
x-cache-status: STALE
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 33305

GET
H2 200 text1.png
s1.adform.net/Banners/Elements/Files/160090/12063365/bvpath_258/ Frame 9906 4 KB
4 KB 76ms
73ms Image
image/png 37.157.6.234
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/Elements/Files/160090/12063365/bvpath_258/text1.png
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: d1b2788bdb29920e14f411f35f97d863621b0c41fad38c75bb5643ce61fa5ac6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900022.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 05:05:21 GMT
last-modified: Wed, 23 Nov 2022 15:29:51 GMT
server: nginx
x-amz-request-id: tx00000d2aadd41549fe203-00638d49c0-32941e2b-default
etag: "15d23338380386aab41beb2c17d051c0"
x-cache-status: STALE
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 3912

GET
H2 200 text2.png
s1.adform.net/Banners/Elements/Files/160090/12063365/bvpath_258/ Frame 9906 3 KB
3 KB 76ms
73ms Image
image/png 37.157.6.234
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/Elements/Files/160090/12063365/bvpath_258/text2.png
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: f5d5e22119cc37b026b03a2b1bda3badc59764774244a40b1f271faf5d02f016

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900022.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 05:05:21 GMT
last-modified: Wed, 23 Nov 2022 15:29:51 GMT
server: nginx
x-amz-request-id: tx000001e9a1939b37459ce-00638d49bf-32941e2b-default
etag: "c0b310c33bc1c23a53aa84ab845a471a"
x-cache-status: STALE
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2735

GET
H2 200 stoerer.png
s1.adform.net/Banners/Elements/Files/160090/12063365/bvpath_258/ Frame 9906 9 KB
10 KB 76ms
74ms Image
image/png 37.157.6.234
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/Elements/Files/160090/12063365/bvpath_258/stoerer.png
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 6d56f2dfcbcdfea9405b8b96738f3afe82a818c435c8c1cc849cdb7f2a950523

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900022.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 05:05:21 GMT
last-modified: Wed, 23 Nov 2022 15:29:51 GMT
server: nginx
x-amz-request-id: tx000009349151ef8f15a94-00638d5bd0-32940f80-default
etag: "49690d20023d613d9f38ffa3b50c2099"
x-cache-status: STALE
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 9597

GET
H2 200 CSSPlugin.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/plugins/ Frame 9906 38 KB
14 KB 79ms
27ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/plugins/CSSPlugin.min.js

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cbf2228ab439f89b83feb79ea549213521a81212fde9ff67f9c73d002d586198

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900022.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 05:05:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 451950
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13669
last-modified: Mon, 04 May 2020 16:10:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e71-9833"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J5ew3YF%2BZMrH9q1RMI8bQJeR4CgStJIPjB47%2F%2FqRy0%2FDlFdoMNnt16CsJGBGWlG7J5N1bM5VF%2F0igEbbUU%2FvnTRR7sDuxVB1YnzBidw9BfaUaY7SooHfTddX34euPubqajTMScLsXv1gAqa0d2eE671o"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 774a3f0f4fe88ff4-FRA
expires: Sat, 25 Nov 2023 05:05:21 GMT

GET
H2 200 EasePack.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/easing/ Frame 9906 5 KB
2 KB 78ms
25ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/easing/EasePack.min.js

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

37bc930c63149650677d732eea9526432bd8494c55737f45c98e7f8ad7c1e7ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900022.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 05:05:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2810665
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1730
last-modified: Mon, 04 May 2020 16:10:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e71-146f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sGgWfkqpnJwwZHTXolnsq%2FbZu4oYMZXgRw39DNEDmCIwDMB9ppPhiPUhLxs5uuysRmcyKdtNFVjSfZ8u0uYw9v2UJC4FjRzOyly%2BLhautH10zkmZ%2Bcj5zqTb7PuE5pwKPoG3O7fVvWNA%2FWfFlYmmKvwb"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 774a3f0f4fe98ff4-FRA
expires: Sat, 25 Nov 2023 05:05:21 GMT

GET
H2 200 TweenLite.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/ Frame 9906 26 KB
9 KB 80ms
28ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/TweenLite.min.js

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e5b4dd28e58e76dbe83eb2b357fdad7e54b85a9def9bf953063d5970a91ee6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900022.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 05:05:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 355825
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8578
last-modified: Mon, 04 May 2020 16:10:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e71-697f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XPb4B2PHkT6SLAvDAJ%2FPPYKa%2B35pTI1L25p3digVGBvY4BOoHr%2BCEa4YdO3JxfFnMk5SSFNcci8HjoB099uQdHYgRmK%2BjTyAqQuHZ8zp3zsXeb0Ga022DlIKLEtj8HFKQ67XODRAsMCt0SGZcPDj9Lxm"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 774a3f0f4feb8ff4-FRA
expires: Sat, 25 Nov 2023 05:05:21 GMT

GET
H2 200 script.js Show response
s1.adform.net/Banners/Elements/Files/160090/12063365/bvpath_258/ Frame 9906 7 KB
2 KB 41ms
39ms Script
application/x-javascript 37.157.6.234
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/Banners/Elements/Files/160090/12063365/bvpath_258/script.js
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 64678b7d74416a013695e86ab209f7879a8b4d1a1f7bd69cba2e17c8c6868520

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900022.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 05:05:21 GMT
content-encoding: gzip
last-modified: Wed, 23 Nov 2022 15:29:51 GMT
server: nginx
x-amz-request-id: tx000003627d32a889284a1-00638d5f04-32940f80-default
etag: W/"478fb10116e7af8ed52ecdbaa5dcf07e"
x-cache-status: STALE
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8546 42 B
64 B 58ms
58ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssgr3tRaa84bA_VjAEfg4bPfVqQ95LllaEHa69pO_pcSMkdYs0gTcdF2bhRd3QuzyP49ZNByHRKKKv9zoMbEoNMmoD5FKxtrki14v0iGAHu_MbWxnI99kgudZ7hKlVjdVAttzWSig&sai=AMfl-YQskifZQ_-ORP9TL_HHTVKacM9b8LUZpKpzohmq2cHh_bbWn30hRhhZw1iwllR8MrTg1bHGtMu1kQBN1ir01QYGLFA9R_3Ic5NA6Fzq56WGZnl1nY82Wr9PdeQd-zsciP4YuZ0YRNyHkCp3I67V&sig=Cg0ArKJSzDpDoZz4B0NeEAE&cid=CAQSTADq26N9HT87BxLbxOYy33JLeY9myzW1G5xZ99bMYjZQQ_RSKrFwfFT_dageHjb5NmaXyAff6S-e27JyLaJiALg5yUpkCCJbdi9qo-AYASAT&id=lidar2&mcvt=1002&p=516,350,1116,470&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20221130&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=377414226&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1670216720273&rpt=520&isd=0&lsd=0&met=mue&wmsd=0&pbe=0

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cad407624c34a43645c86495bbbac08f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Dec 2022 05:05:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5380 42 B
64 B 56ms
56ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst2IOMAfxXZkALPb6tKimUdKAyERCByDQFhkZOu4EXd7CtVeJHo_PseEyXOq_CRgVQgzjxbfaitg5EIB7AUdxbXO9em-r6Hga4b9MRlPi79MBriFFHf&sig=Cg0ArKJSzKKp5F-29m8ZEAE&id=lidar2&mcvt=1000&p=813,910,1093,1246&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221130&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=3486923331&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1670216720302&rpt=797&isd=0&lsd=0&met=mue&wmsd=0&pbe=0

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Dec 2022 05:05:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK vevent
fra1-ib.adnxs.com/ Frame 5380 0
843 B 53ms
53ms Ping
text/html 37.252.171.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.wheresgeorge.com%2F&e=wqT_3QL6Cuh6BQAAAwDWAAUBCI_4tZwGEO6F59-tocivYhgAKjYJYVW9_E6Twz8REgAce_ZcvT8ZAAAA4KNwGkAhEg0SACkRJMgxAAAAgD0K7z8w94PKBjibQEAdSAhQt7vqvwFYsolQYABo3KNpeO3QBIABAYoBA1VTRJIFBvS2AZgB0AKgAZgCqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AKEygHgAs_1PuoCHWh0dHBzOi8vd3d3LndoZXJlc2dlb3JnZS5jb20vgAMAiAMBkAMAmAMXoAMBqgPbBgqRBmh0dHA6Ly90YWdzLm1hdGh0YWcuY29tL25vdGlmeS9pbWc_ZXhjaD1hcG4mc19leGNoPWFwbiZpZD01YVc5NXEyakx6SXpMeUF2V2tSa2ExcEVRWGxQVkZWMFRVUkJkMDFETUhkTlJFRjNURlJCZDAxRVFYUk5SRUYzVFVSQmQwMUVRWGROUkVGM0x6UXdOVGM0TVRRNE1EQTNNekl4TVRRMU9UWXZNVEV4TkRjMk1UTXZNVEkyTnpNM01qQXZNVE12WWtGVmIyaFpUVTFZYW0xNWVHMDVhWGRVYXpKT2IwRm9OVWd6VDAxVmF6aFhTMFpGUW1keVIzWkhVUzh4THpFekx6QXZNQzh5TURJMU1Ea3pMekUwTVRBMU56WXlPVE12TWpFMU5UUXpMekV5TlRFek5qWXZNUzh3THpBdlRVUkJkMDFFUVhkTlJFRjBUVVJCZDCu9AAQQXZNQzgFTPBGTUM4ME1EVTNPREUwT0RBd056TXlNVEUwTlRrMkwyRnRjeTh3THpNM056RXZPQzg1T1Rrdk1qVTRMemcwTGpFNUxqRTNOUzQBTER1TURBd0x6RTJOekF5TVRZM00BLAEIPERJeU9UTXhPUzh4TXk4NE0BOPBYdy83d0VPUWRzZXFYTzdpYl9mcHN2YlloOFZXZVkmbm9kZWlkPTQwMTQmZ3JvdXA9Y2RnJmF1Y3Rpb25pZD00MDU3ODE0ODAwNzMyMTE0NTk2JnBic19hdWNqIgAcc2hhcmRrZXlWPwDwhnJpY2U9JHtBVUNUSU9OX1BSSUNFfSZicD1hX2JmY2pkZCZuZnlfYWN0PUxENXdmM1UmYmZpcD0xODUuMjkuMTM1LjE1OSZzaWQ9MTI2NzM3MjAmY2lkPTExMTQ3NjEzJnNyYz1hcGkmdHlwZT1udXJsJmNsaWVudD1zMnMSEzQwNTc4MTQ4MBnS8LwaEzcwODg0MjA2NjkwMjg0MTgyODYiCTQwMjMwMDM0MyoGMTAxOTM2OggxMTE0NzYxM8ADrALIAwDYA_v-A-ADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA04NC4xOS4xNzUuMTY1qAQAsgQQCAAQARisAiD6ASgAMAA4ArgEAMAEAMgEANoEAggB4AQB8AS3u-q_AYgFAZgFAKAFrc3QtZGXx892wAUAyQUAAAAAAADwP9IFCQkJDHgAANgFAeAFAfAFo4AD-gUECAAQAJAGAJgGALgGAMEGCSUs8D_QBvmrAdoGFgoQCRIZAYgQABgA4AYB8gYCCACABwGIBwCgBwGqBwcxMjUxMzY2ugcPCAUkACABrzC_BkAAyAft0ATSBw0JEUQBQgjaBwYBenAYAOAHAOoHAggA8Ae39QGKCAIQAJUIAACAP5gIAQ..&s=a757cbbc412af03030a515f6233c5e16b1e939b9&type=pv&jm=1003|1030&px=910&py=813&bw=336&bh=280&sf=1&sid=5796007121301419191&vd=ct~0|rr~5&sv=231&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=13795831&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/231/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 05 Dec 2022 05:05:22 GMT
AN-X-Request-Uuid: 3061e758-4ea2-41b0-9d2a-848bc46985c6
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.wheresgeorge.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 84.19.175.165; 84.19.175.165; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK viewability Show response
hal900022.redintelligence.net/ Frame 6B03 0
150 B 78ms
26ms Script
text/html 144.76.104.53
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900022.redintelligence.net/viewability?s=15341600011509506352835012164022&a=470fef9d&vb=v
Requested by: Host: hal900022.redintelligence.net
URL: https://hal900022.redintelligence.net/request_content.php?s=15341600011509506352835012164022&a=00f93e7a
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.104.53 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.53.104.76.144.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900022.redintelligence.net/request_content.php?s=15341600011509506352835012164022&a=00f93e7a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Mon, 05 Dec 2022 05:05:22 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200 9.gif
id5-sync.com/s/441/ 43 B
1 KB 70ms
24ms Image
image/gif 162.19.138.116
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/s/441/9.gif?puid=&gdpr=1&gdpr_consent=

Requested by

Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.116 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533567.ip-162-19-138.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Mon, 05 Dec 2022 05:05:22 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding: chunked
p3p: CP="CAO PSA OUR"

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/
Redirect Chain

https://dsum.casalemedia.com/pbusermatch?origin=prebid&site_id=360263&p=1&i=0&gdpr=0&gdpr_consent=&us_privacy=
https://dsum.casalemedia.com/pbusermatch?origin=prebid&site_id=360263&p=1&i=0&gdpr=0&gdpr_consent=&us_privacy=&C=1
https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=0
https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=0
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=x8c2HxiA1P23Fp5&gdpr=0

43 B
766 B

97ms
23ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=x8c2HxiA1P23Fp5&gdpr=0
Requested by: Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 05 Dec 2022 05:05:23 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Mon, 05 Dec 2022 05:05:22 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/595ea14#595ea1444a96c0bdac4aa333a73d7028cf966fc7 i-01cc22a724fa3318b@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=x8c2HxiA1P23Fp5&gdpr=0
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pd
u.openx.net/w/1.0/ 43 B
131 B 35ms
28ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u.openx.net/w/1.0/pd
Requested by: Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Dec 2022 05:05:22 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

204

ImgSync
image8.pubmatic.com/AdServer/
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=159745
https://image8.pubmatic.com/AdServer/ImgSync?p=159745&rdf=1
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NUZBMzBGMDQtQTI5OC00MkQzLThDNzgtQUVCNzQ0NEY5RUY3&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=

0
219 B

31ms
31ms

Image
text/plain

185.64.190.79
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by: Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/
Protocol: H2
Server: 185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 05:05:23 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
date: Mon, 05 Dec 2022 05:05:22 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

POST
H2 200 /
track.adform.net/serving/unload/ Frame 6B03 35 B
478 B 32ms
32ms Ping
image/gif 37.157.6.245
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=574267251761391586@@59873728,4713538126492544351,100|1100|0|0|0|0|0|0|0||54|1|||||1|0|0|Tsb8sI4WBbFcPlakbYq96bPzWUC4ztqrgFU79UYEVki1-HFHczEi2fL_QlhaeLlf0|||11||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.245 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://hal900022.redintelligence.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 05 Dec 2022 05:05:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://hal900022.redintelligence.net
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 numbers11.png
www.wheresgeorge.com/includes/odometer/ 1 KB
2 KB 141ms
140ms Image
image/png 2606:4700:20::681a:735
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.wheresgeorge.com/includes/odometer/numbers11.png
Requested by: Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:735 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b925fd0ba0388372309bb41e931b81d430d8331b28f0eaf756af46c8f9d00b6d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 05:05:23 GMT
cf-cache-status: MISS
last-modified: Sun, 04 Aug 2013 00:21:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5e8-4e3142d7f2140"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I1VfTW7okpNSaJMc2cTjmcbeWpGUn1g16tHja7dzE9acPpFqinCq4XyKA8PsLRjbfrdM7dwBjbIWPRO5t2HooyH8prFDflb%2FmiqrnpiuWLV%2Fp6OBCOXOYCwzEHRzEqJcsDy7FKiMGy6TCo1W7M0nWHae"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 774a3f1a7dc45bf9-FRA
content-length: 1512

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 68ms
68ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022112901&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022112901.js?cb=31071079

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fa314355a2f477e5f013be57e5403ce7698002095db02bba2f17a8db37c46f4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 05:05:23 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11003
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 1028ms
1028ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi-ip.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 05:05:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 05 Dec 2022 05:05:24 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame BDEF 13 KB
5 KB 22ms
20ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi-ip.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.wheresgeorge.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 21696
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 04 Dec 2022 23:03:49 GMT
expires: Mon, 04 Dec 2023 23:03:49 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 390C 783 B
534 B 74ms
30ms Document
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e7b7e590-0513-4e80-a8f2-700f77b5cc9b/grumi-ip.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c2007a7d8759aa71c81c01c30d653bfb4a30af57fd072ddc0480c2f2587c32b8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-OMupLZ0dXolrvuzqcJYC3w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.wheresgeorge.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-OMupLZ0dXolrvuzqcJYC3w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 05:05:25 GMT
expires: Mon, 05 Dec 2022 05:05:25 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js Show response
pagead2.googlesyndication.com/bg/ Frame BDEF 36 KB
16 KB 62ms
20ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d72b55013b9749fe76255325fcf5230fe3314fcdf71f172dc5e24068444cdca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 20:04:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32456
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16085
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 04 Dec 2023 20:04:29 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 390C 0
0 56ms
55ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022112901&jk=4374792120269473&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame BDEF 0
10 B 20ms
20ms Image
text/plain 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?isabhg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 05:05:25 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 57ms
57ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022112901&jk=4374792120269473&bg=!kpGlkdXNAAbvMpMzzzI7ACkAdvg8WqHtjd2TuE8qCxR5cZXfXqb6y2Hj7MOEXHW9FikHCfnvFFpwNQIAAABgUgAAAAloAQcKACrgci3B12jImrISwnrKTOR9DptbHy2nh0iMsIjR25ZdA56YwyiYGrtGEZKZAqflyzlplRLulQhSK_46hFfUSuxsnCar7KbMGH8SGtAs4VACKqk1YBcC9Gq8o1J0EvnLR0wrh2q8Pxqdpn5pPkAm_bjNf55AVdk-DE5sCM_mPOJd33XQy_BdU9GLTq8MYELl2BRd6Y6GNi6y_Hkabj3Of7FTZ-sG2-V628J6855R1nxD98XNWsJ72f1sk4uc6jqJby_18Xa-E1gx1vfZG4jvA5mVo2nMIVrn5EwtYBkPJD2kVQWaOKbhdCer6U8V2DGDdZOppT-7Z1FTvzSJHBZF2j9rr2DYFd9ImpTB92Cc-P9q6-eN-BosnM_FDVLJ_5U6VOwBLbOoc9epGq0nch7LvIw8UpRFmr1GcOAiKsJySHVvJ-7A3g5GxMjRNQwGxixsS1OnoN1d89xn5LWvzRrNrXCTKp-sKMJw2-_s-z0Youykw6Lb7WoEDjESv-6hg02CcxobcE2ka8BAxReQtyWvpQvlX173blpMboI3_9MUE2SXu2pCVM6Jx4wplXC379H1bcq0sEbynb569sZeqTpxOBwsLu5GiOl2VCb2JlEQpvaaN1osB0i82sPcT0Ib1imVASG_uOqs2RZ_tGa4R_VuO2wyOjInPfkkEfnQhK-iUVY1vf3Wkorn9xzJquc32MO2WfCaAblug_DQiICvOcth9EjbEfCgmAEQTKin1qWnea767AIY-zxKI1ogp_aGWP0eiTVQEtJMds4Am_VzqVWZVgYoYGPz6pHa0LpE6AcEoLaDdVRX6Ro5Wef3Xt5IaFDYqYNhdyizyNfC-HBOrdV6hzZaUGbWB2yCymO032uYc4JMWEiWvkj5wepmsXyOvGvvjnhH4CLEDtsbCnGJaxiz-yw9i1fHSg-THXcIwjw5LJJ9Vfzi2HOTiL7kOn8JnYZzV1A8M5ms
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

POST
H2 200 /
track.adform.net/serving/unload/ Frame 6B03 35 B
478 B 37ms
36ms Ping
image/gif 37.157.6.245
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=574267251761391586@@59873728,4713538126492544351,100|4701|0|0|0|0|0|0|0||230|1|||||1|0|0|Tsb8sI4WBbFcPlakbYq96bPzWUC4ztqrgFU79UYEVki1-HFHczEi2fL_QlhaeLlf0|||01||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.245 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://hal900022.redintelligence.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 05 Dec 2022 05:05:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://hal900022.redintelligence.net
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

Verdicts & Comments Add Verdict or Comment

194 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

44 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.wheresgeorge.com/	1970-01-20 16:42:32	Name: mid Value: 296971056
www.wheresgeorge.com/	1970-01-20 16:42:32	Name: backgr Value: 3-med
.wheresgeorge.com/	1970-01-20 17:32:56	Name: _ga Value: GA1.2.1518866491.1670216719
.wheresgeorge.com/	1970-01-20 07:58:23	Name: _gid Value: GA1.2.471938720.1670216719
.wheresgeorge.com/	1970-01-20 07:56:56	Name: _gat Value: 1
.gumgum.com/	1970-01-20 16:42:32	Name: cs Value: true
.gumgum.com/	1970-01-20 08:40:08	Name: loc Value: SfolTs1ZIlNaKn7LXrOUibM3EUm48xFXahHkDgO5BQeg7PDvyMSjDLd3Byb0JWo1HWoDTOpKoTcVowIvm3oU31iUHAaEf6QbU_z98AF-Rlo
www.wheresgeorge.com/	1970-01-20 08:40:08	Name: _pbjs_userid_consent_data Value: 3524755945110770
.adnxs.com/	1970-01-20 10:06:32	Name: icu Value: ChgInIc_EAoYASABKAEwj_i1nAY4AUABSAEQj_i1nAYYAA..
.wheresgeorge.com/	1970-01-20 12:16:08	Name: _pubcid Value: a80fd1c8-79a1-40bc-86a7-42ffee7fb67c
.prebid.a-mo.net/	1970-01-20 16:42:32	Name: __amc Value: 2_1670216719_1670216719
.rubiconproject.com/	1970-01-20 16:42:32	Name: khaos Value: LBABWSTU-5-CBF9
.rubiconproject.com/	1970-01-20 16:42:32	Name: audit Value: 1\|hLZGFuTafB2iBt/EAdfFQ+bASkO6QPb7E03ikE5KqM188ybwyGOeeCArqAVJlfuym1roheLxcLMI7I3QoF66M8BQn6AvuCLFZ5HZC+EL1msbsm1clVNMrQ==
.adnxs.com/	1970-01-20 10:06:32	Name: uuid2 Value: 8398762445729128963
.wheresgeorge.com/	1970-01-20 17:18:32	Name: __gads Value: ID=84712f9b6ac2f398:T=1670216719:S=ALNI_MYgMQkHXwwwjCTvXDq4EpU47ap_vA
.wheresgeorge.com/	1970-01-20 17:18:32	Name: __gpi Value: UID=00000b8daf71508d:T=1670216719:RT=1670216719:S=ALNI_MZF-6DMmg92xhja0wd9Cogx6tyOcQ
.doubleclick.net/	1970-01-20 17:18:32	Name: IDE Value: AHWqTUkAK1PkB_wL9s5RTFcdV-H3Y1pjrzxh5cktFeVwKwgb1BDPUZvtTZQeWg3ytlE
.openx.net/	1970-01-20 16:42:32	Name: i Value: 5290bfc9-89d9-4dbd-bb91-028559b2010d\|1670216720
.criteo.com/	1970-01-20 17:18:32	Name: uid Value: 79c3d80b-b5bf-40f0-af79-47e41370bc8f
.wheresgeorge.com/	1970-01-20 07:56:56	Name: lotame_domain_check Value: wheresgeorge.com
.redintelligence.net/	1970-01-20 10:06:32	Name: 8lcfmzhxc8d6_uid Value: 40f99cdc259938d9
.doubleclick.net/	1970-01-20 07:57:00	Name: DSID Value: NO_DATA
.mathtag.com/	1970-01-20 16:42:32	Name: uuid Value: de0f638d-7c10-4001-8028-55ccb270f3e0
.wheresgeorge.com/	1970-01-20 17:18:32	Name: cto_bundle Value: T5x90l96ZlR3OHA3VEdiWmFHcUo4OG01Z29HQWFlaE9VcDVFcWJDdUNuYnNqRWxkNlFrRHZqZWFLOVBnbUVNQVprU05pNk1rTXQlMkJYSDZwajhWNnZZUERIdGxnZ2J2OWNCekVhSUoxU2NBQTV0cGRRbWVFWGRPbmdCSjJhOUs0TFdhQ2NWdHJ0SHM2TFpnM2tsNDFsb3hpdXdJWlljUzhyRlkwcHYlMkZMY2dmWlZyYVdZJTNE
.adform.net/	1970-01-20 08:41:35	Name: C Value: 1
.adform.net/	1970-01-20 09:23:20	Name: uid Value: 574267251761391586
.adform.net/	1970-01-20 08:07:01	Name: TPC Value: 1670216721498
.id5-sync.com/	1970-01-20 07:56:57	Name: cf Value:
.id5-sync.com/	1970-01-20 07:56:57	Name: cip Value:
.id5-sync.com/	1970-01-20 07:56:57	Name: cnac Value:
.id5-sync.com/	1970-01-20 07:56:57	Name: car Value:
.id5-sync.com/	1970-01-20 07:56:57	Name: gdpr Value:
.id5-sync.com/	1970-01-20 07:56:57	Name: callback Value:
.casalemedia.com/	1970-01-20 16:42:32	Name: CMID Value: Y418Eq0QH968roGb3crUTwAA
.casalemedia.com/	1970-01-20 10:06:32	Name: CMPS Value: 5139
.casalemedia.com/	1970-01-20 10:06:32	Name: CMPRO Value: 5139
.pubmatic.com/	1970-01-20 07:58:23	Name: KTPCACOOKIE Value: YES
.pubmatic.com/	1970-01-20 10:06:32	Name: SyncRTB3 Value: 1671408000%3A220
.pubmatic.com/	1970-01-20 10:06:32	Name: KADUSERCOOKIE Value: 5FA30F04-A298-42D3-8C78-AEB7444F9EF7
.w55c.net/	1970-01-20 17:27:11	Name: wfivefivec Value: x8c2HxiA1P23Fp5
.w55c.net/	1970-01-20 08:40:08	Name: matchcasale Value: 5
.casalemedia.com/	1970-01-20 10:06:32	Name: CMTS Value: 5237
.pubmatic.com/	1970-01-20 07:58:23	Name: pi Value: 159745:3
.pubmatic.com/	1970-01-20 10:06:32	Name: chkChromeAb67Sec Value: 2

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://api.rlcdn.com/api/identity?pid=2&rt=envelope Message: Failed to load resource: the server responded with a status of 451 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.pubmatic.com
adservice.google.com
adservice.google.de
api.rlcdn.com
as-sec.casalemedia.com
bcp.crwdcntrl.net
c2shb.ssp.yahoo.com
cad407624c34a43645c86495bbbac08f.safeframe.googlesyndication.com
cdn.adnxs.com
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
didna-d.openx.net
dsum-sec.casalemedia.com
dsum.casalemedia.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
esp.rtbhouse.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
fra1-ib.adnxs.com
g2.gumgum.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
gum.criteo.com
gw.geoedge.be
hal9000.redintelligence.net
hal900022.redintelligence.net
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id.sharedid.org
id5-sync.com
image2.pubmatic.com
image8.pubmatic.com
invstatic101.creativecdn.com
js-sec.indexww.com
match.adsrvr.org
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
pagead2.googlesyndication.com
pixel.mathtag.com
pm.w55c.net
prebid.a-mo.net
rumcdn.geoedge.be
s1.adform.net
securepubads.g.doubleclick.net
static.criteo.net
storage.googleapis.com
tags.crwdcntrl.net
tags.mathtag.com
tpc.googlesyndication.com
track.adform.net
u.openx.net
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.wheresgeorge.com
104.18.33.19
13.225.78.97
138.201.220.30
144.76.104.53
147.75.85.234
151.101.1.108
162.19.138.116
172.217.16.194
172.64.151.162
172.64.154.237
178.250.2.146
185.29.134.249
185.64.189.110
185.64.189.112
185.64.190.79
185.80.39.216
23.35.228.210
2600:9000:2057:4000:a:e047:752:5701
2600:9000:206f:6e00:4:b37b:9440:93a1
2602:803:c004:200::140
2606:4700:10::6816:3556
2606:4700:20::681a:735
2606:4700::6810:5614
2606:4700::6811:190e
2a00:1450:4001:801::2002
2a00:1450:4001:802::2002
2a00:1450:4001:806::2004
2a00:1450:4001:806::200e
2a00:1450:4001:80f::2001
2a00:1450:4001:812::2002
2a00:1450:4001:813::2002
2a00:1450:4001:827::200e
2a00:1450:4001:828::2002
2a00:1450:4001:828::200e
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::2003
2a00:1450:4001:830::200a
2a00:1450:4001:830::2010
2a02:2638:1::3
2a02:2638::1c
3.226.37.73
34.102.146.192
34.120.107.143
34.120.133.55
34.96.70.87
35.157.246.167
35.190.39.111
35.244.159.8
37.157.6.234
37.157.6.245
37.252.171.149
37.252.171.52
44.239.16.115
52.17.7.52
52.223.40.198
52.57.83.94
63.33.230.145
88.221.168.201
00c2e0963425bffa7d4567c0c7d3537712ae00a8ead0166d792ad0342eddf37f
03acc59c4ca1401a177badffdb56f37a01c11d0886167882f5ae86a1e4f992e2
0753d1dfcafcc83e4c50a5479f0b3bd1ace745fdd421400007abf57863f04d1c
0755ba0ffaeddb60b4944d7c2aac5a7bb0dd2462f213d74f0ea8ceb77f3a9827
07834c02633917b263202310d2dbe2e7e9e6853c740e4dd02de318f54249cb93
0b8b2da42e63cfbe1929809bf08001dbc90fb04da686e8f1895c96c2e3476586
0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988
0bd2a2b65fa258c88704613fbaa9261c2ace4b5d8fdaec5e6790efa4554e13ff
0e2d4953aeb14da289bbd4109a608446cbbc86f0570b84f42d82671be0b74c80
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
182a29bda1030bdb1fe420e42a727c521f1e8717fae220af3185662cd921b0ae
191ad33371b27fc1982dd92307fc8961c2f6d8367cbad961ddb47db9e6ebc170
1c008b3684df8cf75f020bd759aa1f63d80456b77daf1076745be29ecdb9303a
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1d3bcadfd8c6c942428d4da05a4f74d77c3ae116691a1b7134edfe6381a2530c
1d72b55013b9749fe76255325fcf5230fe3314fcdf71f172dc5e24068444cdca
1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d
220a875b5728c2b858543c3aed69320872b1a373ee32002dd909f87a164ad0a2
222cbd44beda0de2293c5eb373dcbe8ef2a81dd8c67b364224bc3ef2061d3354
22bcbd9adfea86a67d9e9fc06e7072cee8951a4b0c821763ece6e3ec6522183c
23bc1d893ce2d2f30b68e549aa3cb991c2a7b7dd87e3df67d9fbb6a8dd113bf8
27c167a66fe7195d6169a97715a3becf7e3d5892a12b2825f77959d1c21bfaa9
29c7dc1333487ffb5ff8332547585101be64e8323c334b6542092bf21e4f1fa0
2ab75783ac5d62ae726f80e5ff075d0ba60c7164d2cad88da874344f313e014f
2b6bdedf30dce0674375bdde60d211a32d50fd18df2402730def2b8f2de7988d
2e4a390826b31b5a03f7cde59f957ae74feccff10ff8f624434ecb8bc08127d9
302e69dd5cd67c33a01a5d0308c1ead25d5967bd0810b0c073f9fe18124de7bd
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31864a6b821f78de93e86ea73be38dab540b0e33055ddbae9953fb437afd609a
32880bd99af2551347a9144f3895b2b84c7d8360f191a47d86e8bd72f28d01eb
35193fdb15e22a3ab2995d0a060fab5fd76bba19b31e932fcf7ba19b17c89d1c
37bc930c63149650677d732eea9526432bd8494c55737f45c98e7f8ad7c1e7ff
38177117c62c1114f46a3e82622a9f69e7d135e083e6af492012edcbc401a0d8
3915686f69dca59f511b31e984d126a4271c8c728ecd42f28fa58a3f1c25e4b8
3f554402586b6d6141a35ff7838ecb350f34b95632f489dd26230c748293a24f
455c935dfab6637db96fd7d316a64f7b8c794b77f0cd9388bf673d3c123ca71e
462dac337b96d6f6c7df54018e24e0a0ce232e431683e5a9023662fd56d9e0ba
464ff87f2b7b35587e953c632ddfa78cdceaf1094f7e39553ee3e1d16c18d6c3
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4baa8e2e8f2696bc7edccd0972fe0082ad20b6d4866a437ed6f77029a2b9ecfa
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e601f0e86ce228bf0586b64f9d85ac4a239fa1ff71886f0a35475678773cdca
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56461ffccda775adce78f8b68d8ad28e5abddd893b7612ebd16344ccc6d66c95
5948c940e4cd9dad9b958313b8ab760bfb85c7a3dad4332c6fb5f9ebb6ce695b
5e36be95a997321cf95e79310394b551a93a1fefb55c7dca4669137c0946f2a5
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
5fd8663b96c0916efbc46a80a2608bbf1a12cb81726c2655b49434b40041ed09
61471a57fff4e671667e6317709aaff3b25a1726ca113be4b0725d69fb2443d9
61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885
618f37919d3b644e21c306e7acafe56b80a5dd377d53c68a470b4581c7cb4415
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63a729fdf38d4201cbc2d68200d44f3d61f4c00e9a63adaf1b24c257f3f119d0
64678b7d74416a013695e86ab209f7879a8b4d1a1f7bd69cba2e17c8c6868520
6523e7414f21570314f72a12571564551f4733b4e3081f80cb8215d5c9207506
66a8dfcc4572e000bf5b4351bae2a763b3357a65ed373ff27a7e7b38ec9486ae
66fb64e802e7a0d0612c3cd2c32e5ec66606b82a69e9f18e715b8f872d77b80f
6c1d9973ca5c62cf51fbb097b24568a2e8ac42584bcbbb3f3d40db6d5ac7a1bb
6d56f2dfcbcdfea9405b8b96738f3afe82a818c435c8c1cc849cdb7f2a950523
6f4ac75a039bc7788a123d163225b0d17d2dee5daf3760286029e3b3e704d08c
70751679ec1e2f27cd958b14c2b87f5b1b7fd4e7fbbce340bb3ca6f8dfd82d0e
73866ae9e08790385053a9665a2556fea9b6808f6a3efee407264aba843f7d58
77f7c57e52395b9adbb8b8d079c31fc6bc39532250563bca65fd47c6aa08763a
78c19f0f48c2039268244bea64d0c0d6b0e99739baf0706c043f4a7fa5b9a49f
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
7900b61c654b5c5c8e2592fcc4738e256046cc53883a016fbe696c591dac5d9d
7d4118d790fdf6eda9cab0a8a58ce044b6615120c70678ccfbbc0d4944fd465f
7e5b4dd28e58e76dbe83eb2b357fdad7e54b85a9def9bf953063d5970a91ee6a
7e73d4b74d14162b1d0b2d35585058d806f07513b84aa6cbb2d8e9fa51be9d74
7ec70108a49369dc3f73734dacf94050c28049d32fe708c968782483ae8cabda
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8621af61bcde2b5d8ed84e6ac8231f7d9ef1f8757218871dd00d40c494c5134c
8731b24cdd3437a8da8618f85194973a5b248ec42a27adaefe618e3257214cf3
893b574eb3439996f8bc59f7fee7e8a46e00b2dc65c5dc7d78f3d1c40be74be7
8ca25a308b5f72e06d62122a77970a9c57e01008476b36124806f493a63564aa
8d50c94e062cfbcd2b5b804e9bdb01755941dc851812cdbeea3c6dc928651f8c
8dbc30ebdcc338f5b8ae0bc13e925261fe9ce982df75b75b26100bd3840583ca
8e16ad2005bc4c19f8560189ef6e7b7475f2b3def2c60a57f9041fac5b4f94cf
90f7e583fbd484f79db863bd15a70eb5f8b111c517cf35b5cc11a261b1de0c0e
94a64debb73115b6e4bb5816aad62b1af7c6584b2139d9a2d9480dbf4220561c
95371e4df2914bb9fb7b9491518a8fe376ee0030df68456b7cef028f36ccf1d8
97aefe4a1c50e7bf4bd5eb810781749a1aa540fe755c4e1e45aa82414c0b5818
9ae50611d88637626e77fde36ee15395d26d7fad3c623c7bfd9a8cd80f4562a0
9b98385b1458b52b17cd1108e4913325690674965a81a891fe9015631afa5844
9c7bf6fd89eb097c1f7cf0a33ba3ff0b9edc9ef69a2e496fa332c688841a8841
9cc6470204dda1b6135b76c42ed59cefaed8dead87385d110742669f54d4b054
9d44418aef78b2e4586c639a6b4e57b4b9fc93a958bf2dd254b70553d51dd06d
9d8797772c0b623e02c4cc839018bd9ee86908f8ca509fdc808b30da99aa093d
9f0da298e31dd1a50b19d710bd787a8adce25afcaf4a89ba5fcf819c6662723e
9fe82976b037bfb21b0977871949ca3ecc4602f5b90c2b7c7b322068a2cc5341
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a2b35d9f73e68484712519c315b452b1331fcb1c5591505f3b556fbd8a3726e7
a46228d57faaf3cd1ec77fbed362c13944f30d9e92a4e1e5d3603c3902555df7
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a50fd2c2415334c1be42218fccd59b837de10ed8ba364199d2c0b0d4a4c65299
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a525c29375c645110e4d70c15004dced135dc3d5858b52d71b48db3eb3d4eb0d
a6014f6b98eaeb6078b9e1c953c61f33af95d5f4866d89a416d01b74a0dd6c27
a7e41f4d4044bf7b5221e7163b38f6469ff440793ec9bb102fc2324c08681cc7
a97afd769b3d774563606be9e943789398af5a1bf3583c2bc9a81f99832aa2b2
ab02ed602fa10893081cc4e418328fd90d96f61b4926794dd8d66d23d20011f8
ac14b8b7d830fb36bb9a9beee3b7b49035d8bdd1ecd669dafe7afe7c92c577b4
ad008715bb343c6fb646069bf2982c2387bd9ee1c5b590c622011e4c376efb88
aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b4b90d979ce29f6c1f57f22a36fd4708ab999f8a81e3d1e697e6e38d21f04c6c
b571fcad8128b028fa991009315020350ef5e296d826df2c6c8b6367a1e8fc27
b925fd0ba0388372309bb41e931b81d430d8331b28f0eaf756af46c8f9d00b6d
b99a21f33656b56daaf0aae9de335a93fbb93278ba50989b6359ac7a9d03ddbf
baf01bd369734955aaefb6eb05598835dd5d2cf21bb388f8ab5487158c33dddf
bc26ea59ffe8453b0c79725cbacbd5bf3607cf6710a00202d9a37348429ef579
bc96823ca6ac164d8a2d7ed0d6b94173a672553f21e930992d59f314ca9aac6c
bc9f634bcbde3783be6101e8fb38a18e93c1e737843bf9136fc857964eb32b98
bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a
bf4ceec5c14c3fea57c56dfda7a2bb19b8601e13833be724396f3da499250e2b
c015e58ee591856ba08287a73be4ec3fc50a8aa370149c35d131c59113731746
c2007a7d8759aa71c81c01c30d653bfb4a30af57fd072ddc0480c2f2587c32b8
c21fbfb3bdad2e2d677706125bda201d365c62c868f868d562bc1fa1c8b268d3
c22dc3d31dccd54ee6cc46af4d6b0970e7c684bb32c3812b8371b0e271905b2b
c60da4ef0fadafd9a9b53e9f90a78f41752a55c85acea3753b0e37edbb04c8ec
c6f35733b79b1d6797353f4aa427becf64a36417f0e1ebce4da187e3ea9341d9
c8dcbd9cae3fef99d529d3852df13afef98cb76bc015c80220a7b3837e281b86
cabea06371ff3f26ecf21fcac0c279ae3bd92f787624d3215bc6ba3121c4806c
cb291c9a0cbd2729c447eb55ff4b2dbeb53b5aaf162e56cc94a340793ca791f6
cb84776b7fb75c84182c1a3cd52f73d0f3baa9e107342770795d7a02087bd97d
cbf2228ab439f89b83feb79ea549213521a81212fde9ff67f9c73d002d586198
d1af9da57519fd2466a4e032395abcb89c6e405ac5de28ecdddcda93bf3ab768
d1b2788bdb29920e14f411f35f97d863621b0c41fad38c75bb5643ce61fa5ac6
d557de3f39744cf5f2dc1fd949f47e98362dfdb6bd43a8b691d5b61bfb63fd95
d7fae18de875f131f9962b002379d31c5b0f33a917be900337718f66877948b6
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
da4f3b2e0ca2bdad54c77c30fe4e209f95fc88cc5d67cfb42e66c9d0259ac144
dbf2e4d7a491afaa7aa1d29ae72d71c78b5470f1d610b3eab6f7b9c8d6444404
dce531eee4c5fdc685dbcdb1470072755405690fdfdd930a6e22e463f78d284e
dd41b646250576c87600d36db00f6543440e3a07c73c69d33dfd7f7dafec08cd
e0426dbe67dd4f52df684e50d0e6d33f68f73bd83ba416b7e26b1227a61585d3
e0da400202994ee8fe2b6573bd21dcb9260c054dfc6610fce978e67364096d88
e0e17b1b2c8c884ef95858b7cce3c572ebdf32d5da4ca26a366dece88bda76a8
e217c8132d5e8b9323f79dcd34b0bfc82cae4fdbd8f5652594fe561071bff883
e2517aa0efd78943129b6df452cdf788432f65f63b3a3e778bfab86d2a004244
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3ed2d3ba588437ab0954941c0edd797482ed06264b1ca9e6806ed6daeb07b43
e6deb8763f8da9983dc3f1ab5d4376b37292dbd4b7fbd988713ac334a5904069
e946729c3ac39cf16747acd92f74085f64f61e994ea43ddd3aab797895536700
e96232f35f33729c5eb9a01f7e30a12ce71129365f86cd91eb53deee8587f939
ea81b491786b422c503a0219c100bcad7aee184b24ddb5b4d6fd6e50e0c5714d
ea8dcf94a62e4ac82246b2224d85052c2308c4c8123dd8b2c4c154cebe9b47f8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f066a6392f3732829e95d97ac2a3dfb7dc7d35fc88d71a4ef62ff8f70399326c
f3cb1db2d0a51e283ae6fc0d9cf5aef88f250ce5166bd994435d8b7d068cde87
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5d5e22119cc37b026b03a2b1bda3badc59764774244a40b1f271faf5d02f016
f64f12e5474480f9b66cd6231874622c4e0fbc168d7d9708aae94183f01e6a1b
f88b2e6331b41010203b7a1bfd7976086caa2621f473a6bff6052521faf71c60
f8d71892deb8ef0496585f4d5a5199b23eebcd595b8acf7ddb92009b72e31596
f9c1e1da0c197ca101c6fd5ae899d10951dd43316c4ed6b3c9bd38877e79023a
fa314355a2f477e5f013be57e5403ce7698002095db02bba2f17a8db37c46f4d
fa4bc479d95df5777e910cd03c23e87083d84de38441a7b39bc6837c46155d16
fc53d593a05558fa05f4630a0fcd99e10388bb7fb4ed8e65aab11bbec4588e9c
fedf7a96d9f67f560198fa4e96d5f49a5b25c1dd23d406169a0b3b74ea3968b9
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

www.wheresgeorge.com Open in urlscan Pro 2606:4700:20::681a:735 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

207 Requests

95 %HTTPS

42 %IPv6

36 Domains

64 Subdomains

57 IPs

9 Countries

2731 kBTransfer

5786 kBSize

44 Cookies

18 Outgoing links

Page URL History

Redirected requests

207 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.wheresgeorge.com Open in urlscan Pro
2606:4700:20::681a:735 Public Scan

Screenshot
Live screenshot

Full Image

207
Requests

95 %
HTTPS

42 %
IPv6

36
Domains

64
Subdomains

57
IPs

9
Countries

2731 kB
Transfer

5786 kB
Size

44
Cookies

207 HTTP transactions
5 data transactions